8,813 tools
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.
A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.
A Forensic Framework for Skype with various investigative options.
A Forensic Framework for Skype with various investigative options.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A container compliance and vulnerability assessment tool that uses OpenSCAP to scan Docker images and running containers for security vulnerabilities and compliance violations.
A container compliance and vulnerability assessment tool that uses OpenSCAP to scan Docker images and running containers for security vulnerabilities and compliance violations.
An automated script that configures Active Directory domains using customizable XML configuration files.
An automated script that configures Active Directory domains using customizable XML configuration files.
A serverless application that demonstrates common serverless security flaws and weaknesses
A serverless application that demonstrates common serverless security flaws and weaknesses
An open-source Python software for creating honeypots and honeynets securely.
An open-source Python software for creating honeypots and honeynets securely.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
A community-driven open source project providing interactive notebooks with detection logic, adversary tradecraft, and resources organized according to MITRE ATT&CK framework for threat hunting and detection development.
A community-driven open source project providing interactive notebooks with detection logic, adversary tradecraft, and resources organized according to MITRE ATT&CK framework for threat hunting and detection development.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.
A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.
Management portal for LoKi scanner with centralized database for scanning activities.
Management portal for LoKi scanner with centralized database for scanning activities.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.
A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.
Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.
Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.
APT Simulator is a tool for simulating a compromised system on Windows.
APT Simulator is a tool for simulating a compromised system on Windows.
AutoYara is a Java tool that automatically generates YARA rules from malware samples using biclustering algorithms to help analysts create detection rules for malware families.
AutoYara is a Java tool that automatically generates YARA rules from malware samples using biclustering algorithms to help analysts create detection rules for malware families.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
An open source packet capture and forwarding tool that captures network packets on one machine and sends them to another for remote monitoring and analysis.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
ConsoleMe is a web service that simplifies AWS IAM permissions and credential management across multiple accounts through self-service workflows and centralized administration.
ConsoleMe is a web service that simplifies AWS IAM permissions and credential management across multiple accounts through self-service workflows and centralized administration.