Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Explore 1419 curated cybersecurity tools, with 17,376+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
A modern tool for Windows kernel exploration and observability with a focus on security.
A modern tool for Windows kernel exploration and observability with a focus on security.
A C-based steganographic tool that hides files within WAV audio files using least significant bit encoding techniques.
A C-based steganographic tool that hides files within WAV audio files using least significant bit encoding techniques.
A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.
A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical areas such as artefact handling and analysis.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical areas such as artefact handling and analysis.
An article in Phrack Magazine discussing the creation of shellcode for StrongARM/Linux architecture.
An article in Phrack Magazine discussing the creation of shellcode for StrongARM/Linux architecture.
CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.
CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
A tool that scans for accessibility tools backdoors via RDP
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Export Kubernetes events for observability and alerting purposes with flexible routing options.
Export Kubernetes events for observability and alerting purposes with flexible routing options.
A framework for orchestrating forensic collection, processing, and data export.
A framework for orchestrating forensic collection, processing, and data export.
A signature-based, multi-threaded honeypot detection tool written in Golang that identifies honeypots through crafted requests and response analysis.
A signature-based, multi-threaded honeypot detection tool written in Golang that identifies honeypots through crafted requests and response analysis.
A Python module for orchestrating remote forensic data acquisition and analysis from Linux instances using Amazon SSM.
A Python module for orchestrating remote forensic data acquisition and analysis from Linux instances using Amazon SSM.
ConventionEngine is a Yara rule collection that analyzes PE files by examining PDB paths for suspicious keywords, terms, and anomalies that may indicate malicious software.
ConventionEngine is a Yara rule collection that analyzes PE files by examining PDB paths for suspicious keywords, terms, and anomalies that may indicate malicious software.
Embeddable Yara library for Java with support for loading rules and scanning data.
Embeddable Yara library for Java with support for loading rules and scanning data.
A modified version of GNU dd with added features like hashing and fast disk wiping.
A modified version of GNU dd with added features like hashing and fast disk wiping.
Skyhook is an HTTP-based file transfer tool that uses obfuscation techniques to evade detection by Intrusion Detection Systems.
Skyhook is an HTTP-based file transfer tool that uses obfuscation techniques to evade detection by Intrusion Detection Systems.
A cloud-focused attack simulation framework that provides granular, self-contained offensive techniques mapped to MITRE ATT&CK for red team exercises.
A cloud-focused attack simulation framework that provides granular, self-contained offensive techniques mapped to MITRE ATT&CK for red team exercises.
A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.
A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.
A subdomain enumeration tool for penetration testers and security researchers.
A subdomain enumeration tool for penetration testers and security researchers.
HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.
HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.
Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.
Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.
A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.
A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
