8,922 tools
A Python-based forensic tool for extracting and analyzing browser artifacts from Firefox, Iceweasel, and Seamonkey browsers on Unix and Windows systems.
A Python-based forensic tool for extracting and analyzing browser artifacts from Firefox, Iceweasel, and Seamonkey browsers on Unix and Windows systems.
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
Python 3 tool for parsing Yara rules with ongoing development.
Python 3 tool for parsing Yara rules with ongoing development.
A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.
A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A collection of vulnerable ARM binaries designed for educational exploit development and vulnerability research practice across different architectures and exploitation techniques.
A collection of vulnerable ARM binaries designed for educational exploit development and vulnerability research practice across different architectures and exploitation techniques.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.
yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.
A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
A sandbox for quickly sandboxing known or unknown families of Android Malware
A sandbox for quickly sandboxing known or unknown families of Android Malware
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
A tool that showcases the attack surface of a given Android device, highlighting potential vulnerabilities and security risks.
A tool that showcases the attack surface of a given Android device, highlighting potential vulnerabilities and security risks.
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
An open source DDoS protection system that uses distributed algorithms to defend against multi-vector attacks and scale to handle varying bandwidth requirements for network operators and service providers.
An open source DDoS protection system that uses distributed algorithms to defend against multi-vector attacks and scale to handle varying bandwidth requirements for network operators and service providers.
Generate comprehensive reports about Windows systems with detailed system, security, networking, and USB information.
Generate comprehensive reports about Windows systems with detailed system, security, networking, and USB information.