Free & Open Source Security Tools

Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.

A community website for API security news, vulnerabilities, and best practices

A dynamic redirect rules generator that creates custom redirect configurations for penetration testing and security assessment scenarios.

Atomic Reactor is a Python library and CLI tool for building Docker images with advanced features including Git integration, registry operations, and build system integration.

A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.

APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.

A tool for sorting YARA rules based on metadata.

Fernflower is an analytical decompiler for Java with command-line options and support for external classes.

Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.

Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.

The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.

A command-line tool that performs automated IAM policy security linting across AWS accounts and organizations using AWS Access Analyzer validation.

MockSSH is a testing tool that emulates operating systems behind SSH servers to enable automation testing without requiring access to real servers.

Fleet is an open-source endpoint management platform that provides device management, vulnerability reporting, and security monitoring capabilities for IT and security teams managing large computer environments.

CLI tool for ThreatCrowd.org with multiple query functions.

Port listener / honeypot in Rust with protocol guessing, safe string display and rudimentary SQLite logging.

A collection of free cloud security research articles by Rhino Security Labs covering AWS, Azure, and GCP security topics including best practices, vulnerability assessments, and threat mitigation strategies.

A library for working with Windows NT data types, providing access and manipulation functions.

A modular web application honeypot framework with automation and logging capabilities.

wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.

A comprehensive guide for system administrators to detect and identify potential security threats on Windows 2000 systems.

Recorded talks from Hack.lu 2018 covering various cybersecurity topics.

SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.

An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.