8,965 tools
MITRE Caldera™ is an automated adversary emulation platform built on the MITRE ATT&CK framework that supports red team operations and incident response activities through a modular C2 server and plugin architecture.
MITRE Caldera™ is an automated adversary emulation platform built on the MITRE ATT&CK framework that supports red team operations and incident response activities through a modular C2 server and plugin architecture.
Set up IPsec VPN server in just a few minutes with IPsec/L2TP, Cisco IPsec, and IKEv2.
Set up IPsec VPN server in just a few minutes with IPsec/L2TP, Cisco IPsec, and IKEv2.
A collection of structured incident response playbook battle cards providing prescriptive guidance and countermeasures for cybersecurity incident response operations.
A collection of structured incident response playbook battle cards providing prescriptive guidance and countermeasures for cybersecurity incident response operations.
An open-source security tool that simulates network breaches by self-propagating across data centers to test organizational resilience against lateral movement attacks.
An open-source security tool that simulates network breaches by self-propagating across data centers to test organizational resilience against lateral movement attacks.
Fake protocol server simulator supporting 50+ network protocols for deception
Fake protocol server simulator supporting 50+ network protocols for deception
An open source platform for secure remote access management with granular access control
An open source platform for secure remote access management with granular access control
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.
A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.
A cross-platform network detection tool that identifies active Responder tools by sending LLMNR queries for fabricated hostnames.
A cross-platform network detection tool that identifies active Responder tools by sending LLMNR queries for fabricated hostnames.
OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.
OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.
A Python library for handling TAXII v1.x messages and services to enable automated threat intelligence sharing and indicator exchange.
A Python library for handling TAXII v1.x messages and services to enable automated threat intelligence sharing and indicator exchange.
OpenTAXII config enabling TAXII-based threat intel sharing with MISP.
OpenTAXII config enabling TAXII-based threat intel sharing with MISP.
A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.
A reverse engineering tool that extracts and organizes Samsung ODIN3 protocol messages from USB packet captures into human-readable files.
A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.
A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
Open-source C2 framework for red team ops and adversary simulation.
Open-source C2 framework for red team ops and adversary simulation.
GraphSpy is a browser-based post-exploitation tool for Azure Active Directory and Office 365 environments that enables token management, reconnaissance, and interaction with Microsoft 365 services.
GraphSpy is a browser-based post-exploitation tool for Azure Active Directory and Office 365 environments that enables token management, reconnaissance, and interaction with Microsoft 365 services.
Unified cybersecurity platform with XDR, EDR, PAM, email security, and compliance
Unified cybersecurity platform with XDR, EDR, PAM, email security, and compliance
Comprehensive cybersecurity platform for hybrid and multi-cloud environments
Comprehensive cybersecurity platform for hybrid and multi-cloud environments