All Cybersecurity Tools

A powerful interactive packet manipulation program and library for network exploration and security testing.

CHIPSEC is a cross-platform framework for analyzing PC platform security, including hardware, BIOS/UEFI firmware, and low-level system components.

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

ConDroid is a concolic execution framework for Android applications that automates dynamic analysis by driving execution to specific code locations without manual interaction.

A Golang application that stores and queries NIST NSRL Reference Data Set for MD5 and SHA1 hash lookups using Bolt database technology.

A collection of security reports and resources documenting various Android application vulnerabilities including hardcoded credentials, insecure deeplinks, and code execution flaws.

TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.

Open Source Threat Intelligence Gathering and Processing Framework

Real-time monitoring tool for newly issued SSL certificates.

A website scanner that provides a sandbox for the web, allowing users to scan URLs and websites for potential threats and vulnerabilities.

The FASTEST Way to Consume Threat Intelligence and make it actionable.

MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.

VolatilityBot automates memory dump analysis by extracting executables, detecting code injections, and performing automated malware scanning using YARA and ClamAV.

A centralized platform for managing open source components and automating software supply chain security.

eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.

Automate software supply chain security by blocking malicious open source components

ESLint plugin to prevent Trojan Source attacks.

A virtual machine with numerous security vulnerabilities for testing exploits with Metasploit.

GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.

A bash script that analyzes executable files to check security properties like PIE, RELRO, canaries, ASLR, and Fortify Source protections.

Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.

CloudFrunt identifies misconfigured Amazon CloudFront domains that are vulnerable to hijacking due to improper CNAME configuration.

A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.

A collection of Yara rules for the Burp Yara-Scanner extension that helps identify malicious software and infected web pages during web application security assessments.