Free Cybersecurity Tools

PINNED

• 

  CTIChef.com Detection Feeds

  A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

  0

  Commercial

  Threat Management

  Threat Intelligence

  Detection Rules

  Siem

  Security Operations

  Cti

  Threat Detection

  Security Monitoring

  Rule Management

  Threat Hunting

  Security Information And Event Management

  

  CTIChef.com Detection Feeds

  A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

  0

  Commercial

  Threat Management

  Threat Intelligence

  Detection Rules

  Siem

  +7
• 

  OSINTLeak

  OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

  2

  Commercial

  Digital Forensics

  Osint

  Information Security

  Security Tools

  Data Breach

  Reconnaissance

  Security Research

  Threat Intelligence

  Red Team

  Blue Team

  Vulnerability Assessment

  

  OSINTLeak

  OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

  2

  Commercial

  Digital Forensics

  Osint

  Information Security

  Security Tools

  +7
• 

  ImmuniWeb® Discovery

  ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

  0

  Commercial

  Attack Surface Management

  Attack Surface Management

  Attack Surface

  Continuous Monitoring

  Dark Web Monitoring

  Cloud Security

  Vulnerability Management

  Compliance

  Third Party Risk

  Threat Intelligence

  Security Monitoring

  

  ImmuniWeb® Discovery

  ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

  0

  Commercial

  Attack Surface Management

  Attack Surface Management

  Attack Surface

  Continuous Monitoring

  +7
• 

  Checkmarx SCA

  A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

  1

  Commercial

  Application Security

  Application Security

  Dependency Scanning

  Vulnerability Management

  Software Supply Chain

  Open Source

  Sbom

  Security Scanning

  Devsecops

  Vulnerability Detection

  

  Checkmarx SCA

  A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

  1

  Commercial

  Application Security

  Application Security

  Dependency Scanning

  Vulnerability Management

  +6
• 

  Orca Security

  A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

  0

  Commercial

  Cloud Security

  Cloud Security

  Cloud Native

  Vulnerability Management

  Compliance

  Container Security

  Cloud Compliance

  Api Security

  Kubernetes Security

  Security Monitoring

  Security Automation

  

  Orca Security

  A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

  0

  Commercial

  Cloud Security

  Cloud Security

  Cloud Native

  Vulnerability Management

  +7
• 

  DryRun

  A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

  1

  Commercial

  Application Security

  Application Security

  Github

  Code Security

  Static Analysis

  Security Automation

  Devsecops

  

  DryRun

  A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

  1

  Commercial

  Application Security

  Application Security

  Github

  Code Security

  +3

LATEST ADDITIONS

• 

  WPSpider

  A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.

  0

  Free

  Application Security

  Wordpress

  Security Scanning

  

  WPSpider

  A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.

  0

  Free

  Application Security

  Wordpress

  Security Scanning
• 

  LFI-files

  A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities

  0

  Free

  Malware Analysis

  Lfi

  Bruteforce

  File Inclusion

  Vulnerability Exploitation

  

  LFI-files

  A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities

  0

  Free

  Malware Analysis

  Lfi

  Bruteforce

  File Inclusion

  +1
• 

  B-XSSRF

  A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities

  0

  Free

  Malware Analysis

  Blind Xss

  Xxe

  Ssrf

  Vulnerability Detection

  Security Testing

  Web App Security

  

  B-XSSRF

  A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities

  0

  Free

  Malware Analysis

  Blind Xss

  Xxe

  Ssrf

  +3
• 

  Findomain

  A tool for domain recognition and subdomain monitoring

  0

  Free

  Network Security

  

  Findomain

  A tool for domain recognition and subdomain monitoring

  0

  Free

  Network Security
• 

  git-dumper

  A tool to dump a Git repository from a website

  0

  Free

  Miscellaneous

  Git

  Repository

  Web Scraping

  Penetration Testing

  Security Research

  

  git-dumper

  A tool to dump a Git repository from a website

  0

  Free

  Miscellaneous

  Git

  Repository

  Web Scraping

  +2
• 

  GitTools

  A collection of tools for extracting and analyzing information from .git repositories

  0

  Free

  Digital Forensics

  Git

  Web App Security

  File Analysis

  Binary Security

  File Patching

  

  GitTools

  A collection of tools for extracting and analyzing information from .git repositories

  0

  Free

  Digital Forensics

  Git

  Web App Security

  File Analysis

  +2
• 

  Injectus

  A CRLF and open redirect fuzzer

  0

  Free

  Offensive Security

  Fuzzer

  Open Redirect

  Security Testing

  Vulnerability Scanning

  

  Injectus

  A CRLF and open redirect fuzzer

  0

  Free

  Offensive Security

  Fuzzer

  Open Redirect

  Security Testing

  +1
• 

  cnames

  A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.

  0

  Free

  Network Security

  Dns

  Subdomain

  

  cnames

  A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.

  0

  Free

  Network Security

  Dns

  Subdomain
• 

  ParamPamPam

  A tool for detecting and exploiting vulnerabilities in web applications

  0

  Free

  Vulnerability Management

  Appsec

  App Security

  Fuzzing

  Sql Injection

  Xss

  Web App Security

  

  ParamPamPam

  A tool for detecting and exploiting vulnerabilities in web applications

  0

  Free

  Vulnerability Management

  Appsec

  App Security

  Fuzzing

  +3
• 

  Burp Anonymous Cloud

  Burp extension for identifying cloud buckets and testing for vulnerabilities

  0

  Free

  Cloud Security

  Cloud Security

  Vulnerability Scanning

  Shodan

  

  Burp Anonymous Cloud

  Burp extension for identifying cloud buckets and testing for vulnerabilities

  0

  Free

  Cloud Security

  Cloud Security

  Vulnerability Scanning

  Shodan
• 

  screenshoteer

  A command-line tool for taking website screenshots and mobile emulations

  0

  Free

  Miscellaneous

  Web Security

  Screenshot

  Command Line Tool

  Testing

  Automation

  

  screenshoteer

  A command-line tool for taking website screenshots and mobile emulations

  0

  Free

  Miscellaneous

  Web Security

  Screenshot

  Command Line Tool

  +2
• 

  Turbo Intruder Scripts

  A collection of scripts for Turbo Intruder, a penetration testing tool

  0

  Free

  Offensive Security

  Penetration Testing

  Security Research

  Automation

  Scripting

  

  Turbo Intruder Scripts

  A collection of scripts for Turbo Intruder, a penetration testing tool

  0

  Free

  Offensive Security

  Penetration Testing

  Security Research

  Automation

  +1
• 

  eyeballer

  A tool for analyzing pentest screenshots using a convolutional neural network

  0

  Free

  Digital Forensics

  Machine Learning

  Pentest

  Vulnerability Detection

  

  eyeballer

  A tool for analyzing pentest screenshots using a convolutional neural network

  0

  Free

  Digital Forensics

  Machine Learning

  Pentest

  Vulnerability Detection
• 

  Singularity

  A DNS rebinding attack framework for security researchers and penetration testers.

  0

  Free

  Offensive Security

  Dns Rebinding

  Penetration Testing

  Security Research

  Web Application Security

  Network Security

  

  Singularity

  A DNS rebinding attack framework for security researchers and penetration testers.

  0

  Free

  Offensive Security

  Dns Rebinding

  Penetration Testing

  Security Research

  +2