Tools Hub
Professional cybersecurity
Professional cybersecurity
tools, curated.
OSINT, threat intelligence, pentesting, malware analysis, metadata forensics, organized for serious analysts. Updated continuously.
OSINT
Maltego
Visual link analysis tool for OSINT investigations. Map relationships between people, domains, IPs, and organizations.
Visit Tool
OSINT
Shodan
Search engine for internet-connected devices. Discover exposed servers, webcams, industrial systems, and IoT devices.
Visit Tool
OSINT
SpiderFoot
Automated OSINT framework with 200+ modules for intelligence gathering on IPs, domains, emails, and names.
Visit Tool
OSINT
theHarvester
Email, subdomain, and name harvesting tool. Gathers information from public sources like Google, Bing, and LinkedIn.
Visit Tool
OSINT
Recon-ng
Modular web reconnaissance framework written in Python. Supports dozens of OSINT modules and API integrations.
Visit Tool
OSINT
OSINT Framework
A curated directory of OSINT tools and resources organized by category and target type.
Visit Tool
OSINT
IntelTechniques
OSINT search tools and resources for social media, usernames, emails, and public records investigation.
Visit Tool
Threat Intelligence
VirusTotal
Analyze suspicious files, URLs, domains, and IPs against 70+ antivirus engines and threat intelligence feeds.
Visit Tool
Threat Intelligence
MISP
Open-source threat intelligence platform for sharing, storing, and correlating IOCs and malware samples.
Visit Tool
Threat Intelligence
AlienVault OTX
Open threat exchange platform with 20M+ IOCs contributed by a global community of security researchers.
Visit Tool
Threat Intelligence
MITRE ATT&CK
Global knowledge base of adversary tactics, techniques, and procedures (TTPs) based on real-world observations.
Visit Tool
Threat Intelligence
Recorded Future
AI-powered threat intelligence platform for real-time analysis of threats across the web, dark web, and technical sources.
Visit Tool
Threat Intelligence
AbuseIPDB
Community-driven database of IP addresses reported for abusive behavior, spam, and cyberattacks.
Visit Tool
Threat Intelligence
URLVoid
Check the reputation and safety of a URL or website against multiple blacklist engines and threat feeds.
Visit Tool
Penetration Testing
Metasploit
The world's most used penetration testing framework. Exploit development, payload delivery, and post-exploitation.
Visit Tool
Penetration Testing
Burp Suite
Industry-standard web application security testing platform for intercepting, scanning, and exploiting web apps.
Visit Tool
Penetration Testing
Nmap
Network discovery and security auditing tool. Port scanning, OS detection, service enumeration, and scripting engine.
Visit Tool
Penetration Testing
Gobuster
Directory and DNS brute-forcing tool written in Go. Fast enumeration of web directories, subdomains, and virtual hosts.
Visit Tool
Penetration Testing
Hydra
Fast and flexible online password cracking tool supporting 50+ protocols including SSH, FTP, HTTP, and SMB.
Visit Tool
Penetration Testing
Nikto
Open-source web server scanner that detects dangerous files, outdated software, and misconfigurations.
Visit Tool
Penetration Testing
SQLmap
Automated SQL injection and database takeover tool with support for all major database engines.
Visit Tool
Malware Analysis
Any.run
Interactive online sandbox for real-time malware analysis. Analyze suspicious files and URLs in a safe environment.
Visit Tool
Malware Analysis
Cuckoo Sandbox
Open-source automated malware analysis system for dynamic behavioral analysis of suspicious files.
Visit Tool
Malware Analysis
Hybrid Analysis
Free malware analysis service using CrowdStrike Falcon Sandbox for in-depth behavioral and static analysis.
Visit Tool
Malware Analysis
Ghidra
NSA-developed open-source software reverse engineering framework for analyzing compiled code.
Visit Tool
Malware Analysis
IDA Pro
Industry-standard interactive disassembler and debugger for binary analysis and malware reverse engineering.
Visit Tool
Network Security
Wireshark
World's leading network protocol analyzer. Capture and interactively browse network traffic in real time.
Visit Tool
Network Security
Zeek (Bro)
Powerful open-source network security monitoring platform for traffic analysis and anomaly detection.
Visit Tool
Network Security
Suricata
High-performance open-source IDS/IPS/NSM engine with multi-threading and hardware acceleration.
Visit Tool
Network Security
Snort
Open-source intrusion prevention system capable of real-time traffic analysis and packet logging.
Visit Tool
Digital Forensics
Autopsy
Open-source digital forensics platform for analyzing hard drives, smartphones, and evidence in cyber investigations.
Visit Tool
Digital Forensics
Volatility
Advanced open-source memory forensics framework for analyzing RAM dumps from Windows, Linux, and macOS.
Visit Tool
Digital Forensics
FTK
Forensic Toolkit — industry-standard digital forensics software for disk imaging, evidence analysis, and reporting.
Visit Tool
Digital Forensics
SIFT Workstation
SANS Institute forensics toolkit — a Linux distro pre-built with industry-leading incident response and forensics tools.
Visit Tool
Risk & Compliance
OpenVAS
Full-featured vulnerability scanner and management tool. Identify security weaknesses across your infrastructure.
Visit Tool
Risk & Compliance
Nessus
World's most widely deployed vulnerability assessment solution for identifying misconfigurations and CVEs.
Visit Tool
Risk & Compliance
Qualys
Cloud-based vulnerability management, policy compliance, and web application scanning platform.
Visit Tool