8,964 tools
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
A Python framework for building custom Command and Control interfaces that implements Cobalt Strike's External C2 specification for data transfer between frameworks.
A Python framework for building custom Command and Control interfaces that implements Cobalt Strike's External C2 specification for data transfer between frameworks.
Express middleware for detecting and redirecting Tor or Surface users.
Express middleware for detecting and redirecting Tor or Surface users.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
Modular honeypot based on Python with support for Siemens S7 protocol.
Modular honeypot based on Python with support for Siemens S7 protocol.
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A community-driven informational repository providing resources and guidance for hunting adversaries in IT environments.
A community-driven informational repository providing resources and guidance for hunting adversaries in IT environments.
Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.
Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.
YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A project providing open-source YARA rules for malware and malicious file detection
A project providing open-source YARA rules for malware and malicious file detection
A daily collection of IOCs from various sources, including articles and tweets.
A daily collection of IOCs from various sources, including articles and tweets.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.
Safely store secrets in version control repositories with GPG encryption support.
Safely store secrets in version control repositories with GPG encryption support.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.