Free Cybersecurity Tools

PINNED

• 

  ImmuniWeb® Discovery

  ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

  1

  Commercial

  Attack Surface Management

  Attack Surface Management

  Attack Surface

  Continuous Monitoring

  Dark Web Monitoring

  Cloud Security

  Vulnerability Management

  Compliance

  Third Party Risk

  Threat Intelligence

  Security Monitoring

  

  ImmuniWeb® Discovery

  ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

  1

  Commercial

  Attack Surface Management

  Attack Surface Management

  Attack Surface

  Continuous Monitoring

  +7
• 

  InfoSecHired

  An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

  2

  Commercial

  Resources

  Resources

  Cybersecurity

  Education

  Training

  Security Professionals

  

  InfoSecHired

  An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

  2

  Commercial

  Resources

  Resources

  Cybersecurity

  Education

  +2
• 

  Checkmarx SCA

  A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

  1

  Commercial

  Application Security

  Application Security

  Dependency Scanning

  Vulnerability Management

  Software Supply Chain

  Open Source

  Sbom

  Security Scanning

  Devsecops

  Vulnerability Detection

  

  Checkmarx SCA

  A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

  1

  Commercial

  Application Security

  Application Security

  Dependency Scanning

  Vulnerability Management

  +6
• 

  Check Point CloudGuard WAF

  A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

  1

  Commercial

  Application Security

  Web App Security

  Api Security

  Cloud Security

  Waf

  Ddos

  Bot Detection

  Machine Learning

  Api Discovery

  Threat Prevention

  Zero Day

  

  Check Point CloudGuard WAF

  A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

  1

  Commercial

  Application Security

  Web App Security

  Api Security

  Cloud Security

  +7
• 

  Orca Security

  A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

  0

  Commercial

  Cloud Security

  Cloud Security

  Cloud Native

  Vulnerability Management

  Compliance

  Container Security

  Cloud Compliance

  Api Security

  Kubernetes Security

  Security Monitoring

  Security Automation

  

  Orca Security

  A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

  0

  Commercial

  Cloud Security

  Cloud Security

  Cloud Native

  Vulnerability Management

  +7
• 

  DryRun

  A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

  1

  Commercial

  Application Security

  Application Security

  Github

  Code Security

  Static Analysis

  Security Automation

  Devsecops

  

  DryRun

  A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

  1

  Commercial

  Application Security

  Application Security

  Github

  Code Security

  +3

LATEST ADDITIONS

• 

  Paros

  A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.

  0

  Free

  Vulnerability Management

  Appsec

  Proxy

  Web App Security

  Vulnerability Assessment

  Xss

  Sql Injection

  

  Paros

  A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.

  0

  Free

  Vulnerability Management

  Appsec

  Proxy

  Web App Security

  +3
• 

  Fuzzapi

  Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.

  0

  Free

  Vulnerability Management

  Ruby

  Rails

  Docker

  Security Testing

  Api Security

  

  Fuzzapi

  Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.

  0

  Free

  Vulnerability Management

  Ruby

  Rails

  Docker

  +2
• 

  Polichombr

  A collaborative malware analysis framework with various features for automated analysis tasks.

  0

  Free

  Malware Analysis

  Malware Analysis

  Binary Analysis

  Ida Pro

  Collaboration

  Malware Detection

  

  Polichombr

  A collaborative malware analysis framework with various features for automated analysis tasks.

  0

  Free

  Malware Analysis

  Malware Analysis

  Binary Analysis

  Ida Pro

  +2
• 

  OWASP Hackademic Challenges

  A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.

  0

  Free

  Application Security

  Appsec

  Apparmor

  Apache

  Mysql

  Php

  Web App Security

  

  OWASP Hackademic Challenges

  A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.

  0

  Free

  Application Security

  Appsec

  Apparmor

  Apache

  +3
• 

  HoneyThing

  HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.

  0

  Free

  Honeypots

  Honeypot

  Router

  Security Testing

  

  HoneyThing

  HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.

  0

  Free

  Honeypots

  Honeypot

  Router

  Security Testing
• 

  Panther Detections

  A collection of detections for Panther SIEM with detailed setup instructions.

  0

  Free

  SIEM

  Siem

  Security Operations

  Security Automation

  

  Panther Detections

  A collection of detections for Panther SIEM with detailed setup instructions.

  0

  Free

  SIEM

  Siem

  Security Operations

  Security Automation
• 

  GBHackers

  GBHackers offers up-to-date cybersecurity news and insights, focusing on threats, vulnerabilities, and innovative defense strategies.

  0

  Free

  Blogs and News

  Cybersecurity

  News

  Vulnerabilities

  Threats

  

  GBHackers

  GBHackers offers up-to-date cybersecurity news and insights, focusing on threats, vulnerabilities, and innovative defense strategies.

  0

  Free

  Blogs and News

  Cybersecurity

  News

  Vulnerabilities

  +1
• 

  libsmdev

  A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.

  0

  Free

  Digital Forensics

  Digital Forensics

  Forensic Analysis

  Information Security

  Forensic Investigation

  

  libsmdev

  A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.

  0

  Free

  Digital Forensics

  Digital Forensics

  Forensic Analysis

  Information Security

  +1
• 

  sslhaf

  Passive SSL client fingerprinting tool using handshake analysis.

  0

  Free

  Network Security

  Ssl

  

  sslhaf

  Passive SSL client fingerprinting tool using handshake analysis.

  0

  Free

  Network Security

  Ssl
• 

  StegCracker

  Steganography brute-force utility with performance issues, deprecated in favor of stegseek.

  0

  Free

  Data Protection

  Steganography

  Brute Force

  File Analysis

  Data Hiding

  Security Testing

  

  StegCracker

  Steganography brute-force utility with performance issues, deprecated in favor of stegseek.

  0

  Free

  Data Protection

  Steganography

  Brute Force

  File Analysis

  +2
• 

  Factual Rules Generator

  Open source tool for generating YARA rules about installed software from a running OS.

  0

  Free

  Digital Forensics

  Appsec

  Binary Security

  File Analysis

  Forensics

  Rule Engine

  Security Audit

  

  Factual Rules Generator

  Open source tool for generating YARA rules about installed software from a running OS.

  0

  Free

  Digital Forensics

  Appsec

  Binary Security

  File Analysis

  +3
• 

  Threat Intelligence Hunter (TIH)

  TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.

  0

  Free

  Threat Management

  Ioc

  Threat Intelligence

  Python

  

  Threat Intelligence Hunter (TIH)

  TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.

  0

  Free

  Threat Management

  Ioc

  Threat Intelligence

  Python
• 

  kube-bench

  Kube-bench is a tool for checking Kubernetes security based on CIS Kubernetes Benchmark.

  0

  Free

  Cloud Security

  Kubernetes

  Security

  Benchmark

  Cis

  Kubernetes Security

  Compliance

  

  kube-bench

  Kube-bench is a tool for checking Kubernetes security based on CIS Kubernetes Benchmark.

  0

  Free

  Cloud Security

  Kubernetes

  Security

  Benchmark

  +3
• 

  SecurityTrails

  SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.

  0

  Free

  Threat Management

  Dns

  Cybercrime

  Data Enrichment

  

  SecurityTrails

  SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.

  0

  Free

  Threat Management

  Dns

  Cybercrime

  Data Enrichment