8,965 tools
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.
A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.
GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.
A low-interaction SSH honeypot written in C that simulates SSH services to capture and log unauthorized access attempts.
A low-interaction SSH honeypot written in C that simulates SSH services to capture and log unauthorized access attempts.
Low interaction MySQL honeypot with various configuration options.
Low interaction MySQL honeypot with various configuration options.
GasPot is a honeypot simulation tool for Gas Station tanks in the oil and gas industry.
GasPot is a honeypot simulation tool for Gas Station tanks in the oil and gas industry.
TCPFLOW is a tool for capturing data transmitted over TCP connections.
TCPFLOW is a tool for capturing data transmitted over TCP connections.
A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.
A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.
A modular malware collection and processing framework with support for various threat intelligence feeds.
A modular malware collection and processing framework with support for various threat intelligence feeds.
Automates the process of preparing Android APK files for HTTPS inspection
Automates the process of preparing Android APK files for HTTPS inspection
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
Android security virtual machine with updated tools and frameworks for reverse engineering and malware analysis.
Android security virtual machine with updated tools and frameworks for reverse engineering and malware analysis.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
DroidRA is an instrumentation-based Android security analysis tool that improves the accuracy of reflective call analysis through composite constant propagation techniques.
DroidRA is an instrumentation-based Android security analysis tool that improves the accuracy of reflective call analysis through composite constant propagation techniques.
A command-line tool that analyzes SPF and DMARC records to identify domains vulnerable to email spoofing attacks.
A command-line tool that analyzes SPF and DMARC records to identify domains vulnerable to email spoofing attacks.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
Runtime mobile exploration toolkit powered by Frida for assessing mobile app security without jailbreak.
Runtime mobile exploration toolkit powered by Frida for assessing mobile app security without jailbreak.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.
An open-source policy-as-code platform that analyzes multi-cloud and SaaS environments using SQL and YAML policies with GPT integration for security, cost, and architecture assessments.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.