8,922 tools
A malware/botnet analysis framework with a focus on network analysis and process comparison.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
Tool for visualizing correspondences between YARA ruleset and samples
Tool for visualizing correspondences between YARA ruleset and samples
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
A secret management service that stores encrypted secrets in DynamoDB for secure credential and sensitive data management.
A secret management service that stores encrypted secrets in DynamoDB for secure credential and sensitive data management.
One stop shop for decompiling Android apps with a focus on regenerating R references.
One stop shop for decompiling Android apps with a focus on regenerating R references.
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.
A package for hiding data inside jpeg files using steganography techniques.
A package for hiding data inside jpeg files using steganography techniques.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
nudge4j is a tool to control Java applications from the browser and experiment with live code.
nudge4j is a tool to control Java applications from the browser and experiment with live code.
PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.
PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.
DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.
DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.
A Python-based engine for automatic creation of timelines in digital forensic analysis
A Python-based engine for automatic creation of timelines in digital forensic analysis
A framework for orchestrating forensic collection, processing, and data export.
A framework for orchestrating forensic collection, processing, and data export.
A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.
A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.
Laika BOSS is a scalable object scanner and intrusion detection system that extracts child objects, applies security flags, and generates metadata from files for security analysis.
Laika BOSS is a scalable object scanner and intrusion detection system that extracts child objects, applies security flags, and generates metadata from files for security analysis.
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
Lint lockfiles for improved security and trust policies.
Lint lockfiles for improved security and trust policies.
A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.
A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.
ESLint plugin to prevent Trojan Source attacks.
ESLint plugin to prevent Trojan Source attacks.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
A tool that scans for accessibility tools backdoors via RDP
A tool that scans for accessibility tools backdoors via RDP
LinuxKit is a toolkit for building custom minimal, immutable Linux distributions with secure defaults for running containerized applications like Docker and Kubernetes.
LinuxKit is a toolkit for building custom minimal, immutable Linux distributions with secure defaults for running containerized applications like Docker and Kubernetes.
QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.
QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.