Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.
Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.
A serverless SOAR framework for AWS GuardDuty that automatically executes configurable response actions based on security findings and threat severity.
A serverless SOAR framework for AWS GuardDuty that automatically executes configurable response actions based on security findings and threat severity.
DIVA Android is an intentionally vulnerable Android application designed to teach security professionals and developers about mobile application security flaws through hands-on learning.
DIVA Android is an intentionally vulnerable Android application designed to teach security professionals and developers about mobile application security flaws through hands-on learning.
libevt is a library to access and parse Windows Event Log (EVT) files.
libevt is a library to access and parse Windows Event Log (EVT) files.
A unified repository for different Metasploit Framework payloads.
A unified repository for different Metasploit Framework payloads.
Guidance on securing NFS in Red Hat Enterprise Linux 7
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.
A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.
Repository of pcap traces for evaluating Network Intrusion Detection Systems in HVAC systems.
Repository of pcap traces for evaluating Network Intrusion Detection Systems in HVAC systems.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
A comprehensive guide to mobile application penetration testing, covering various topics and techniques
A comprehensive guide to mobile application penetration testing, covering various topics and techniques
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
Extracts resources (bitmaps, icons, cursors, AVI movies, HTML files, and more) from dll files
Extracts resources (bitmaps, icons, cursors, AVI movies, HTML files, and more) from dll files
Checkov is a static analysis tool that scans infrastructure as code and performs software composition analysis to detect security misconfigurations and vulnerabilities in cloud infrastructure and dependencies.
Checkov is a static analysis tool that scans infrastructure as code and performs software composition analysis to detect security misconfigurations and vulnerabilities in cloud infrastructure and dependencies.
A honeypot tool that simulates an open relay to capture and analyze spam
A honeypot tool that simulates an open relay to capture and analyze spam
A tool for processing compiled YARA rules in IDA.
A tool for processing compiled YARA rules in IDA.
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
An evolving how-to guide for securing a Linux server with detailed steps and explanations.
An evolving how-to guide for securing a Linux server with detailed steps and explanations.
IT Security Guru provides up-to-date news and expert insights on a wide range of cybersecurity topics.
IT Security Guru provides up-to-date news and expert insights on a wide range of cybersecurity topics.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
A proof of concept for using the SSM Agent in Fargate for incident response
A proof of concept for using the SSM Agent in Fargate for incident response
A comprehensive collection of SQL injection syntax references and payloads for testing various database management systems during penetration testing and security assessments.
A comprehensive collection of SQL injection syntax references and payloads for testing various database management systems during penetration testing and security assessments.
