All Cybersecurity Tools

Weekly cybersecurity newsletter covering security incidents, AI, and leadership

A Python-based command-line tool that scans websites for CORS misconfigurations by analyzing HTTP response headers to identify potential security vulnerabilities.

App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.

Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.

A honeypot designed to detect and analyze malicious activities in instant messaging platforms.

Tor Browser is a free and open-source software that allows users to browse the internet anonymously and privately.

A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.

MIDAS (Mac Intrusion Detection Analysis System) - archived and no longer supported.

A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.

A tool for extracting static and dynamic features from Android APKs.

Automate security incident handling and facilitate real-time activities of incident handlers.

Sysreptor offers a customizable reporting solution for penetration testing and red teaming.

A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.

SentinelOne's Singularity Platform is an AI-powered enterprise security platform providing autonomous endpoint, cloud, identity, and data protection through its integrated XDR solution.

Coursera offers free online learning resources and courses during the COVID-19 pandemic.

An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.

A reference guide providing Docker commands and concepts for containerized application development and deployment.

A tool for identifying and analyzing Java serialized objects in network traffic

Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.

MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.

Turbinia is an open-source framework for automating the running of common forensic processing tools to help with processing evidence in the Cloud.

Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.

Clevis is a pluggable framework that enables automated decryption of data and LUKS volumes through a pin-based plugin system.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.