8,813 tools
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
StringSifter is a machine learning tool that automatically ranks strings extracted from malware samples based on their relevance for analysis.
StringSifter is a machine learning tool that automatically ranks strings extracted from malware samples based on their relevance for analysis.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
Developing APIs to access memory on industrial control system devices.
Developing APIs to access memory on industrial control system devices.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
Capa is a malware analysis tool that detects capabilities in executable files by analyzing PE, ELF, .NET modules, shellcode, and sandbox reports to identify potential malicious behaviors with ATT&CK framework mapping.
Capa is a malware analysis tool that detects capabilities in executable files by analyzing PE, ELF, .NET modules, shellcode, and sandbox reports to identify potential malicious behaviors with ATT&CK framework mapping.
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
A lightweight library for device identification and fingerprinting, written in Kotlin and 100% crash-free.
A lightweight library for device identification and fingerprinting, written in Kotlin and 100% crash-free.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
A tool that checks if domains are present in Alexa or Cisco top one million domain lists for reputation assessment and threat analysis.
A tool that checks if domains are present in Alexa or Cisco top one million domain lists for reputation assessment and threat analysis.
A tool to profile web applications based on response time discrepancies.
A tool to profile web applications based on response time discrepancies.
Fernflower is an analytical decompiler for Java with command-line options and support for external classes.
Fernflower is an analytical decompiler for Java with command-line options and support for external classes.
A tool to prevent prototype poisoning in JSON parsing.
A tool to prevent prototype poisoning in JSON parsing.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
A Fastify plugin that provides utilities and middleware to protect web applications against Cross-Site Request Forgery (CSRF) attacks.
A Fastify plugin that provides utilities and middleware to protect web applications against Cross-Site Request Forgery (CSRF) attacks.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.
A testing tool that generates suspect actions to validate and test Falco runtime security monitoring rulesets.
A testing tool that generates suspect actions to validate and test Falco runtime security monitoring rulesets.
FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.
FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.
Repository with projects for photo and video hashing, content moderation, and signal exchange.
Repository with projects for photo and video hashing, content moderation, and signal exchange.