Security Operations
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
Browse 2,537 security operations tools
FEATURED
RELATED TASKS
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.
A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.
An open-source Python software for creating honeypots and honeynets securely.
An open-source Python software for creating honeypots and honeynets securely.
Fast suspicious file finder for threat hunting and live forensics.
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
Tool for analyzing Windows Recycle Bin INFO2 file
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A wargaming network for penetration testers to practice their skills in a realistic environment.
A wargaming network for penetration testers to practice their skills in a realistic environment.
A post-exploitation tool for pentesting Active Directory
24/7 MDR service with threat detection, hunting, and guided remediation
24/7 MDR service with threat detection, hunting, and guided remediation
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
A web application honeypot sensor attracting malicious traffic from the Internet
A web application honeypot sensor attracting malicious traffic from the Internet
JD-GUI is a graphical Java decompiler that reconstructs and displays source code from compiled ".class" files for reverse engineering and code analysis purposes.
JD-GUI is a graphical Java decompiler that reconstructs and displays source code from compiled ".class" files for reverse engineering and code analysis purposes.
A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.
A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
A guide to brute forcing DVWA on the high security level with anti-CSRF tokens
A guide to brute forcing DVWA on the high security level with anti-CSRF tokens
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.
A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.
An observation camera honeypot for proof-of-concept purposes
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
A simple SSH honeypot written in Golang with a Persian-inspired name.
A tool for extracting files from network traffic based on file signatures with support for various file formats and scalable search algorithm.
A tool for extracting files from network traffic based on file signatures with support for various file formats and scalable search algorithm.
Security Operations Tools - FAQ
Common questions about Security Operations tools including selection guides, pricing, and comparisons.
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management.
