Security

Windows event log fast forensics timeline generator. Sigma-based detection, threat hunting, and incident response.

Forensic imaging tool by AccessData. Create forensic images, preview evidence, and export files. Supports E01, DD, and SMART formats.

Free tool to capture physical memory (RAM) from a Windows computer. Small footprint, minimal impact on the system. For forensic analysis.

NIST-certified Security Content Automation Protocol tools. Vulnerability scanning, compliance checking, and security automation.

Agent-less vulnerability scanner for Linux/FreeBSD. Scans using multiple vulnerability databases. Email/Slack notifications.

Intelligent component analysis platform. Track vulnerabilities in third-party libraries. SBOM ingestion, policy engine, and metrics.

Find, fix, and monitor vulnerabilities in code, dependencies, containers, and IaC. Free for open-source projects.

Kubernetes security platform. Risk analysis, security compliance, and misconfiguration scanning. NSA/CISA framework support.

Simple, modern, and secure file encryption tool. No config, no options, just works. Alternative to GPG for file encryption.

Flexible editor of encrypted files. Supports YAML, JSON, ENV, INI. Encrypts values, not keys. Works with AWS KMS, GCP, Azure, age, PGP.

Interactive HTTPS proxy. Intercept, inspect, modify, and replay HTTP/HTTPS traffic. Console, web, and Python API interfaces.

AlienVault Open Source SIEM. Combines asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and SIEM in one platform.

Open-source threat intelligence platform. Share, store, and correlate Indicators of Compromise. Used by CERTs and security teams worldwide.

Open Cyber Threat Intelligence platform. Structured threat intelligence with STIX2, knowledge management, and automated enrichment.

Hunting ELK — threat hunting platform. Pre-configured ELK stack with Kafka, Spark, and Jupyter notebooks for security analytics.

Debian-based security distribution. Pre-installed security, DFIR, and privacy tools. Lighter than Kali with cloud-pentesting focus.

Arch Linux-based penetration testing distribution. 2800+ security tools. Can be installed standalone or as a repository on existing Arch.

Portable operating system that protects against surveillance. Routes everything through Tor. Leaves no trace on the host computer.

Security-oriented static analyzer for Python code. Finds common security issues like SQL injection, hardcoded passwords, and weak crypto.

Scalable security incident response platform. Case management, observables, task assignment, and integration with MISP and Cortex.

Analysis and active response engine for TheHive. Run 100+ analyzers on observables. Automated enrichment and response actions.

Threat intelligence aggregator. Query 100+ sources for IP, domain, URL, file hash analysis from a single API. Open-source SOAR component.

Analysis Information Leak framework. Monitors pastes, forums, and dark web for leaked data, credentials, and threat intelligence.

Collaborative IPS console that leverages crowd-sourced threat intelligence.