Security Research
Explore 90 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
LATEST ADDITIONS
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
A newsletter service that tracks and reports weekly changes in detection engineering rules and updates across multiple GitHub repositories.
A visual guide illustrating attack paths and techniques for exploiting vulnerabilities in GitHub Actions configurations.
A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.
A fast and simple recursive content discovery tool
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
Automate the exploitation of XXE vulnerabilities
A tool for enumerating subdomains of a given domain
Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A list of services and how to claim (sub)domains with dangling DNS records.
A Python library for automating time-based blind SQL injection attacks
Automatic tool for DNS rebinding-based SSRF attacks
A toolkit for testing, tweaking and cracking JSON Web Tokens
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
A tool for detecting and taking over subdomains with dead DNS records
A fast domain resolver and subdomain bruteforcing tool
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A front-end JavaScript toolkit for creating DNS rebinding attacks
A tool that recovers passwords from pixelized screenshots
A subdomain enumeration tool for bug hunting and pentesting
A Burp extension to detect alias traversal via NGINX misconfiguration at scale.
A tool to bypass Content Security Policy (CSP) restrictions
A security tool to identify interesting files in AWS S3 buckets
A command-line tool for parsing, creating, and manipulating JWT tokens
A collection of scripts for Turbo Intruder, a penetration testing tool
A DNS rebinding attack framework for security researchers and penetration testers.
A tool to discover new target domains using Content Security Policy
A subdomain enumeration tool for penetration testers and security researchers.
A tool that finds more information about a given URL or domain by querying multiple data sources.
A tool for mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A tool for enumerating and attacking GitHub Actions pipelines
A fuzzer for detecting open redirect vulnerabilities
The Web's Largest Community Tracking Online Fraud & Abuse
A simple, fast web crawler for discovering endpoints and assets in a web application
Collection of Return-Oriented Programming challenges for practicing exploitation skills.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A framework for exploiting Android-based devices and applications
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
A Burp plugin for identifying potential vulnerabilities in web applications
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
A powerful tool for detecting and identifying malware using a rule-based system.
A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques.
A tool for identifying and analyzing Java serialized objects in network traffic
A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.
A collection of YARA rules for public use, built from intelligence profiles and file work.
A free and open source C2 and proxy for penetration testers
The CVE Program catalogs publicly disclosed cybersecurity vulnerabilities.
A .Net wrapper library for the native Yara library with interoperability and portability features.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
Comprehensive reference guide for bug bounty hunters with detailed information on various vulnerabilities, platforms, tools, and best practices.
A curated list of known malicious NPM packages
A collection of public YARA signatures for various malware families.
FingerprintX is a standalone utility for service discovery on open ports.
A tool for spinning up insecure AWS infrastructure with Terraform for training and security assessment purposes.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
A scalable python framework for security research and development teams.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.
A tool that checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names.
A framework for creating XNU based rootkits for OS X and iOS security research
A comprehensive .NET post-exploitation library designed for advanced security testing.
Automatic tool for pentesting XSS attacks against different applications
A deliberately vulnerable modern day app with lots of DOM related bugs
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
Open source security auditing tool to search and dump system configuration.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
An open-source framework for testing and validating the security of AWS services and resources.
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.
A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.
An open-source Python software for creating honeypots and honeynets securely.
Industrial control system automation and testing tool for SCADA security testing.
An observation camera honeypot for proof-of-concept purposes
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
Personal website of Collin R. Mulliner with a focus on security research and mobile platforms.
Cortex is a tool for analyzing observables at scale and automating threat intelligence, digital forensics, and incident response.
Educational CTF-styled challenges for Memory Forensics.