grype A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Features Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating...
dt DNS tool that displays information about your domain. Features common records scanning (use -scan) validate DNSSEC chain (use -debug to see more info) change query speed for scanning (default 10 queries per second)...
Safety is a command-line tool. Use it to check your local virtual environment, your requirement files, or any input from stdin for dependencies with security issues. If you are using something insecure, you’ll get...
CDK – Zero Dependency Container Penetration Toolkit CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many...
Mythic Mythic is a multiplayer, command, and control platform for red teaming operations. It is designed to facilitate a plug-n-play architecture where new agents, communication channels, and modifications can happen on the fly. One...
chainsaw – Rapidly Search and Hunt through Windows Event Logs Chainsaw provides a powerful “first-response” capability to quickly identify threats within Windows event logs. It offers a generic and fast method of searching through...
Hayabusa Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool created by the Yamato Security group in Japan. Hayabusa means “peregrine falcon” in Japanese and was chosen as peregrine falcons are the fastest animal in the...
OWASP WrongSecrets Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management...
Semi-Automated Cyber Threat Intelligence – ACT Platform Semi-Automated Cyber Threat Intelligence (ACT) is a research project led by mnemonic as with contributions from the University of Oslo, NTNU, Norwegian Security Authority (NSM), KraftCERT and Nordic...
murphysec MurphySec CLI is used for detecting vulnerable dependencies from the command-line, and also can be integrated into your CI/CD pipeline. Features Analyze dependencies being used by your project, including direct and indirect dependencies Detect...
