8,922 tools
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
Python utility for testing the existence of domain names under different TLDs to find malicious subdomains.
Python utility for testing the existence of domain names under different TLDs to find malicious subdomains.
InsecureBankv2 is an intentionally vulnerable Android application with a Python back-end server designed for educational purposes in mobile security testing and Android vulnerability research.
InsecureBankv2 is an intentionally vulnerable Android application with a Python back-end server designed for educational purposes in mobile security testing and Android vulnerability research.
A Digital Bond research project to enumerate ICS applications and devices
A Digital Bond research project to enumerate ICS applications and devices
A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.
A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.
DFIRTrack is an open source web application focused on incident response for handling major incidents with many affected systems, tracking system status, tasks, and artifacts.
DFIRTrack is an open source web application focused on incident response for handling major incidents with many affected systems, tracking system status, tasks, and artifacts.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
A collection of Ansible roles for hardening various systems and services
A collection of Ansible roles for hardening various systems and services
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.
A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.
KeeFarce extracts cleartext password database information from KeePass 2.x processes in memory using DLL injection and .NET runtime manipulation.
KeeFarce extracts cleartext password database information from KeePass 2.x processes in memory using DLL injection and .NET runtime manipulation.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
Repository for detection content with various types of rules and payloads.
Repository for detection content with various types of rules and payloads.
A laser tripwire device that automatically hides windows, locks computers, or executes custom scripts when motion is detected within 120cm range.
A laser tripwire device that automatically hides windows, locks computers, or executes custom scripts when motion is detected within 120cm range.
A PHP library that provides secure data encryption capabilities using keys or passwords, designed to minimize implementation errors.
A PHP library that provides secure data encryption capabilities using keys or passwords, designed to minimize implementation errors.
ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.
ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
A runtime threat management and attack path enumeration tool for cloud-native environments
A runtime threat management and attack path enumeration tool for cloud-native environments
SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.
SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
Scan files with Yara, match findings to VirusTotal comments.
Scan files with Yara, match findings to VirusTotal comments.