Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2627 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A pure Python parser for Windows Event Log files with access to File and Chunk headers, record templates, and event entries.
Research project on bypassing default Falco ruleset with Dockerfile for sshayb/fuber:latest image.
Research project on bypassing default Falco ruleset with Dockerfile for sshayb/fuber:latest image.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.
Interactive challenges demonstrating attacks on real-world cryptography.
Interactive challenges demonstrating attacks on real-world cryptography.
A collaborative and open-source incident response platform for sharing observables among analysts.
A collaborative and open-source incident response platform for sharing observables among analysts.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
A script for setting up a dionaea and kippo honeypot using Docker images.
A script for setting up a dionaea and kippo honeypot using Docker images.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
Automatic tool for pentesting XSS attacks against different applications
Automatic tool for pentesting XSS attacks against different applications
CyberScoop is a leading media brand providing news and event coverage to top cybersecurity leaders through its website, newsletter, events, radio, and TV.
CyberScoop is a leading media brand providing news and event coverage to top cybersecurity leaders through its website, newsletter, events, radio, and TV.
Smart traffic sniffing tool for penetration testers