8,812 tools
A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.
A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
A comprehensive auditd configuration for Linux systems following best practices.
A comprehensive auditd configuration for Linux systems following best practices.
Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.
Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.
A lightweight bash script IOC scanner for Linux/Unix/macOS systems that detects malicious indicators through hash matching, filename analysis, string searches, and C2 server identification without requiring installation.
A lightweight bash script IOC scanner for Linux/Unix/macOS systems that detects malicious indicators through hash matching, filename analysis, string searches, and C2 server identification without requiring installation.
Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.
Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.
An anti-forensic Linux Kernel Module kill-switch for USB ports.
An anti-forensic Linux Kernel Module kill-switch for USB ports.
Mellivora Mellivora is a PHP-based CTF engine that provides comprehensive competition hosting capabilities with challenge management, team scoring, and administrative tools for cybersecurity competitions.
Mellivora Mellivora is a PHP-based CTF engine that provides comprehensive competition hosting capabilities with challenge management, team scoring, and administrative tools for cybersecurity competitions.
A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.
A CLI program that simplifies cybersecurity solution management through automated deployment, configuration, monitoring, and lifecycle operations across multiple hosts.
A tool for creating encrypted volumes with self-destruction capabilities that automatically destroy data when tampering is detected or commands are issued.
A tool for creating encrypted volumes with self-destruction capabilities that automatically destroy data when tampering is detected or commands are issued.
A Go-based honeypot server for detecting and logging attacker activity
A Go-based honeypot server for detecting and logging attacker activity
Tool used for dumping memory from Android devices with root access requirement and forensic soundness considerations.
Tool used for dumping memory from Android devices with root access requirement and forensic soundness considerations.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
A honeypot system that allows you to set up a decoy API to detect and analyze potential security threats.
A honeypot system that allows you to set up a decoy API to detect and analyze potential security threats.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.