Security
Explore 131 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Monokee is an identity orchestration and access management platform that provides visual, low-code tools for designing authentication workflows, managing digital identities, and implementing secure access controls across multiple domains.
Monokee is an identity orchestration and access management platform that provides visual, low-code tools for designing authentication workflows, managing digital identities, and implementing secure access controls across multiple domains.
The Ping Identity Platform is an enterprise identity and access management solution that provides authentication, authorization, and identity governance capabilities with flexible deployment options for securing customer, workforce, and partner identities.
The Ping Identity Platform is an enterprise identity and access management solution that provides authentication, authorization, and identity governance capabilities with flexible deployment options for securing customer, workforce, and partner identities.
A decentralized identity verification solution that enables organizations to issue, manage, and verify digital credentials for user-owned identity scenarios.
A decentralized identity verification solution that enables organizations to issue, manage, and verify digital credentials for user-owned identity scenarios.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
The Cloudflare Learning Center provides educational resources covering various cybersecurity and internet-related topics, including DDoS attacks, CDNs, DNS, web application security, serverless computing, encryption protocols, bots, cloud computing, Zero Trust security, SASE, networking, data privacy, video streaming, email security, and AI.
The Cloudflare Learning Center provides educational resources covering various cybersecurity and internet-related topics, including DDoS attacks, CDNs, DNS, web application security, serverless computing, encryption protocols, bots, cloud computing, Zero Trust security, SASE, networking, data privacy, video streaming, email security, and AI.
LLM Guard is a security toolkit that enhances the safety and security of interactions with Large Language Models (LLMs) by providing features like sanitization, harmful language detection, data leakage prevention, and resistance against prompt injection attacks.
LLM Guard is a security toolkit that enhances the safety and security of interactions with Large Language Models (LLMs) by providing features like sanitization, harmful language detection, data leakage prevention, and resistance against prompt injection attacks.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
CalypsoAI is a platform that provides centralized security, observability, and control for deploying and scaling large language models and generative AI across an enterprise.
CalypsoAI is a platform that provides centralized security, observability, and control for deploying and scaling large language models and generative AI across an enterprise.
WhyLabs is a platform that provides security, monitoring, and observability capabilities for Large Language Models (LLMs) and AI applications, enabling teams to protect against malicious prompts, data leaks, misinformation, and other vulnerabilities.
WhyLabs is a platform that provides security, monitoring, and observability capabilities for Large Language Models (LLMs) and AI applications, enabling teams to protect against malicious prompts, data leaks, misinformation, and other vulnerabilities.
Kunai is a Linux-based system monitoring tool that provides real-time monitoring and threat hunting capabilities.
A powerful reverse engineering framework
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
A collection of Android security related resources
A modern tool for Windows kernel exploration and observability with a focus on security.
Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.
Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A comprehensive guide to hardening OpenLDAP on Linux using AppArmor and systemd, providing a defense in depth approach to securing LDAP deployments.
Comprehensive guide on best practices for PHP development.
Express middleware for detecting and redirecting Tor or Surface users.
Express middleware for detecting and redirecting Tor or Surface users.
Stronghold is the easiest way to securely configure your Mac.
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.
Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.
Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.
On-demand access to AWS and ISV compliance reports with time-saving benefits.
Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.
Guidelines for secure coding in Java SE to avoid bugs that could weaken security and open holes in Java's security features.
Automated and flexible approach for deploying Windows 10 with security standards set by the DoD.
Automated and flexible approach for deploying Windows 10 with security standards set by the DoD.
JSON.parse() drop-in replacement with prototype poisoning protection.
LinkLiar is a status menu app for spoofing MAC addresses to enhance privacy on MacBook.
LinkLiar is a status menu app for spoofing MAC addresses to enhance privacy on MacBook.
Avira Free Security is an all-in-one security, privacy, and performance app for Mac, providing real-time protection, password management, VPN, and more, all for free.
