8,965 tools
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
Malware sandbox for executing malicious files in an isolated environment with advanced features.
Malware sandbox for executing malicious files in an isolated environment with advanced features.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.
A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.
A modular tool for collecting intelligence sources for files and outputting in CSV format.
A modular tool for collecting intelligence sources for files and outputting in CSV format.
Create checkpoint snapshots of the state of running pods for later off-line analysis.
Create checkpoint snapshots of the state of running pods for later off-line analysis.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
Python module for fast packet parsing with TCP/IP protocol definitions.
Python module for fast packet parsing with TCP/IP protocol definitions.
A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.
A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.
Binsequencer automatically generates YARA detection rules by analyzing collections of similar malware samples and identifying common x86 instruction sequences across the corpus.
Binsequencer automatically generates YARA detection rules by analyzing collections of similar malware samples and identifying common x86 instruction sequences across the corpus.
CyberOwl aggregates and summarizes daily security advisories from multiple CERT organizations and threat intelligence sources into consolidated reports.
CyberOwl aggregates and summarizes daily security advisories from multiple CERT organizations and threat intelligence sources into consolidated reports.
shellfirm will prompt challenges to verify risky shell commands, acting as a captcha for your terminal.
shellfirm will prompt challenges to verify risky shell commands, acting as a captcha for your terminal.
A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.
A declarative language for describing binary data structures that compiles into parsers for multiple programming languages.
Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.
Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.
A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.
A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.
Detects and handles potential malware in Microsoft Exchange 2019 messages with various techniques and third-party libraries.
Detects and handles potential malware in Microsoft Exchange 2019 messages with various techniques and third-party libraries.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
AutoTTP automates complex attack sequences and testing scenarios for regression tests and research using frameworks like Empire, Metasploit, and Cobalt Strike.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
A network-triggered emergency tool that overwrites LUKS encryption headers with random data to prevent forced decryption in high-risk situations.
A network-triggered emergency tool that overwrites LUKS encryption headers with random data to prevent forced decryption in high-risk situations.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.
ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.