Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Explore 1726 curated cybersecurity tools, with 15,161 visitors searching for solutions
FEATURED
RELATED TASKS
A tool for enumerating information via SNMP protocol.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A low-interaction SSH honeypot written in C that simulates SSH services to capture and log unauthorized access attempts.
A low-interaction SSH honeypot written in C that simulates SSH services to capture and log unauthorized access attempts.
Hide data in images while maintaining perceptual similarity and extract it from printed and photographed images.
Hide data in images while maintaining perceptual similarity and extract it from printed and photographed images.
A LinkedIn reconnaissance tool for gathering information about companies and individuals on the platform.
A LinkedIn reconnaissance tool for gathering information about companies and individuals on the platform.
A framework for executing cloud attacker tactics, techniques, and procedures (TTPs) that can generate APIs, Sigma detection rules, and documentation from YAML-based definitions.
A framework for executing cloud attacker tactics, techniques, and procedures (TTPs) that can generate APIs, Sigma detection rules, and documentation from YAML-based definitions.
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A featured networking utility for reading and writing data across network connections with advanced capabilities.
A featured networking utility for reading and writing data across network connections with advanced capabilities.
A repository of public applications for the Shuffle security orchestration platform that enables automated security workflows and integrations.
A repository of public applications for the Shuffle security orchestration platform that enables automated security workflows and integrations.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
nudge4j is a tool to control Java applications from the browser and experiment with live code.
nudge4j is a tool to control Java applications from the browser and experiment with live code.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
A library to access and manipulate RAW image files.
Hacker wargames site with forums and tutorials, fostering a learning community.
Hacker wargames site with forums and tutorials, fostering a learning community.
Management portal for LoKi scanner with centralized database for scanning activities.
Management portal for LoKi scanner with centralized database for scanning activities.
A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.
A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.
A javascript malware analysis tool with backend code execution.
A javascript malware analysis tool with backend code execution.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
A template-driven framework for creating custom evasion techniques to test Anti-Virus and EDR detection capabilities.
A template-driven framework for creating custom evasion techniques to test Anti-Virus and EDR detection capabilities.
A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.
A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
