Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2627 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Companion repository for deploying osquery in a production environment with tailored query packs.
Companion repository for deploying osquery in a production environment with tailored query packs.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
A cloud-native, event-driven data pipeline toolkit for security teams with extensible data processing and serverless deployment.
A cloud-native, event-driven data pipeline toolkit for security teams with extensible data processing and serverless deployment.
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions
Find books at your favorite store and stay updated on new features with Universal Book Links.
Find books at your favorite store and stay updated on new features with Universal Book Links.
A tool for building and installing PhoneyC with optional Python version configuration and root privileges.
A tool for building and installing PhoneyC with optional Python version configuration and root privileges.
A command line tool for running SQL queries on PCAP files with various output options and a simplistic web-server.
A command line tool for running SQL queries on PCAP files with various output options and a simplistic web-server.
![GoatseLinux: It's Wide Open [tm] GSL Logo](/_next/image?url=https%3A%2F%2Fkcjlih8bwjd7vpzd.public.blob.vercel-storage.com%2Ficon-C3N70BiSYlBtat0YrXUygAEzNLFIXF.webp&w=3840&q=75)
A VMware image for penetration testing purposes
![GoatseLinux: It's Wide Open [tm] GSL Logo](/_next/image?url=https%3A%2F%2Fkcjlih8bwjd7vpzd.public.blob.vercel-storage.com%2Ficon-C3N70BiSYlBtat0YrXUygAEzNLFIXF.webp&w=96&q=75)
A VMware image for penetration testing purposes
Level 400 training to become a Microsoft Sentinel Ninja.
Level 400 training to become a Microsoft Sentinel Ninja.
A tool for translating Dalvik bytecode to Java bytecode for analyzing Android applications.
A tool for translating Dalvik bytecode to Java bytecode for analyzing Android applications.
A full python tool for analyzing Android files with various functionalities.
A full python tool for analyzing Android files with various functionalities.
A method for log volume reduction without losing analytical capability.
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.