8,812 tools
IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.
IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.
HpfeedsHoneyGraph is a visualization application that creates graphical representations of hpfeeds logs to aid cybersecurity analysis of honeypot data.
HpfeedsHoneyGraph is a visualization application that creates graphical representations of hpfeeds logs to aid cybersecurity analysis of honeypot data.
Reverts sha1 integrity back to sha512 in lock files for enhanced security.
Reverts sha1 integrity back to sha512 in lock files for enhanced security.
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
Syntax, indent, and filetype detection for YARA rule files with auto-indenting and error display in quickfix window.
Syntax, indent, and filetype detection for YARA rule files with auto-indenting and error display in quickfix window.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.
PyIOCe is a Python-based OpenIOC editor that enables security professionals to create, edit, and manage Indicators of Compromise for threat intelligence and incident response operations.
PyIOCe is a Python-based OpenIOC editor that enables security professionals to create, edit, and manage Indicators of Compromise for threat intelligence and incident response operations.
A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.
A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.
cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.
A collection of Return-Oriented Programming (ROP) challenges designed for practicing binary exploitation techniques and developing offensive security skills.
A collection of Return-Oriented Programming (ROP) challenges designed for practicing binary exploitation techniques and developing offensive security skills.
A collection of Yara signatures for identifying malware and other threats
A collection of Yara signatures for identifying malware and other threats
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
A multi-threaded intrusion detection system using Yara for network and stream IDS
A multi-threaded intrusion detection system using Yara for network and stream IDS
WordPress security scanner for identifying vulnerabilities in WordPress websites.
WordPress security scanner for identifying vulnerabilities in WordPress websites.
steg86 is a steganographic tool that hides information within x86 and AMD64 binary executables without affecting their performance or file size.
steg86 is a steganographic tool that hides information within x86 and AMD64 binary executables without affecting their performance or file size.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
A pure Python parser for Windows Event Log (.evtx) files that enables cross-platform forensic analysis of Windows system events.
A pure Python parser for Windows Event Log (.evtx) files that enables cross-platform forensic analysis of Windows system events.
An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.
An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.