Tools for identifying, assessing, and mitigating cyber threats across organizations.Explore 245 curated tools and resources
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
In-depth analysis of real-world attacks and threat tactics
In-depth analysis of real-world attacks and threat tactics
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
Threat intelligence platform providing real-time threat data and insights.
Threat intelligence platform providing real-time threat data and insights.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.
A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.
A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.
A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
A repository of cybersecurity datasets and tools curated by @sooshie.
Check if an IP address was used as a Tor relay on a given date.
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.