8,922 tools
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
Monitor WMI consumers and processes for potential malicious activity
Monitor WMI consumers and processes for potential malicious activity
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.
A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.
A virtual machine with numerous security vulnerabilities for testing exploits with Metasploit.
A virtual machine with numerous security vulnerabilities for testing exploits with Metasploit.
A unified repository for different Metasploit Framework payloads.
A unified repository for different Metasploit Framework payloads.
An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.
An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.
Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.
Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.
A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.
A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.
Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.
Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.
A command-line utility and Python package for mounting and unmounting various disk image formats with support for different volume systems and filesystems.
A command-line utility and Python package for mounting and unmounting various disk image formats with support for different volume systems and filesystems.
A modern tool for Windows kernel exploration and observability with a focus on security.
A modern tool for Windows kernel exploration and observability with a focus on security.
A configurable data destruction toolkit that securely erases sensitive virtual data, temporary files, and swap memory using customizable overwrite methods.
A configurable data destruction toolkit that securely erases sensitive virtual data, temporary files, and swap memory using customizable overwrite methods.
A high-interaction honeypot solution for detecting and analyzing SMB-based attacks
A high-interaction honeypot solution for detecting and analyzing SMB-based attacks
A repository containing material for Android greybox fuzzing with AFL++ Frida mode
A repository containing material for Android greybox fuzzing with AFL++ Frida mode
Innovative tool for mobile security researchers to analyze targets with static and dynamic analysis capabilities and sharing functionalities.
Innovative tool for mobile security researchers to analyze targets with static and dynamic analysis capabilities and sharing functionalities.
A lightweight CTF platform inspired by motherfuckingwebsite.com that provides simple hosting capabilities for cybersecurity competitions with equal-point scoring and minimal setup requirements.
A lightweight CTF platform inspired by motherfuckingwebsite.com that provides simple hosting capabilities for cybersecurity competitions with equal-point scoring and minimal setup requirements.
Tools for working with Android .dex and Java .class files, including dex-reader/writer, d2j-dex2jar, and smali/baksmali.
Tools for working with Android .dex and Java .class files, including dex-reader/writer, d2j-dex2jar, and smali/baksmali.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.