8,812 tools
A tool to extract indicators of compromise from security reports in PDF format.
A tool to extract indicators of compromise from security reports in PDF format.
Yara rule generator using VirusTotal code similarity feature code-similar-to.
Yara rule generator using VirusTotal code similarity feature code-similar-to.
A disassembly framework with support for multiple hardware architectures and clean API.
A disassembly framework with support for multiple hardware architectures and clean API.
kube-hunter is a security scanning tool that identifies vulnerabilities and security weaknesses in Kubernetes clusters through automated assessment and provides detailed reporting with remediation guidance.
kube-hunter is a security scanning tool that identifies vulnerabilities and security weaknesses in Kubernetes clusters through automated assessment and provides detailed reporting with remediation guidance.
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.
A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.
Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.
Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
Tango is a set of scripts and Splunk apps for deploying honeypots with ease.
Tango is a set of scripts and Splunk apps for deploying honeypots with ease.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
A community-maintained repository of YARA rules for detecting and classifying malware based on patterns and characteristics.
A community-maintained repository of YARA rules for detecting and classifying malware based on patterns and characteristics.
A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.
A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.
angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.
angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.
A full python tool for analyzing Android files with various functionalities.
A full python tool for analyzing Android files with various functionalities.
A script for setting up a dionaea and kippo honeypot using Docker images.
A script for setting up a dionaea and kippo honeypot using Docker images.
Automated script to install and deploy a honeypot with kippo, dionaea, and p0f on Ubuntu 12.04.
Automated script to install and deploy a honeypot with kippo, dionaea, and p0f on Ubuntu 12.04.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.
w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.
A lightweight CTF platform with simple setup and difficulty-based scoring that removes timezone advantages from competitions.
A lightweight CTF platform with simple setup and difficulty-based scoring that removes timezone advantages from competitions.