8,813 tools
Export Kubernetes events for observability and alerting purposes with flexible routing options.
Export Kubernetes events for observability and alerting purposes with flexible routing options.
Forager is a threat intelligence tool that simplifies the retrieval, storage, and maintenance of threat data with a user-friendly interface and support for various data sources.
Forager is a threat intelligence tool that simplifies the retrieval, storage, and maintenance of threat data with a user-friendly interface and support for various data sources.
XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.
XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.
Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.
Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.
A shell script for basic forensic collection of various artefacts from UNIX systems.
A shell script for basic forensic collection of various artefacts from UNIX systems.
BlueTeam.Lab provides Terraform and Ansible scripts to deploy an orchestrated detection laboratory for testing attacks and forensic artifacts in a SOC-like Windows environment.
BlueTeam.Lab provides Terraform and Ansible scripts to deploy an orchestrated detection laboratory for testing attacks and forensic artifacts in a SOC-like Windows environment.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.
HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
Django based web application for network traffic analysis with protocol handling capabilities.
Django based web application for network traffic analysis with protocol handling capabilities.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.
Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.
Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.
YARA plugin for Sublime Text with syntax highlighting and snippets.
YARA plugin for Sublime Text with syntax highlighting and snippets.
Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.
Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.
Discontinued project for file-less persistence, attacks, and anti-forensic capabilities on Windows 7 32-bit systems.
Discontinued project for file-less persistence, attacks, and anti-forensic capabilities on Windows 7 32-bit systems.
A DICOM server with a twist, blocking C-STORE attempts for protection but logging them.
A DICOM server with a twist, blocking C-STORE attempts for protection but logging them.
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
Automated and flexible approach for deploying Windows 10 with security standards set by the DoD.
Automated and flexible approach for deploying Windows 10 with security standards set by the DoD.