Welcome to TroGuard π‘οΈ
An organized collection of cybersecurity tools and references, highlighting resources relevant to various defensive tasks. Some tools may fit into multiple categories and are listed wherever they apply. You donβt need to master every tool, do your research and master two or three, and become familiar with the rest.
Categories
Security Frameworks & Compliance
Network Monitoring & Traffic Analysis
Security Information and Event Management (SIEM)
Intrusion Detection & Prevention
Endpoint Detection & Response (EDR)
Incident Response
Log Management & Analysis
Malware Analysis
- PEStudio
- Detect It Easy (DIE)
- PEiD
- CFF Explorer
- PEview
- Dependency Walker
- FileInsight
- Hex Fiend
- HxD
- TrID
- FLOSS
- CAPA
- peepdf
- pdfid.py
- pdf-parser.py
- OLE tools (Oleid, Olemeta, Oletime, Olemap)
- Olevba
- oledump.py
- ViperMonkey
- CyberChef
- Ghidra
- IDA Pro
- Radare2
- Binary Ninja
- YARA
- YARAify
- Loki
- Process Hacker
- RETDEC
- Cuckoo Sandbox
- Windows Sandbox
- ANY.RUN
- Hybrid Analysis
- Joe Sandbox
- REMnux
- FLARE VM
- Process Monitor (Procmon)
- Process Explorer
- Regshot
- API Monitor
- API Logger
- x32dbg
- x64dbg
- OllyDbg
Forensics
Threat Intelligence
Vulnerability Management
Identity & Access Management (IAM)
Security Policy Enforcement & Configuration Management
Backup & Recovery
Deception Technologies
Network Access Control (NAC)
Data Loss Prevention (DLP)
User Behavior Analytics (UBA) / UEBA
Cloud Security Posture Management (CSPM)
- AWS Security Hub
- AWS Config
- Microsoft Defender for Cloud (Azure Security Center)
- Azure Policy
- Google Cloud Security Command Center
- Prisma Cloud (Palo Alto Networks)
- Wiz
- Orca Security
- Lacework
- Check Point CloudGuard
- Tenable.cs (Tenable Cloud Security)
- Qualys CloudView
- Trend Micro Cloud One Conformity
- Aqua Security (cloud & container posture)