Infosec
Explore 57 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.
VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.
Monitor GitHub for sensitive data
A tool for enumerating subdomains of a given domain
A reconnaissance tool for GitHub organizations
InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.
InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.
The Web's Largest Community Tracking Online Fraud & Abuse
A weekly newsletter covering computer security news and tutorials
Collection of industry and community cybersecurity courses and materials by M. E. Kabay.
Collection of industry and community cybersecurity courses and materials by M. E. Kabay.
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.
Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.
WordPress plugin to reduce comment spam with a smarter honeypot.
WordPress plugin to reduce comment spam with a smarter honeypot.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
A comprehensive list of search filters for the SHODAN search engine.
A comprehensive list of search filters for the SHODAN search engine.
A tool for navigating and annotating ATT&CK matrices with the ability to define custom layers for specific views.
A tool for navigating and annotating ATT&CK matrices with the ability to define custom layers for specific views.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
A cybersecurity tool with online demo, mailing list, and multiple installation methods.
A cybersecurity tool with online demo, mailing list, and multiple installation methods.
Graham Cluley offers expert cybersecurity insights and commentary through various media including podcasts and speaking engagements.
Graham Cluley offers expert cybersecurity insights and commentary through various media including podcasts and speaking engagements.
A curated list of important security news, helping readers stay up-to-date with the latest developments in cybersecurity.
A curated list of important security news, helping readers stay up-to-date with the latest developments in cybersecurity.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
A leading online publication providing news, analysis, and insights on cybersecurity, IT leadership, and technology trends.
A leading online publication providing news, analysis, and insights on cybersecurity, IT leadership, and technology trends.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
An informational repo about hunting for adversaries in your IT environment.
An informational repo about hunting for adversaries in your IT environment.
A leading technology media brand providing news, analysis, and opinion on IT leadership and digital transformation.
A leading technology media brand providing news, analysis, and opinion on IT leadership and digital transformation.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
Social news aggregation and discussion platform for cybersecurity professionals.
Social news aggregation and discussion platform for cybersecurity professionals.
SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences.
SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences.
Facilitates distribution of Threat Intelligence artifacts to defensive systems.
Facilitates distribution of Threat Intelligence artifacts to defensive systems.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
A framework for creating and executing pynids-based decoders and detectors of APT tradecraft
A framework for creating and executing pynids-based decoders and detectors of APT tradecraft
Check if your email address has been involved in a data breach.
A community-driven project sharing detection logic, adversary tradecraft, and resources to make detection development more efficient, following MITRE ATT&CK structure.
A community-driven project sharing detection logic, adversary tradecraft, and resources to make detection development more efficient, following MITRE ATT&CK structure.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
Proof-of-concept implementation of TAXII services for developers and non-developers.
Naked Security by Sophos offers expert insights and practical advice on cybersecurity threats and protection strategies.
Naked Security by Sophos offers expert insights and practical advice on cybersecurity threats and protection strategies.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
A comprehensive guide to using Hashcat for password cracking
Schneier on Security provides expert analysis and commentary on a wide range of security issues.
Schneier on Security provides expert analysis and commentary on a wide range of security issues.
A public domain for use in illustrative examples in documents.
A sample security dataset and CTF platform for information security professionals, researchers, students, and enthusiasts.
A sample security dataset and CTF platform for information security professionals, researchers, students, and enthusiasts.
A video-sharing platform for creators to share their content and for users to discover new content, with a focus on cybersecurity.
Online Telegram bot for collecting information on individuals from various websites.
Online Telegram bot for collecting information on individuals from various websites.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
Google's Security Blog provides the latest news and insights on security and safety on the Internet.
Google's Security Blog provides the latest news and insights on security and safety on the Internet.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.
Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.
A leading cybersecurity podcast network offering in-depth discussions on current security trends and insights.
A leading cybersecurity podcast network offering in-depth discussions on current security trends and insights.
Learn how to integrate security into Agile development teams for high performance
Learn how to integrate security into Agile development teams for high performance
A condensed field guide for cyber security incident responders, covering incident response processes, attacker tactics, and practical techniques for handling incidents.
A condensed field guide for cyber security incident responders, covering incident response processes, attacker tactics, and practical techniques for handling incidents.
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks with extensive functionality for log data analysis, threat intelligence enrichment, and visualization.
msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks with extensive functionality for log data analysis, threat intelligence enrichment, and visualization.
