Framework
Explore 25 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
Verity is a comprehensive compliance management tool that helps organizations manage their governance, risk, and compliance initiatives.
A specification/framework for extending default C2 communication channels in Cobalt Strike
A Microsoft framework for secure and efficient sharing of cybersecurity information between trusted parties to reduce cybersecurity risks.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
A framework for managing cyber threat intelligence in structured formats.
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
A modern post-exploitation command and control framework with a client-server architecture and extensibility features.
A disassembly framework with support for multiple hardware architectures and clean API.
Open Source Threat Intelligence Collector with plugin-oriented framework.
A framework for creating and executing pynids-based decoders and detectors of APT tradecraft
A Python script for creating a cohesive and up-to-date penetration testing framework.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
A framework for creating cybersecurity event schemas with a schema browser for exploration.
An open source network penetration testing framework with automatic recon and scanning capabilities.
A modular malware collection and processing framework with support for various threat intelligence feeds.
An open-source penetration testing framework for social engineering with custom attack vectors.
Python-based web server framework for setting up fake web servers and services with precise data responses.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A collaborative, multi-platform, red teaming framework for simulating attacks and testing defenses.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
Repository of plugins for the Honeycomb honeypot framework
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.