Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Explore 1726 curated cybersecurity tools, with 15,216 visitors searching for solutions
FEATURED
RELATED TASKS
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
A guide to bypassing RFID card reader security mechanisms using specialized hardware
A guide to bypassing RFID card reader security mechanisms using specialized hardware
yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.
yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
View physical memory as files in a virtual file system for easy memory analysis and artifact access.
WALKOFF is an automation framework that provides drag-and-drop workflow creation capabilities for integrating security tools and automating repetitive tasks.
WALKOFF is an automation framework that provides drag-and-drop workflow creation capabilities for integrating security tools and automating repetitive tasks.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
Studying Android malware behaviors through Information Flow monitoring techniques.
Studying Android malware behaviors through Information Flow monitoring techniques.
Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.
Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.
PinCTF is a Python wrapper tool that uses Intel's Pin framework to instrument binaries and count instructions for reverse engineering analysis.
PinCTF is a Python wrapper tool that uses Intel's Pin framework to instrument binaries and count instructions for reverse engineering analysis.
A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.
A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.
A Burp Suite plugin that performs intelligent content discovery by analyzing current requests to identify directories, files, and variations based on the application's structure.
A Burp Suite plugin that performs intelligent content discovery by analyzing current requests to identify directories, files, and variations based on the application's structure.
DMG2IMG converts Apple compressed DMG archives to standard HFS+ image files supporting zlib, bzip2, and LZFSE compression formats.
DMG2IMG converts Apple compressed DMG archives to standard HFS+ image files supporting zlib, bzip2, and LZFSE compression formats.
Tool for parsing NTFS journal files, $Logfile, and $MFT.
Tool for parsing NTFS journal files, $Logfile, and $MFT.
Chaosreader is a tool for ripping files from network sniffing dumps and replaying various protocols and file transfers.
Chaosreader is a tool for ripping files from network sniffing dumps and replaying various protocols and file transfers.
Generate comprehensive reports about Windows systems with detailed system, security, networking, and USB information.
Generate comprehensive reports about Windows systems with detailed system, security, networking, and USB information.
Normalize, index, enrich, and visualize network capture data using Potiron.
Normalize, index, enrich, and visualize network capture data using Potiron.
Back-end component for red team operations with crucial design considerations.
Back-end component for red team operations with crucial design considerations.
msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.
msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.
Capa is a malware analysis tool that detects capabilities in executable files by analyzing PE, ELF, .NET modules, shellcode, and sandbox reports to identify potential malicious behaviors with ATT&CK framework mapping.
Capa is a malware analysis tool that detects capabilities in executable files by analyzing PE, ELF, .NET modules, shellcode, and sandbox reports to identify potential malicious behaviors with ATT&CK framework mapping.
A powerful and extensible framework for reconnaissance and attacking various networks and devices.
A powerful and extensible framework for reconnaissance and attacking various networks and devices.
Vulnerable web application for beginners in penetration testing.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
