CHIPSEC
CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X and UEFI shell. Instructions for installing and using CHIPSEC can be found in the manual. NOTE: This software is for security testing purposes. Use at your own risk. Read WARNING.txt before using. First version of CHIPSEC was released in March 2014: Announcement at CanSecWest 2014 Recent presentation on how to use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low level system assets and even detect firmware implants: Exploring Your System Deeper Release Convention CHIPSEC uses a major.minor.patch release version number Changes to the arguments or calling conventions will be held for a minor version update Projects That Include CHIPSEC ArchStrike BlackArch Linux Linux UEFI Validation (LUV) (Archived) Contact Us For any questions or suggestions please contact us at: chipsec@intel.com Discord: CHIPSEC
FEATURES
ALTERNATIVES
A tool for extracting static and dynamic features from Android APKs.
A set of tools for securing JavaScript projects against software supply chain attacks.
A spam prevention technique using hidden fields to detect and deter spam bots in Laravel applications.
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing, utilizing Message Query Language (MQL) for behavior description.
An open source framework for security assessments of iOS apps, now decommissioned in favor of Objection.
An Outlook add-in for reporting suspicious emails to security teams and tracking user behavior during awareness campaigns.
A tool for analyzing Android applications in local storage with various functionalities.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
PINNED
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.