Search All Cybersecurity Tools

Hale is a modular botnet command and control monitoring tool that tracks C&C server communications across multiple protocols with web-based analysis interface and collaborative research capabilities.

Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.

Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.

PFQ v6.2 is a functional framework for Linux optimized for efficient packet capture/transmission and in-kernel processing.

Interactive incremental disassembler with data/control flow analysis capabilities.

A high-level C++ library for creating and decoding network packets with a Scapy-like interface.

DIVA Android is an intentionally vulnerable Android application designed to teach security professionals and developers about mobile application security flaws through hands-on learning.

nyx is a threat intelligence artifact distribution system that facilitates the sharing of threat intelligence indicators from various sources to defensive security systems with configurable criticality levels.

A Burp Suite plugin that performs intelligent content discovery by analyzing current requests to identify directories, files, and variations based on the application's structure.

A security checklist app for your Mac that helps you with basic security hygiene and prevents 80% of problems.

A set of PHP scripts for practicing LFI, RFI, and CMD injection vulnerabilities.

A PHP 5.x polyfill for random_bytes() and random_int() created by Paragon Initiative Enterprises.

Companion repository for deploying osquery in a production environment with tailored query packs.

A framework for improving detection strategies and alert efficacy.

A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.

A Go-based honeypot that mimics Intel's AMT management service to detect and log exploitation attempts targeting the CVE-2017-5689 firmware vulnerability.

Embeddable Yara library for Java with support for loading rules and scanning data.

OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.

Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.

OVAA is an intentionally vulnerable Android application that aggregates common platform security vulnerabilities for educational and security testing purposes.

Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.

CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.

InsecureShop is an intentionally vulnerable Android application built in Kotlin for educating developers and security professionals about mobile app vulnerabilities and penetration testing techniques.

A Terraform module that provides a compliance-focused AWS EKS setup with security hardening for PCI-DSS, SOC2, and HIPAA requirements.