Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2627 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
Search gadgets on binaries to facilitate ROP exploitation.
Python library and command line tools for log visualization with interactive plots.
Python library and command line tools for log visualization with interactive plots.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.
A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.
A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.
Open-source rules for detecting and preventing email attacks like BEC, malware, and credential phishing.
Open-source rules for detecting and preventing email attacks like BEC, malware, and credential phishing.
Interactive computational environment for code execution, text, and media combination.
Interactive computational environment for code execution, text, and media combination.
A digital forensic tool for creating forensic images of computer hard drives and analyzing digital evidence.
A digital forensic tool for creating forensic images of computer hard drives and analyzing digital evidence.
Repository of APT-related documents and notes sorted by year.
Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.
Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.
Schneier on Security provides expert analysis and commentary on a wide range of security issues.
Schneier on Security provides expert analysis and commentary on a wide range of security issues.