8,922 tools
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
Accurate detection of HTTPS interception and robust TLS fingerprinting tool.
Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.
Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.
DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.
DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
A tool that generates pseudo-malicious files to trigger YARA rules.
A tool that generates pseudo-malicious files to trigger YARA rules.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
A collection of Yara signatures developed by Citizen Lab to detect malware used in targeted attacks against civil society organizations.
A collection of Yara signatures developed by Citizen Lab to detect malware used in targeted attacks against civil society organizations.
Open Source Threat Intelligence Gathering and Processing Framework
Open Source Threat Intelligence Gathering and Processing Framework
Emulates Docker HTTP API with event logging and AWS deployment script.
Emulates Docker HTTP API with event logging and AWS deployment script.
A package for capturing and analyzing network flow data and intraflow data.
A package for capturing and analyzing network flow data and intraflow data.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
CSET is a free Windows-based tool that helps organizations identify cybersecurity vulnerabilities in enterprise and industrial control systems using hybrid risk and standards-based assessment approaches.
CSET is a free Windows-based tool that helps organizations identify cybersecurity vulnerabilities in enterprise and industrial control systems using hybrid risk and standards-based assessment approaches.
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
Sample detection rules and dashboards for Google Security Operations
Sample detection rules and dashboards for Google Security Operations
GCTI's open-source detection signatures for malware and threat detection
GCTI's open-source detection signatures for malware and threat detection
A FTP honeypot tool for detecting and capturing malicious file upload attempts.
A FTP honeypot tool for detecting and capturing malicious file upload attempts.
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.
CHIPSEC is a cross-platform framework for analyzing PC platform security, including hardware, BIOS/UEFI firmware, and low-level system components.
CHIPSEC is a cross-platform framework for analyzing PC platform security, including hardware, BIOS/UEFI firmware, and low-level system components.
TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.
TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.