Avira Free Security is an all-in-one security, privacy, and performance app for Mac, providing real-time protection, password management, VPN, and more, all for free.
A low overhead rate limiter for your routes
A project exploring minimal set of restrictions for running untrusted code using Linux containers in a concise codebase.
A project exploring minimal set of restrictions for running untrusted code using Linux containers in a concise codebase.
A file search and query tool for ops and security experts.
Comprehensive guide for Iptables configuration and firewall rules.
Comprehensive guide for Iptables configuration and firewall rules.
Microsoft Azure service for safeguarding cryptographic keys and secrets.
Microsoft Azure service for safeguarding cryptographic keys and secrets.
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
An open source platform for secure remote access management with granular access control and fast speeds.
An open source platform for secure remote access management with granular access control and fast speeds.
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
Windows anti-forensics USB monitoring tool with the ability to shutdown the computer upon detecting the unplugging of a specified USB device.
Windows anti-forensics USB monitoring tool with the ability to shutdown the computer upon detecting the unplugging of a specified USB device.
SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.
SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
Prevents you from committing passwords and other sensitive information to a git repository.
Prevents you from committing passwords and other sensitive information to a git repository.
Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.
Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.
This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.
This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.
Automatically redirect users from www to non-www for a secure connection.
Automatically redirect users from www to non-www for a secure connection.
A serverless application that demonstrates common serverless security flaws and weaknesses
A serverless application that demonstrates common serverless security flaws and weaknesses
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
A comprehensive auditd configuration for Linux systems following best practices.
A comprehensive auditd configuration for Linux systems following best practices.
Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.
Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.
Automate AWS security checks and centralize security alerts.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
Tool for fingerprinting malware HTTP requests.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
A tool that reveals invisible links within JavaScript files
Security tips for setting up an Apache HTTP Server to prevent security issues.
Security tips for setting up an Apache HTTP Server to prevent security issues.
A comprehensive PowerShell cheat sheet covering various tasks and techniques for file management, process management, network operations, and system administration.
A comprehensive PowerShell cheat sheet covering various tasks and techniques for file management, process management, network operations, and system administration.
A public domain for use in illustrative examples in documents.
A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.
A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.
A customized Kali Linux distribution for ICS/SCADA pentesting professionals
A customized Kali Linux distribution for ICS/SCADA pentesting professionals
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
Interactive challenges demonstrating attacks on real-world cryptography.
Interactive challenges demonstrating attacks on real-world cryptography.
ARM TrustZone provides a secure execution environment for applications on ARM processors.
ARM TrustZone provides a secure execution environment for applications on ARM processors.
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.
Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.
A CSP plugin for hapi with per-route configuration options.
shellfirm will prompt challenges to verify risky shell commands, acting as a captcha for your terminal.
shellfirm will prompt challenges to verify risky shell commands, acting as a captcha for your terminal.
A next generation version of enum4linux with enhanced features for enumerating information from Windows and Samba systems.
A next generation version of enum4linux with enhanced features for enumerating information from Windows and Samba systems.
Enhances Windows OS security through system modifications and settings adjustments.
Enhances Windows OS security through system modifications and settings adjustments.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
BeyondTrust Privileged Access Management (PAM) provides comprehensive security controls for privileged accounts and users.
BeyondTrust Privileged Access Management (PAM) provides comprehensive security controls for privileged accounts and users.
DenyHosts is a script to block SSH server attacks by automatically preventing attackers after failed login attempts.
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
ESLint plugin to prevent Trojan Source attacks.
ESLint plugin to prevent Trojan Source attacks.
Google's Security Blog provides the latest news and insights on security and safety on the Internet.
Google's Security Blog provides the latest news and insights on security and safety on the Internet.
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
A microservice for string padding to prevent global issues like the left-pad incident.
A microservice for string padding to prevent global issues like the left-pad incident.
A security feature to prevent unexpected manipulation of fetched resources.
