8,812 tools
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
OSXCollector is a forensic evidence collection & analysis toolkit for OSX.
OSXCollector is a forensic evidence collection & analysis toolkit for OSX.
YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.
YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.
A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.
A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.
Windows event log fast forensics timeline generator and threat hunting tool.
Windows event log fast forensics timeline generator and threat hunting tool.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
A semi-automatic tool to generate YARA rules from virus samples.
A semi-automatic tool to generate YARA rules from virus samples.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.
A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.
An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications.
An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications.
WebGoat is an OWASP-maintained deliberately insecure web application designed to teach web application security through hands-on exercises with intentional vulnerabilities.
WebGoat is an OWASP-maintained deliberately insecure web application designed to teach web application security through hands-on exercises with intentional vulnerabilities.
Create a vulnerable active directory for testing various Active Directory attacks.
Create a vulnerable active directory for testing various Active Directory attacks.
Open-source Java application for creating proxies for traffic analysis & modification.
Open-source Java application for creating proxies for traffic analysis & modification.
A webshell manager via terminal for controlling web servers running PHP or MySQL.
A webshell manager via terminal for controlling web servers running PHP or MySQL.
A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.
A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
A Python framework for building custom Command and Control interfaces that implements Cobalt Strike's External C2 specification for data transfer between frameworks.
A Python framework for building custom Command and Control interfaces that implements Cobalt Strike's External C2 specification for data transfer between frameworks.
Express middleware for detecting and redirecting Tor or Surface users.
Express middleware for detecting and redirecting Tor or Surface users.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
Modular honeypot based on Python with support for Siemens S7 protocol.
Modular honeypot based on Python with support for Siemens S7 protocol.
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.