8,318 tools
InsecureBankv2 is an intentionally vulnerable Android application with a Python back-end server designed for educational purposes in mobile security testing and Android vulnerability research.
InsecureBankv2 is an intentionally vulnerable Android application with a Python back-end server designed for educational purposes in mobile security testing and Android vulnerability research.
A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.
A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.
DFIRTrack is an open source web application focused on incident response for handling major incidents with many affected systems, tracking system status, tasks, and artifacts.
DFIRTrack is an open source web application focused on incident response for handling major incidents with many affected systems, tracking system status, tasks, and artifacts.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
A collection of Ansible roles for hardening various systems and services
A collection of Ansible roles for hardening various systems and services
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.
A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.
KeeFarce extracts cleartext password database information from KeePass 2.x processes in memory using DLL injection and .NET runtime manipulation.
KeeFarce extracts cleartext password database information from KeePass 2.x processes in memory using DLL injection and .NET runtime manipulation.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
Repository for detection content with various types of rules and payloads.
Repository for detection content with various types of rules and payloads.
A laser tripwire device that automatically hides windows, locks computers, or executes custom scripts when motion is detected within 120cm range.
A laser tripwire device that automatically hides windows, locks computers, or executes custom scripts when motion is detected within 120cm range.
A PHP library that provides secure data encryption capabilities using keys or passwords, designed to minimize implementation errors.
A PHP library that provides secure data encryption capabilities using keys or passwords, designed to minimize implementation errors.
ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.
ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
A runtime threat management and attack path enumeration tool for cloud-native environments
A runtime threat management and attack path enumeration tool for cloud-native environments
SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.
SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
Scan files with Yara, match findings to VirusTotal comments.
Scan files with Yara, match findings to VirusTotal comments.
Collection of YARA signatures from recent malware research.
Collection of YARA signatures from recent malware research.
Free multi-platform database tool with support for various databases and rich features.
Free multi-platform database tool with support for various databases and rich features.
OneGadget is a CTF-focused tool that uses symbolic execution to find RCE gadgets in binaries that can execute shell commands through execve('/bin/sh', NULL, NULL).
OneGadget is a CTF-focused tool that uses symbolic execution to find RCE gadgets in binaries that can execute shell commands through execve('/bin/sh', NULL, NULL).