Free Cybersecurity Tools

Enhance the security and privacy of Apple silicon Mac computers with incremental changes and user capability.

Interactive malware hunting service with live access to the heart of an incident.

Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.

InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.

S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.

A cybersecurity blog from Microsoft, featuring articles and guides on various security topics, including AI, threat intelligence, cloud security, and incident response.

Varna is an AWS serverless security tool that monitors CloudTrail logs using Event Query Language to detect and alert on suspicious activities in cloud environments.

Krampus is an AWS resource management tool that automates the deletion and disabling of cloud objects based on JSON task files for security remediation and cost control.

C3 is a framework by WithSecureLabs for rapid prototyping of custom command and control channels that integrates with existing offensive security toolkits.

An open-source OSINT honeypot that monitors threat actor reconnaissance attempts and generates early-warning intelligence for blue teams during the pre-attack phase.

A company that helps organizations create security-aware teams and produce bug-free software.

A malware/botnet analysis framework with a focus on network analysis and process comparison.

netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.

A tool for creating encrypted volumes with self-destruction capabilities that automatically destroy data when tampering is detected or commands are issued.

A modern tool for Windows kernel exploration and observability with a focus on security.

A conference featuring talks and workshops on various Python-related topics.

A C-based steganographic tool that hides files within WAV audio files using least significant bit encoding techniques.

A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.

ENISA Training Resources offers online training material for cybersecurity specialists, covering technical areas such as artefact handling and analysis.

An educational cybersecurity knowledge repository that compiles and presents hacking and cybersecurity information in an accessible format for learning purposes.

NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.

A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.

An article in Phrack Magazine discussing the creation of shellcode for StrongARM/Linux architecture.

CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.