8,965 tools
Syrup is a Go-based SSH honeypot that simulates SSH services with fake shells, session recording, and comprehensive logging to monitor and analyze unauthorized access attempts.
Syrup is a Go-based SSH honeypot that simulates SSH services with fake shells, session recording, and comprehensive logging to monitor and analyze unauthorized access attempts.
A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.
A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.
Repository containing MITRE ATT&CK and CAPEC threat intelligence datasets formatted in STIX 2.0 standard for cybersecurity analysis and threat intelligence sharing.
Repository containing MITRE ATT&CK and CAPEC threat intelligence datasets formatted in STIX 2.0 standard for cybersecurity analysis and threat intelligence sharing.
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.
A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
A honeypot tool that simulates an open relay to capture and analyze spam
A honeypot tool that simulates an open relay to capture and analyze spam
OneFuzz is a self-hosted Fuzzing-As-A-Service platform developed by Microsoft that enables continuous developer-driven security testing through automated fuzzing capabilities.
OneFuzz is a self-hosted Fuzzing-As-A-Service platform developed by Microsoft that enables continuous developer-driven security testing through automated fuzzing capabilities.
msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.
msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
A portable Rust-based tool for acquiring volatile memory from Linux systems without requiring prior knowledge of the target OS distribution or kernel.
A portable Rust-based tool for acquiring volatile memory from Linux systems without requiring prior knowledge of the target OS distribution or kernel.
A command-line tool that visually displays YARA rule matches, regex matches, and hex patterns in binary data with colored output and configurable context bytes.
A command-line tool that visually displays YARA rule matches, regex matches, and hex patterns in binary data with colored output and configurable context bytes.
A comprehensive collection of free online laboratories and platforms for practicing penetration testing, CTF challenges, and cybersecurity skills development.
A comprehensive collection of free online laboratories and platforms for practicing penetration testing, CTF challenges, and cybersecurity skills development.
An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.
An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.
A neo4j-based data management platform with command-line interface for analyzing cyber threat indicators and other data points through graph database traversal.
A neo4j-based data management platform with command-line interface for analyzing cyber threat indicators and other data points through graph database traversal.
A command-line tool for analyzing and extracting detailed information from Windows Portable Executable (PE) files.
A command-line tool for analyzing and extracting detailed information from Windows Portable Executable (PE) files.
A payload creation framework for generating and executing C# code payloads with anti-evasion capabilities for offensive security operations.
A payload creation framework for generating and executing C# code payloads with anti-evasion capabilities for offensive security operations.
Fake SSH server that sends push notifications for login attempts
Fake SSH server that sends push notifications for login attempts
HackTheArch is an open-source Ruby on Rails-based scoring server platform designed for hosting and managing Cyber Capture the Flag competitions with web-based problem management and hint systems.
HackTheArch is an open-source Ruby on Rails-based scoring server platform designed for hosting and managing Cyber Capture the Flag competitions with web-based problem management and hint systems.
A digital forensics tool that extracts and analyzes Windows AppCompat and AmCache registry data for enterprise-scale forensic investigations.
A digital forensics tool that extracts and analyzes Windows AppCompat and AmCache registry data for enterprise-scale forensic investigations.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.