Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,536 security operations tools
FEATURED
RELATED TASKS
GasPot is a honeypot simulation tool for Gas Station tanks in the oil and gas industry.
GasPot is a honeypot simulation tool for Gas Station tanks in the oil and gas industry.
A set of Go-based emulators for testing network security and analyzing network traffic.
A set of Go-based emulators for testing network security and analyzing network traffic.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A GNU Emacs editor mode that provides syntax highlighting, indentation, and language server integration for editing YARA rule files.
A GNU Emacs editor mode that provides syntax highlighting, indentation, and language server integration for editing YARA rule files.
PowerForensics is a PowerShell digital forensics framework for hard drive forensic analysis.
PowerForensics is a PowerShell digital forensics framework for hard drive forensic analysis.
An HTTP proxy, monitor, and reverse proxy tool for viewing HTTP and SSL/HTTPS traffic.
An HTTP proxy, monitor, and reverse proxy tool for viewing HTTP and SSL/HTTPS traffic.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
A simple framework for extracting actionable data from Android malware
A simple framework for extracting actionable data from Android malware
Galah is an LLM-powered web honeypot that mimics various web applications by dynamically responding to HTTP requests.
Galah is an LLM-powered web honeypot that mimics various web applications by dynamically responding to HTTP requests.
A decentralized network panic button that triggers emergency system shutdowns across networked machines via UDP broadcasts and HTTP to prevent cold boot attacks.
A decentralized network panic button that triggers emergency system shutdowns across networked machines via UDP broadcasts and HTTP to prevent cold boot attacks.
A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.
A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.
YARA syntax highlighting for Gtk-based text editors
YARA syntax highlighting for Gtk-based text editors
Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.
Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
CloudFox is an open source command line tool that helps penetration testers and offensive security professionals identify exploitable attack paths and gain situational awareness in cloud infrastructure environments.
CloudFox is an open source command line tool that helps penetration testers and offensive security professionals identify exploitable attack paths and gain situational awareness in cloud infrastructure environments.
A JavaScript steganography module that hides encrypted secrets within text using invisible Unicode characters for covert communication across web platforms.
A JavaScript steganography module that hides encrypted secrets within text using invisible Unicode characters for covert communication across web platforms.
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
GNU/Linux Wireless distribution for security testing with XFCE desktop environment.
GNU/Linux Wireless distribution for security testing with XFCE desktop environment.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
A script to enumerate Google Storage buckets and determine access and privilege escalation
A script to enumerate Google Storage buckets and determine access and privilege escalation
A collection of YARA rules for public use, built from intelligence profiles and file work.
A collection of YARA rules for public use, built from intelligence profiles and file work.
A technique to encode data within DNS queries for covert communication channels.
A technique to encode data within DNS queries for covert communication channels.
A minimal library to generate YARA rules from JAVA with maven support.
A minimal library to generate YARA rules from JAVA with maven support.
A collection of security research tools from Google's Project Zero team for testing and analyzing iPhone messaging systems including SMS, iMessage, and IMAP protocols.
A collection of security research tools from Google's Project Zero team for testing and analyzing iPhone messaging systems including SMS, iMessage, and IMAP protocols.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
