8,813 tools
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
SwishDbgExt is a Microsoft WinDbg debugging extension that enhances debugging capabilities for kernel developers, troubleshooters, and security experts.
SwishDbgExt is a Microsoft WinDbg debugging extension that enhances debugging capabilities for kernel developers, troubleshooters, and security experts.
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
NoSQLMap is an open source Python tool that automates NoSQL injection attacks and exploits configuration weaknesses in NoSQL databases to disclose or clone data.
NoSQLMap is an open source Python tool that automates NoSQL injection attacks and exploits configuration weaknesses in NoSQL databases to disclose or clone data.
A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.
A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.
A collection of Yara rules for the Burp Yara-Scanner extension that helps identify malicious software and infected web pages during web application security assessments.
A collection of Yara rules for the Burp Yara-Scanner extension that helps identify malicious software and infected web pages during web application security assessments.
Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.
Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.
HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.
HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.
Red October is a TLS-based encryption server that implements two-man rule authorization, requiring multiple users to collaborate for cryptographic operations.
Red October is a TLS-based encryption server that implements two-man rule authorization, requiring multiple users to collaborate for cryptographic operations.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.
Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.
DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.
DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
A tool that generates pseudo-malicious files to trigger YARA rules.
A tool that generates pseudo-malicious files to trigger YARA rules.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
A collection of Yara signatures developed by Citizen Lab to detect malware used in targeted attacks against civil society organizations.
A collection of Yara signatures developed by Citizen Lab to detect malware used in targeted attacks against civil society organizations.
Open Source Threat Intelligence Gathering and Processing Framework
Open Source Threat Intelligence Gathering and Processing Framework
Emulates Docker HTTP API with event logging and AWS deployment script.
Emulates Docker HTTP API with event logging and AWS deployment script.
A package for capturing and analyzing network flow data and intraflow data.
A package for capturing and analyzing network flow data and intraflow data.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
CSET is a free Windows-based tool that helps organizations identify cybersecurity vulnerabilities in enterprise and industrial control systems using hybrid risk and standards-based assessment approaches.
CSET is a free Windows-based tool that helps organizations identify cybersecurity vulnerabilities in enterprise and industrial control systems using hybrid risk and standards-based assessment approaches.
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Real-time, eBPF-based Security Observability and Runtime Enforcement component