Cybersecurity Tools Directory

Intrusion Detection and Prevention Systems

wireshark on SecurityListing: A free, open-source network protocol analyzer for capturing and displaying packet-level data.

Container Security

Wiz Cloud on SecurityListing: Agentless cloud security platform for risk detection & prevention

Data Loss Prevention

Somansa Mail-i on SecurityListing: Network DLP solution with SSL/TLS decryption for email, web, and cloud monitoring

Guides

The Anatomy of a Malicious Package on SecurityListing: Educational resource analyzing the structure and implementation of malicious packages in software ecosystems, with focus on JavaScript/NPM threat models.

Offensive Security

The Security Ledger on SecurityListing: Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.

Threat Intelligence Platforms

xorlab Abuse Mailbox Automation on SecurityListing: Automates triage of user-reported suspicious emails with AI classification

Endpoint Detection and Response

Sophos Endpoint on SecurityListing: AI-powered endpoint security with prevention-first approach and EDR capabilities

Endpoint Protection Platform

ThreatLocker Platform on SecurityListing: ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.

Risk Assessment

Safe Security Autonomous TPRM on SecurityListing: AI-powered TPRM platform for automated vendor risk assessment and monitoring

Static Application Security Testing

Perforce Klocwork on SecurityListing: Static code analyzer & SAST tool for C, C++, Java, JavaScript, Python, Kotlin

Static Application Security Testing

Pixee Pixeebot on SecurityListing: AI-powered automated code security remediation bot for vulnerability fixes

Security Orchestration Automation and Response

Stackstorm on SecurityListing: StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.

Guides

Web Application Exploits and Defenses on SecurityListing: An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.

Static Application Security Testing

SonarSource SonarQube Cloud on SecurityListing: Cloud-based SAST platform for code quality and security analysis

API Security

StackHawk on SecurityListing: A DAST solution that performs automated security testing of APIs and web applications within development workflows and CI/CD pipelines.

Offensive Security

WebDAV Covert Channel on SecurityListing: A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.

Container Security

Ramblings from Jessie: Setting the Record Straight: containers vs. Zones vs. Jails vs. VMs on SecurityListing: A blog post discussing the differences between Solaris Zones, BSD Jails, VMs, and containers, with the author arguing that containers are not a real thing.

Endpoint Detection and Response

Stealth-ISS SOC-AS-A-SERVICE (XDR) on SecurityListing: Managed SOC service with XDR capabilities for 24/7 threat monitoring and response

Offensive Security

Tao Security on SecurityListing: Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.

API Security

U.S.T.A. Cyber Threat Intelligence Platform on SecurityListing: CTI platform monitoring deep/dark web, forums & threat actors for intel