8,965 tools
A collection of Python scripts that automate tasks and extend IDA Pro disassembler functionality for reverse engineering workflows.
A collection of Python scripts that automate tasks and extend IDA Pro disassembler functionality for reverse engineering workflows.
Open Source Intelligence solution for threat intelligence data enrichment and quick analysis of suspicious files or malware.
Open Source Intelligence solution for threat intelligence data enrichment and quick analysis of suspicious files or malware.
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing, utilizing Message Query Language (MQL) for behavior description.
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing, utilizing Message Query Language (MQL) for behavior description.
ConventionEngine is a Yara rule collection that analyzes PE files by examining PDB paths for suspicious keywords, terms, and anomalies that may indicate malicious software.
ConventionEngine is a Yara rule collection that analyzes PE files by examining PDB paths for suspicious keywords, terms, and anomalies that may indicate malicious software.
MemLabs provides CTF-styled memory forensics challenges designed to teach students and security researchers how to analyze memory dumps using tools like Volatility.
MemLabs provides CTF-styled memory forensics challenges designed to teach students and security researchers how to analyze memory dumps using tools like Volatility.
Android Loadable Kernel Modules for reversing and debugging on controlled systems/emulators.
Android Loadable Kernel Modules for reversing and debugging on controlled systems/emulators.
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
Machine learning project for intuitive threat analysis with a web interface.
Machine learning project for intuitive threat analysis with a web interface.
A yara module for searching strings inside zip files
A yara module for searching strings inside zip files
A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.
A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.
A program to extract IOCs from text files using regular expressions
A program to extract IOCs from text files using regular expressions
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
A CLI tool for securely generating keys, passwords, and providing credentials without files, primarily for building secure BOSH deployments using Vault and Spruce.
A CLI tool for securely generating keys, passwords, and providing credentials without files, primarily for building secure BOSH deployments using Vault and Spruce.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.
A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.
Passive SSL client fingerprinting tool using handshake analysis.
Passive SSL client fingerprinting tool using handshake analysis.
A tool for extracting IOCs from various input sources and converting them into JSON format.
A tool for extracting IOCs from various input sources and converting them into JSON format.
A tool for extracting common indicators of compromise from a block of text.
A tool for extracting common indicators of compromise from a block of text.
Container image definitions that create standardized testing environments for software applications with consistent dependencies and configurations.
Container image definitions that create standardized testing environments for software applications with consistent dependencies and configurations.
A framework for creating XNU based rootkits for OS X and iOS security research
A framework for creating XNU based rootkits for OS X and iOS security research
A simple, self-contained modular host-based IOC scanner for incident responders.
A simple, self-contained modular host-based IOC scanner for incident responders.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.