8,965 tools
JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.
JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.
A tool that generates Terraform files for creating Azure Policy Initiatives to implement cloud security guardrails and enforce organizational standards at scale.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
Hived is a honeypot tool for deceiving attackers and gathering information.
Hived is a honeypot tool for deceiving attackers and gathering information.
An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.
An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.
A honeypot that simulates an exposed networked printer using PJL protocol to capture and log attacker interactions through a virtual filesystem.
A honeypot that simulates an exposed networked printer using PJL protocol to capture and log attacker interactions through a virtual filesystem.
XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.
XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.
A Vim syntax-highlighting plugin for YARA rules that supports versions up to v4.3 and provides enhanced code readability for malware analysts.
A Vim syntax-highlighting plugin for YARA rules that supports versions up to v4.3 and provides enhanced code readability for malware analysts.
A library for integrating communication channels with the Cobalt Strike External C2 server.
A library for integrating communication channels with the Cobalt Strike External C2 server.
A command-line tool that secures shell command history by clearing sensitive commands, displaying command summaries, and providing stash functionality for presentations across multiple shell environments.
A command-line tool that secures shell command history by clearing sensitive commands, displaying command summaries, and providing stash functionality for presentations across multiple shell environments.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.
Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.
A low-interaction honeypot that uses Dionaea as its core, providing a simple and easy-to-use interface for setting up and managing honeypots.
A low-interaction honeypot that uses Dionaea as its core, providing a simple and easy-to-use interface for setting up and managing honeypots.
A tool to run YARA rules against node_module folders to identify suspicious scripts
A tool to run YARA rules against node_module folders to identify suspicious scripts
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
A free, open source collection of tools for forensic artifact and image analysis.
A free, open source collection of tools for forensic artifact and image analysis.
Romana automates cloud-native network isolation and distributed firewall policies for Kubernetes and OpenStack environments using topology-aware IPAM without overlays.
Romana automates cloud-native network isolation and distributed firewall policies for Kubernetes and OpenStack environments using topology-aware IPAM without overlays.