Threat Management
Tools for identifying, assessing, and mitigating cyber threats across organizations.Explore 245 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
A container of PCAP captures mapped to the relevant attack tactic
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
A simple, self-contained modular host-based IOC scanner for incident responders.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
Automatically create yara rules based on images embedded in office documents.
Automatically create yara rules based on images embedded in office documents.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
CLI tool for ThreatCrowd.org with multiple query functions.
Open source web app for storing and searching Actor related data from users and public repositories.
Open source web app for storing and searching Actor related data from users and public repositories.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.