Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,537 security operations tools
FEATURED
RELATED TASKS
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
A proof-of-concept tool that generates Excel BIFF8 files with embedded 4.0 macros programmatically without requiring Microsoft Excel installation.
A proof-of-concept tool that generates Excel BIFF8 files with embedded 4.0 macros programmatically without requiring Microsoft Excel installation.
A Python tool for in-depth PDF analysis and modification.
A Python tool for in-depth PDF analysis and modification.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
Honeypot tool with bug-catching capabilities and support for multiple protocols.
Honeypot tool with bug-catching capabilities and support for multiple protocols.
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
A Mac OS X code injection library that enables copying code into target processes and remotely executing it through new thread creation.
A Mac OS X code injection library that enables copying code into target processes and remotely executing it through new thread creation.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
A shell script for basic forensic collection of various artefacts from UNIX systems.
A shell script for basic forensic collection of various artefacts from UNIX systems.
A live archive of DEF CON CTF challenges, vulnerable by design, for hackers to play safely.
A live archive of DEF CON CTF challenges, vulnerable by design, for hackers to play safely.
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.
GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.
CTFd is a web-based framework for creating and managing Capture The Flag cybersecurity competitions with customizable challenges, scoring systems, and team management capabilities.
CTFd is a web-based framework for creating and managing Capture The Flag cybersecurity competitions with customizable challenges, scoring systems, and team management capabilities.
A collection of Yara signatures for identifying malware and other threats
A collection of Yara signatures for identifying malware and other threats
Honeypot for analyzing data with customizable services and logging capabilities.
Honeypot for analyzing data with customizable services and logging capabilities.
A practical guide on NTLM relaying for Active Directory attacks.
A practical guide on NTLM relaying for Active Directory attacks.
Autopsy is a GUI-based digital forensics platform for analyzing hard drives and smart phones, with a plug-in architecture for custom modules.
Autopsy is a GUI-based digital forensics platform for analyzing hard drives and smart phones, with a plug-in architecture for custom modules.
TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.
TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.
Interactive incremental disassembler with data/control flow analysis capabilities.
Interactive incremental disassembler with data/control flow analysis capabilities.
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
