Free Cybersecurity Tools
Find the right solution for your security needs without any cost.
Explore 2624 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Scalable, cost-effective application recovery to AWS.
Scalable, cost-effective application recovery to AWS.
Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.
Tool for attacking Active Directory environments through SQL Server access.
Tool for attacking Active Directory environments through SQL Server access.
Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.
Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.
A community website for API security news, vulnerabilities, and best practices
A community website for API security news, vulnerabilities, and best practices
A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.
A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.
Python library for building Docker images with advanced features.
A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.
A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.
APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.
APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.
Fernflower is an analytical decompiler for Java with command-line options and support for external classes.
Fernflower is an analytical decompiler for Java with command-line options and support for external classes.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.