Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2625 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
A free online service that scans the dark web for exposed credentials and sensitive data associated with specific domains or email addresses.
A free online service that scans the dark web for exposed credentials and sensitive data associated with specific domains or email addresses.
SafeLine WAF is an open-source web application firewall that protects web services by filtering malicious HTTP traffic through intelligent semantic analysis and machine learning-based detection.
SafeLine WAF is an open-source web application firewall that protects web services by filtering malicious HTTP traffic through intelligent semantic analysis and machine learning-based detection.
A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.
A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.
An automated web application security scanner that evaluates JavaScript library vulnerabilities and HTTP security headers to assess website security posture.
An automated web application security scanner that evaluates JavaScript library vulnerabilities and HTTP security headers to assess website security posture.
A threat intelligence platform that monitors, analyzes, and provides detailed information about threat actors targeting non-human identities across various industries.
A threat intelligence platform that monitors, analyzes, and provides detailed information about threat actors targeting non-human identities across various industries.
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
A newsletter service that tracks and reports weekly changes in detection engineering rules and updates across multiple GitHub repositories.
A newsletter service that tracks and reports weekly changes in detection engineering rules and updates across multiple GitHub repositories.
A low-interaction honeypot that simulates network services to detect and monitor potential intrusion attempts on internal networks.
A low-interaction honeypot that simulates network services to detect and monitor potential intrusion attempts on internal networks.
A command-line tool that scans NPM packages and ZIP files to detect exposed secrets and sensitive credentials in source code and configuration files.
A command-line tool that scans NPM packages and ZIP files to detect exposed secrets and sensitive credentials in source code and configuration files.
AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.
AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.
OpenFHE is an open-source library implementing post-quantum Fully Homomorphic Encryption schemes with simplified APIs and cross-platform support.
OpenFHE is an open-source library implementing post-quantum Fully Homomorphic Encryption schemes with simplified APIs and cross-platform support.