8,962 tools
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
Open Source computer forensics platform with modular design for easy automation and scripting.
Open Source computer forensics platform with modular design for easy automation and scripting.
A tool for SSH server auditing with comprehensive analysis capabilities.
A tool for SSH server auditing with comprehensive analysis capabilities.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A tool to extract indicators of compromise from security reports in PDF format.
A tool to extract indicators of compromise from security reports in PDF format.
Yara rule generator using VirusTotal code similarity feature code-similar-to.
Yara rule generator using VirusTotal code similarity feature code-similar-to.
A disassembly framework with support for multiple hardware architectures and clean API.
A disassembly framework with support for multiple hardware architectures and clean API.
kube-hunter is a security scanning tool that identifies vulnerabilities and security weaknesses in Kubernetes clusters through automated assessment and provides detailed reporting with remediation guidance.
kube-hunter is a security scanning tool that identifies vulnerabilities and security weaknesses in Kubernetes clusters through automated assessment and provides detailed reporting with remediation guidance.
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
CloudSploit by Aqua is an open-source multi-cloud security scanning tool that detects security risks and compliance issues across AWS, Azure, GCP, OCI, and GitHub platforms.
A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.
A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.
Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.
Tcpreplay is a network traffic editing and replay tool used for testing network devices and applications.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
Tango is a set of scripts and Splunk apps for deploying honeypots with ease.
Tango is a set of scripts and Splunk apps for deploying honeypots with ease.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
An open-source framework that detects and prevents dependency confusion attacks across multiple package management systems and development environments.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
Apache Spot is an open source big data platform that analyzes network flows and packet data to identify security threats and provide visibility into enterprise computing environments.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
A community-maintained repository of YARA rules for detecting and classifying malware based on patterns and characteristics.
A community-maintained repository of YARA rules for detecting and classifying malware based on patterns and characteristics.
A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.
A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.
angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.
angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.
A full python tool for analyzing Android files with various functionalities.
A full python tool for analyzing Android files with various functionalities.