8,922 tools
A command-line tool that analyzes SPF and DMARC records to identify domains vulnerable to email spoofing attacks.
A command-line tool that analyzes SPF and DMARC records to identify domains vulnerable to email spoofing attacks.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
Runtime mobile exploration toolkit powered by Frida for assessing mobile app security without jailbreak.
Runtime mobile exploration toolkit powered by Frida for assessing mobile app security without jailbreak.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.
An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
Chamber is a command-line tool for managing secrets by storing them in AWS SSM Parameter Store with path-based API support for improved performance.
Chamber is a command-line tool for managing secrets by storing them in AWS SSM Parameter Store with path-based API support for improved performance.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.
Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
A simpler version of a honeypot that looks for connections from external parties and performs a specific action, usually blacklisting.
A simpler version of a honeypot that looks for connections from external parties and performs a specific action, usually blacklisting.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
SigThief extracts digital signatures from signed PE files and appends them to other files to create invalid signatures for testing Anti-Virus detection mechanisms.
SigThief extracts digital signatures from signed PE files and appends them to other files to create invalid signatures for testing Anti-Virus detection mechanisms.
Andromeda makes reverse engineering of Android applications faster and easier.
Andromeda makes reverse engineering of Android applications faster and easier.
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
A proof-of-concept tool that demonstrates the Dirty COW kernel exploit (CVE-2016-5195) for privilege escalation within Docker containers, specifically targeting nginx images while providing mitigation guidance through AppArmor profiles.
A proof-of-concept tool that demonstrates the Dirty COW kernel exploit (CVE-2016-5195) for privilege escalation within Docker containers, specifically targeting nginx images while providing mitigation guidance through AppArmor profiles.
A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.
A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.
A simplified UI for showing honeypot alarms for the DTAG early warning system
A simplified UI for showing honeypot alarms for the DTAG early warning system
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
A container of PCAP captures mapped to the relevant attack tactic
A container of PCAP captures mapped to the relevant attack tactic