8,813 tools
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
SigThief extracts digital signatures from signed PE files and appends them to other files to create invalid signatures for testing Anti-Virus detection mechanisms.
SigThief extracts digital signatures from signed PE files and appends them to other files to create invalid signatures for testing Anti-Virus detection mechanisms.
Andromeda makes reverse engineering of Android applications faster and easier.
Andromeda makes reverse engineering of Android applications faster and easier.
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
A proof-of-concept tool that demonstrates the Dirty COW kernel exploit (CVE-2016-5195) for privilege escalation within Docker containers, specifically targeting nginx images while providing mitigation guidance through AppArmor profiles.
A proof-of-concept tool that demonstrates the Dirty COW kernel exploit (CVE-2016-5195) for privilege escalation within Docker containers, specifically targeting nginx images while providing mitigation guidance through AppArmor profiles.
A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.
A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.
A simplified UI for showing honeypot alarms for the DTAG early warning system
A simplified UI for showing honeypot alarms for the DTAG early warning system
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
A container of PCAP captures mapped to the relevant attack tactic
A container of PCAP captures mapped to the relevant attack tactic
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Ropper is a multi-architecture binary analysis tool that searches for ROP gadgets and displays information about executable files for exploit development.
Ropper is a multi-architecture binary analysis tool that searches for ROP gadgets and displays information about executable files for exploit development.
A PowerShell module for threat hunting and security analysis through Windows Event Log processing and malicious activity detection.
A PowerShell module for threat hunting and security analysis through Windows Event Log processing and malicious activity detection.
SCOT is a cybersecurity incident tracking and management platform that enables security operations centers to document, analyze, and coordinate responses to security events through collaborative workflows.
SCOT is a cybersecurity incident tracking and management platform that enables security operations centers to document, analyze, and coordinate responses to security events through collaborative workflows.
MagSpoof is a hardware device that emulates magnetic stripe cards using electromagnetic fields for security research and educational purposes.
MagSpoof is a hardware device that emulates magnetic stripe cards using electromagnetic fields for security research and educational purposes.
Recoverjpeg is a tool for recovering JPEG images from damaged storage media.
Recoverjpeg is a tool for recovering JPEG images from damaged storage media.
A C-based steganographic tool that hides files within WAV audio files using least significant bit encoding techniques.
A C-based steganographic tool that hides files within WAV audio files using least significant bit encoding techniques.
JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.
JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.
A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
Hived is a honeypot tool for deceiving attackers and gathering information.
Hived is a honeypot tool for deceiving attackers and gathering information.
An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.
An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.