Security Tools
Showing 36 of 294 projects
A modular, menu-driven tool for building time-delayed, distributed security event chains for Red, Blue, and Purple Team exercises.
A PCAP-based network packet analyzer that applies grep-like pattern matching to packet payloads across multiple protocols.
A Python framework for disassembly, static analysis, symbolic execution, and debugging of binaries and malware.
A work-in-progress reference guide for Android security topics, tools, and version-specific details.
A CLI tool and library to identify hash types, supporting 675+ hash formats with hashcat and John the Ripper references.
A curated list of awesome fuzzing resources, tools, and academic papers for software security testing.
A portable C library for constructing and injecting network packets at IP and link layers.
A curated list of resources and libraries for LD_PRELOAD, a Linux mechanism for runtime function interception and behavior modification.
An extendable Python tool to extract and aggregate Indicators of Compromise (IOCs) from various threat intelligence feeds.
An extendable Python tool to extract and aggregate Indicators of Compromise (IOCs) from various threat intelligence feeds.
A PowerShell module for reverse engineering that disassembles code, analyzes malware, parses memory structures, and inspects Windows internals.
A collection of command-line utilities to enhance and simplify SSH operations like pinging hosts, checking certificates, and diffing files.
A cross-platform static code analysis tool for mobile applications (APK/IPA) to find security vulnerabilities like hardcoded credentials and API keys.
Embed dependency information into Rust binaries for vulnerability auditing in production.
A dynamic unpacker for Windows malware that deploys packed executables, waits for payload unpacking, and dumps the extracted code.
A macOS security tool that continually monitors persistence locations to block malware installation attempts.
Dynamic analysis tool for Android applications that monitors runtime behavior, detects information leaks, and visualizes app activity.
A freeware reversing tool for PE files, designed for fast and flexible malware analysis.
A command-line toolkit for analyzing and working with Portable Executable (PE) binaries on multiple platforms.
Framework for creating environmental keyed payloads that only execute on specific target systems.
An automatic, platform-independent unpacker for Windows binaries using emulation to analyze packed malware.
A machine learning tool that ranks strings by relevance for malware analysis, helping analysts prioritize suspicious strings.
An automated malware analysis tool for Linux ELF files, extracting static and dynamic features for security assessment.
A cross-platform forensic artifact collection tool for NTFS file systems that minimizes host impact.
Interactive reverse engineering tool for Android applications, written in C/C++ for performance.
A fast, efficient SNMP scanner that sends requests in parallel and logs responses, unlike traditional sequential scanners.
A C++23 procedure hooking library for Windows that makes runtime function interception as safe as possible.
A utility for analyzing and studying malicious JavaScript by emulating a Windows JScript environment.
A Ruby-based command-line tool for analyzing password dumps to generate statistics and insights for security reports.
An LLM-powered web honeypot that dynamically crafts realistic HTTP responses to mimic various applications and detect malicious traffic.
A modular file scanning and analysis framework that automates running a suite of tools and aggregates their output.
An extension of Cuckoo Sandbox that adds automated Android malware analysis capabilities for executing and analyzing Android applications.
A curated list of Bluetooth security resources covering vulnerabilities, tools, research, and conference talks for BR/EDR, LE, and Mesh.
A free, open-source, cross-platform desktop application for threat modeling with system diagramming and automated threat generation.
A customizable security middleware for Apollo GraphQL, Yoga, and Envelop GraphQL servers.
Analyzes raw binary firmware to automatically detect loading address, endianness, and UDS command databases.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.