A security feature to prevent unexpected manipulation of fetched resources.
Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.
Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
A PHP 5.x polyfill for random_bytes() and random_int() created by Paragon Initiative Enterprises.
A PHP 5.x polyfill for random_bytes() and random_int() created by Paragon Initiative Enterprises.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
Accessing databases stored on a machine by the Chrome browser and dumping URLs found.
Accessing databases stored on a machine by the Chrome browser and dumping URLs found.
A library for generating random numbers and strings of various strengths, useful in security contexts.
A library for generating random numbers and strings of various strengths, useful in security contexts.
A guide outlining security considerations for using OpenLDAP Software, including selective listening and IP firewall capabilities.
A series of levels teaching about common mistakes and gotchas when using Amazon Web Services (AWS).
A series of levels teaching about common mistakes and gotchas when using Amazon Web Services (AWS).
Lint lockfiles for improved security and trust policies.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A brute-force protection middleware for express routes that rate-limits incoming requests.
Centrally Manage Cloud Firewall Rules with AWS Firewall Manager
Centrally Manage Cloud Firewall Rules with AWS Firewall Manager
A minimal, consistent API for building integrations with malware sandboxes
A minimal, consistent API for building integrations with malware sandboxes
A tool to prevent prototype poisoning in JSON parsing.
A setuid implementation of user namespaces that enables running unprivileged containers without root privileges as a secure alternative to traditional container runtimes.
A setuid implementation of user namespaces that enables running unprivileged containers without root privileges as a secure alternative to traditional container runtimes.
FunctionShield is a Serverless Security Library for Developers to enforce strict security controls on AWS Lambda & Google Cloud Functions runtimes.
FunctionShield is a Serverless Security Library for Developers to enforce strict security controls on AWS Lambda & Google Cloud Functions runtimes.
Amazon GuardDuty is a threat detection service for AWS accounts.
Amazon GuardDuty is a threat detection service for AWS accounts.
A comprehensive database of exploits and vulnerabilities for researchers and professionals
A comprehensive database of exploits and vulnerabilities for researchers and professionals
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
AWS Shield provides managed DDoS protection for your applications, automatically detecting and mitigating sophisticated network-level DDoS events.
A secret management service that stores encrypted secrets in DynamoDB for secure credential and sensitive data management.
A secret management service that stores encrypted secrets in DynamoDB for secure credential and sensitive data management.
A blog post discussing the differences between Solaris Zones, BSD Jails, VMs, and containers, with the author arguing that containers are not a real thing.
A blog post discussing the differences between Solaris Zones, BSD Jails, VMs, and containers, with the author arguing that containers are not a real thing.
Sniffglue is a network sniffer tool written in Rust with advanced filter sensitivity options and secure packet processing.
Sniffglue is a network sniffer tool written in Rust with advanced filter sensitivity options and secure packet processing.
A portable public domain password hashing framework for PHP applications.
A portable public domain password hashing framework for PHP applications.
A blog post discussing the often overlooked dangers of CSV injection in applications.
A blog post discussing the often overlooked dangers of CSV injection in applications.
A fully managed service that securely stores, rotates, and manages sensitive data such as database credentials and API keys.
A fully managed service that securely stores, rotates, and manages sensitive data such as database credentials and API keys.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
A community website for API security news, vulnerabilities, and best practices
A community website for API security news, vulnerabilities, and best practices
APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.
APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.
Guidance on securing NFS in Red Hat Enterprise Linux 7
Guidance on securing NFS in Red Hat Enterprise Linux 7
An evolving how-to guide for securing a Linux server with detailed steps and explanations.
OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.
OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.
Utilize the kernel's CSPRNG for generating crypto keys instead of userspace CSPRNGs to avoid randomness failures.
Utilize the kernel's CSPRNG for generating crypto keys instead of userspace CSPRNGs to avoid randomness failures.
