tldr.runtldr.run

Curated list of security tools forΒ 

Hackers

An initiative to share and educate about various tools used in the field of information security.

Categories

Cloud Security
Endpoint Protection and Response (EPP/EDR)
Identity and Access Management (IAM)
Vulnerability Management and Assessment
Security Information and Event Management (SIEM)
Threat Intelligence
Incident Response and Forensics
Network Security
Application Security
DevSecOps and Continuous Security
Data Security and Encryption
Security Orchestration, Automation, and Response (SOAR)
Compliance and Governance
Penetration Testing and Red Teaming
Detection Engineering and Blue Teaming
Container and Kubernetes Security
Runtime Security
Security Testing and Auditing
Security Awareness and Training
Zero Trust Architecture
Supply Chain Security
Mobile Security
OSINT
Privacy
API Security
Blockchain Security
Miscellaneous

All Security Tools

MIT

aws-security-viz

0.0 ⭐ (0)

Need a quick way to visualize your current aws/amazon ec2 security group configuration? aws-security-viz does just that based on the EC2 security group ingress configuration.

cloud security
identity and access management (iam)
compliance and governance
Apache-2.0

Guarddog

0.0 ⭐ (0)

GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages or Go modules. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata.

detection engineering and blue teaming
supply chain security
Apache-2.0

Unfurl

0.0 ⭐ (0)

Extract and Visualize Data from URLs using Unfurl. Unfurl takes a URL and expands ("unfurls") it into a directed graph, extracting every bit of information from the URL and exposing the obscured. It does this by breaking up a URL into components, extracting as much information as it can from each piece, and presenting it all visually. This β€œshow your work” approach (along with embedded references and documentation) makes the analysis transparent to the user and helps them learn about (and discover) semantic and syntactical URL structures.

miscellaneous
Apache-2.0

Stratus Red Team

0.0 ⭐ (0)

Stratus Red Team is "Atomic Red Teamβ„’" for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner. Granular, Actionable Adversary Emulation for the Cloud.

cloud security
container and kubernetes security
penetration testing and red teaming
Apache-2.0

TrashEmail

0.0 ⭐ (0)

TrashEmail is hosted Telegram bot that can save your private email address by offering disposable email address. It can create, manage, disposable email address and link them with your telegram bot chat.

miscellaneous
Apache-2.0

Terrascan

0.0 ⭐ (0)

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

vulnerability management and assessment
cloud security
container and kubernetes security
Apache-2.0
Featured

CDK

0.0 ⭐ (0)

CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs and helps you to escape container and take over K8s cluster easily.

cloud security
container and kubernetes security
devsecops and continuous security
Apache-2.0

StreamAlert

0.0 ⭐ (0)

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

security information and event management (siem)
Apache-2.0

TerraGoat

0.0 ⭐ (0)

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

security awareness and training
LGPL-2.1

Semgrep

0.0 ⭐ (0)

Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep supports 30+ languages and can run in an IDE, as a pre-commit check, and as part of CI/CD workflows.

vulnerability management and assessment
Apache-2.0

Cartography

0.0 ⭐ (0)

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

cloud security
container and kubernetes security
miscellaneous
AGPL-3.0

TruffleHog

0.0 ⭐ (0)

TruffleHog is the most powerful secrets Discovery, Classification, Validation, and Analysis tool. In this context secret refers to a credential a machine uses to authenticate itself to another machine. This includes API keys, database passwords, private encryption keys, and more...

security testing and auditing
miscellaneous

Trusted by Security Professionals

Discover how our security tools are empowering organizations to strengthen their cybersecurity defenses and stay ahead of evolving threats.

  • "So @fntlnz shared this in the Falco maintainers channel this morning. Check out this collection of sick security tools. Of course @falco_org is there!"

    K
    Kris NΓ³vaChief OSS, Sysdig

Share Your Security Tool with the World

Have a powerful tool that helps enhance security or privacy? Submit your tool and showcase it to a community of professionals and developers. Your contribution could shape the future of security technology.