8,965 tools
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
A multi-threaded intrusion detection system using Yara for network and stream IDS
A multi-threaded intrusion detection system using Yara for network and stream IDS
WordPress security scanner for identifying vulnerabilities in WordPress websites.
WordPress security scanner for identifying vulnerabilities in WordPress websites.
steg86 is a steganographic tool that hides information within x86 and AMD64 binary executables without affecting their performance or file size.
steg86 is a steganographic tool that hides information within x86 and AMD64 binary executables without affecting their performance or file size.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
A pure Python parser for Windows Event Log (.evtx) files that enables cross-platform forensic analysis of Windows system events.
A pure Python parser for Windows Event Log (.evtx) files that enables cross-platform forensic analysis of Windows system events.
An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.
An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.
Recover event log entries from an image by heuristically looking for record structures.
Recover event log entries from an image by heuristically looking for record structures.
YARA syntax highlighting for Gtk-based text editors
YARA syntax highlighting for Gtk-based text editors
Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.
Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
A publicly available dataset of security incidents designed to support cybersecurity research and threat analysis.
A publicly available dataset of security incidents designed to support cybersecurity research and threat analysis.
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.
Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.
Bitscout is a Bash-based live OS constructor tool for building customizable forensic environments used in remote system triage, malware hunting, and digital forensics investigations.
Bitscout is a Bash-based live OS constructor tool for building customizable forensic environments used in remote system triage, malware hunting, and digital forensics investigations.
A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.
A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
Binary analysis and management framework for organizing malware and exploit samples.
Binary analysis and management framework for organizing malware and exploit samples.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.
pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.