8,922 tools
Python package for fanging and defanging indicators of compromise in text.
Python package for fanging and defanging indicators of compromise in text.
A tool that generates Yara rules from training data using logistic regression and random forest classifiers.
A tool that generates Yara rules from training data using logistic regression and random forest classifiers.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
A powerful tool for detecting and identifying malware using a rule-based system.
A powerful tool for detecting and identifying malware using a rule-based system.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.
A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.
PyIntelOwl is a Python SDK and CLI client for interacting with IntelOwl's threat intelligence API to submit files and observables for automated security analysis.
PyIntelOwl is a Python SDK and CLI client for interacting with IntelOwl's threat intelligence API to submit files and observables for automated security analysis.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
A discontinued disk imaging utility originally developed by Intel that used block map files for efficient disk image copying operations.
A discontinued disk imaging utility originally developed by Intel that used block map files for efficient disk image copying operations.
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
A honeypot system designed to detect and analyze potential security threats
A honeypot system designed to detect and analyze potential security threats
A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.
A comprehensive repository of open-source security tools organized by attack phases for red team operations, adversary simulation, and threat hunting purposes.
YARA extension for Visual Studio Code with code completion and snippets
YARA extension for Visual Studio Code with code completion and snippets
AzureGoat is a deliberately vulnerable Azure cloud infrastructure that incorporates OWASP Top 10 vulnerabilities and Azure service misconfigurations for security training and penetration testing practice.
AzureGoat is a deliberately vulnerable Azure cloud infrastructure that incorporates OWASP Top 10 vulnerabilities and Azure service misconfigurations for security training and penetration testing practice.
A collection of Yara rules licensed under the DRL 1.1 License.
A collection of Yara rules licensed under the DRL 1.1 License.
IDAPython plugin for generating Yara rules/patterns from x86/x86-64 code through parameterization.
IDAPython plugin for generating Yara rules/patterns from x86/x86-64 code through parameterization.
CuckooDroid extends Cuckoo Sandbox to provide automated dynamic analysis of Android applications in a controlled sandbox environment.
CuckooDroid extends Cuckoo Sandbox to provide automated dynamic analysis of Android applications in a controlled sandbox environment.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
Repository for IBM SOAR Apps source-code and development resources.
Repository for IBM SOAR Apps source-code and development resources.
Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.
Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
Introspy-Android is a dynamic analysis framework that hooks Android APIs at runtime to monitor application behavior and identify security vulnerabilities on rooted devices.
Introspy-Android is a dynamic analysis framework that hooks Android APIs at runtime to monitor application behavior and identify security vulnerabilities on rooted devices.