Tor is a tool that is susceptible to website fingerprinting ... When browsing the web, many users would prefer to have privacy. Clients who wish to avoid beh...

OpenWrt package for copying network packets without IPtables. ... A package that sends copies of network packets from your OpenWrt router to another device o...

Malicious traffic detection system ... Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/o...

A tool for detecting regular expression denial-of-service vulnerabilities in Android apps. ... The tool requires a regular expression analyzer.Currently, the...

RegEx Denial of Service (ReDos) Scanner ... Helps find regular expressions susceptible to denial of service attacks.

A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. ...

Stop denial of service attacks, configurable allowable burst rate. ... Configurable Denial-Of-Service prevention for http services.

MISP (core software) - Open Source Threat Intelligence Platform (formely known as Malware Information Sharing Platform) ... MISP is an open source software s...

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. ... A detailed overview of system activity w...

Exploit Development and Reverse Engineering with GDB Made Easy ... pwndbg is a GDB plug-in that improves debugging with GDB, with a focus on features needed ...

Automatically extract obfuscated strings from malware. ... Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heurist...

Cuckoo Sandbox is an automated dynamic malware analysis system ... Cuckoo Sandbox is the leading open sourceautomated malware analysis system. You can throw ...

Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, d...

Generic Android Deobfuscator. Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identicall...

Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !) ... Androguard is a full python tool to play with Android f...

A repository of LIVE malware for your own joy and pleasure. theZoo's objective is to offer a fast and easy way of retrieving malware samples and source code ...

GEF - GDB Enhanced Features for exploit devs & reversers ... GEF is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers a...

This is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology. ... The Hybrid...

Volatility is an advanced memory forensics framework. ... The Volatility Framework is a completely open collection of tools,implemented in Python under the G...

A Network Forensics Tool to visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and fi...

OpenCTI is an open source platform allowing organizations to manage its cyber threat intelligence knowledge and observables. ... OpenCTI has been created in ...

Dawnscanner is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks. ... Dawnscann...

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol. ... IntelMQ is a solution for IT s...

Santa is a binary whitelisting/blacklisting system ... Santa consists of a kernel extension that monitors for executions, a userland daemon that makes execu...

The Ultimate Hosts Blacklist is a curated Unified Hosts file for protecting your computer or device against over several hundred thousand bad web sites ... T...

NetWorkPacketCapture is a tool used to capture network packet via Android VPN. ... NetWorkPacketCapture has the ability to: It can display every network conn...

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It provides C++ wrappers for packet processing engines su...

Libnet provides a portable framework for low-level network packet construction. ... Libnet is an API to help with the construction and handling of network pa...

Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute p...

Modlishka is a powerful and flexible HTTP reverse proxy. ... Modlishka implements an entirely new and interesting approach of handling browser-based HTTP tra...

dnstwist is a domain name permutation engine for detecting typo squatting, phishing and corporate espionage. ... dnstwist takes in your domain name as a seed...

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. ... King Phisher features an easy to use, yet very...

pythem is a multi-purpose pentest framework written in Python. ... pythem can test multiple different types of attacks and phishing instances such as: ARP s...

tcpdump is a tool for network monitoring and data acquisition. ... Tcpdump uses libpcap, a system-independent interface for user-level packet capture. The pr...

BoNeSi, the DDoS Botnet Simulator, is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS atta...

Python telnet honeypot for catching botnet binaries ... This project implements a python telnet server trying to act as a honeypot for IoT Malware which spre...

Hale is a botnet command & control monitor/spy with a modular design to easily develop new modules that monitor new protocols used by C&C servers ... The mai...

The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. ... The probe, cyberprobe has the foll...

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real...

Security Onion is a Linux distro for intrusion detection, enterprise security monitoring, and log management. ... Security Onion is a free and open source Li...

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application ... ...

Acra is a database security suite for data-driven apps: database proxy with strong selective encryption, search through encrypted data, SQL injections preven...

Waidps is a wireless Auditing, Intrusion Detection & Prevention System ... WAIDPS is an open source wireless swissknife written in Python and work on Linux e...

Expose is an Intrusion Detection System for PHP loosely based on the PHPIDS project (and using its ruleset for detecting potential threats). ... Expose allow...

Psad is an Intrusion Detection and Log Analysis with iptables ... The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to...

BriarIDS is an All-In-One home intrusion detection system (IDS) solution for the Raspberry PI. ... A simple yet effective IDS for the Raspberry PI. BriarIDS ...

The Sleuth Kit (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The libra...

Mozilla's real-time digital forensics and investigation platform. ... MIG is a platform to perform investigative surgery on remote endpoints. It enables inve...

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. ... Supported data sources for Beagle include ...

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious...

Turbinia is an open-source framework for deploying, managing, and running distributed forensic workloads. ... Turbinia is intended to automate running of com...

Darknet is an open source neural network framework written in C and CUDA. ... Darknet apply a single neural network to the full image. This network divides t...

Nishang - Offensive PowerShell for red team, penetration testing and offensive security. ... Nishang is a framework and collection of scripts and payloads w...

Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. ... Born from our popular FLARE ...

SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe ...

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, networ...

Sparta is a network infrastructure penetration testing tool ... SPARTA is a python GUI application which simplifies network infrastructure penetration testin...

USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use polici...

Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. Cowrie also f...

Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker....

Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems ... ConpotF...

Honeytrap is an extensible and opensource system for running, monitoring and managing honeypots. ... Features of HoneyTrap: Combine multiple services to one...

Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way. ... Justniffer can emulate Apache web server l...

OpenVAS is a full-featured vulnerability scanner. ... The capabilities of OpenVAS include unauthenticated testing, authenticated testing, various high level ...

Moloch is a large scale, open source, indexed packet capture and search system. ... Moloch augments your current security infrastructure to store and index n...

Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. ... Nmap uses raw IP packets in novel ways to determin...

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also ...

Infection Monkey is an open source Breach and Attack Simulation tool to evaluate the security posture of your network. ... The Infection Monkey is an attack ...

PhishTank is a community site that houses user-submitted phishing data ... PhishTank is a collaborative clearing house for data and information about phishin...

Wireshark is the world's foremost and widely-used network protocol analyzer. ... Wireshark lets you see what's happening on your network at a microscopic lev...

Xplico is an open source network forensic analysis tool ... The goal of Xplico is extract from an internet traffic capture the applications data contained. F...

A malware/botnet analysis framework written in Ruby. ... Dorothy2 is a framework created for suspicious binary analysis. Its main strengths are a very flexib...

Modern web applications make frequent use of third-party scripts, often in ways that allow scripts loaded from external servers to make unrestricted changes ...

This tool evaluates various methods for scheduling the fuzzing of program pairs. The key feature of the system is that comprehensive data on fuzzing all pair...

The CyberVAN testbed provides a testing and experimentation environment to support cyber security research. ... CyberVAN provides the highest fidelity repres...