8,922 tools
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
A low-interaction SSH honeypot that logs connection attempts, usernames, and passwords without allowing actual login access.
A low-interaction SSH honeypot that logs connection attempts, usernames, and passwords without allowing actual login access.
A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.
A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.
A collection of tools that execute programs directly in memory using various delivery methods including URL downloads and netcat connections.
A collection of tools that execute programs directly in memory using various delivery methods including URL downloads and netcat connections.
ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.
ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.
Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.
AppMon is a Frida-based automated framework for monitoring and tampering with system API calls across macOS, iOS, and Android applications.
AppMon is a Frida-based automated framework for monitoring and tampering with system API calls across macOS, iOS, and Android applications.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
A multi-account AWS security tool that identifies misconfigurations, provides real-time reporting, and performs automated remediation to establish secure cloud guardrails.
CFGScanDroid is a Java utility that compares control flow graph signatures to Android method control flow graphs for malicious application detection.
CFGScanDroid is a Java utility that compares control flow graph signatures to Android method control flow graphs for malicious application detection.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
A deliberately vulnerable GraphQL application designed for security testing and educational purposes, containing multiple intentional flaws for learning GraphQL attack and defense techniques.
A deliberately vulnerable GraphQL application designed for security testing and educational purposes, containing multiple intentional flaws for learning GraphQL attack and defense techniques.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.
An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
A C library that enables cross-platform execution of functions from stripped binaries using file names, offsets, and function signatures.
A C library that enables cross-platform execution of functions from stripped binaries using file names, offsets, and function signatures.
DocBleach is a Content Disarm and Reconstruction software that sanitizes Office documents by removing potentially malicious dynamic content to prevent security threats.
DocBleach is a Content Disarm and Reconstruction software that sanitizes Office documents by removing potentially malicious dynamic content to prevent security threats.
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
GRFICS is a Unity 3D-based framework that provides a virtual industrial control system environment for practicing ICS security attacks and defenses with visual feedback.
GRFICS is a Unity 3D-based framework that provides a virtual industrial control system environment for practicing ICS security attacks and defenses with visual feedback.
A set of interrelated detection rules for improving detection and hunting visibility and context
A set of interrelated detection rules for improving detection and hunting visibility and context
Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.
Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.