8,962 tools
Express middleware for detecting and redirecting Tor or Surface users.
Express middleware for detecting and redirecting Tor or Surface users.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
Modular honeypot based on Python with support for Siemens S7 protocol.
Modular honeypot based on Python with support for Siemens S7 protocol.
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A community-driven informational repository providing resources and guidance for hunting adversaries in IT environments.
A community-driven informational repository providing resources and guidance for hunting adversaries in IT environments.
Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.
Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.
YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A project providing open-source YARA rules for malware and malicious file detection
A project providing open-source YARA rules for malware and malicious file detection
A daily collection of IOCs from various sources, including articles and tweets.
A daily collection of IOCs from various sources, including articles and tweets.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
Safely store secrets in version control repositories with GPG encryption support.
Safely store secrets in version control repositories with GPG encryption support.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.
MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.
A key and secret validation workflow tool built in Rust, supporting over 30 providers and exporting to JSON or CSV.
A key and secret validation workflow tool built in Rust, supporting over 30 providers and exporting to JSON or CSV.