8,815 tools
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
A script to assist in creating templates for VirtualBox to enhance VM detection evasion.
Automated and flexible approach for deploying Windows 10 with security standards set by the DoD.
Automated and flexible approach for deploying Windows 10 with security standards set by the DoD.
WALKOFF is an automation framework that provides drag-and-drop workflow creation capabilities for integrating security tools and automating repetitive tasks.
WALKOFF is an automation framework that provides drag-and-drop workflow creation capabilities for integrating security tools and automating repetitive tasks.
Project hosting scripts for implementing Pass the Hash mitigations with PtHTools module commands.
Project hosting scripts for implementing Pass the Hash mitigations with PtHTools module commands.
Passively maps and visually displays ICS/SCADA network topology for network security
Passively maps and visually displays ICS/SCADA network topology for network security
Microsoft BitLocker is a Windows-integrated full volume encryption solution that protects data on devices through disk-level encryption with enterprise deployment and management capabilities.
Microsoft BitLocker is a Windows-integrated full volume encryption solution that protects data on devices through disk-level encryption with enterprise deployment and management capabilities.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
A multithreaded YARA scanner for incident response or malware zoos.
A multithreaded YARA scanner for incident response or malware zoos.
A HackerOne-managed bug bounty program dedicated to identifying and fixing security vulnerabilities in the Node.js ecosystem.
A HackerOne-managed bug bounty program dedicated to identifying and fixing security vulnerabilities in the Node.js ecosystem.
A PHP-based command and control framework that maintains persistent web server access through polymorphic backdoors and HTTP header communication tunneling.
A PHP-based command and control framework that maintains persistent web server access through polymorphic backdoors and HTTP header communication tunneling.
A decentralized network panic button that triggers emergency system shutdowns across networked machines via UDP broadcasts and HTTP to prevent cold boot attacks.
A decentralized network panic button that triggers emergency system shutdowns across networked machines via UDP broadcasts and HTTP to prevent cold boot attacks.
NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.
NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
MockSSH is a testing tool that emulates operating systems behind SSH servers to enable automation testing without requiring access to real servers.
MockSSH is a testing tool that emulates operating systems behind SSH servers to enable automation testing without requiring access to real servers.
A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.
A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
A command-line tool that extracts manifest and configuration data from Docker registry images for security analysis and reconnaissance purposes.
A command-line tool that extracts manifest and configuration data from Docker registry images for security analysis and reconnaissance purposes.
FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.
FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.