Free Cybersecurity Tools
Find the right solution for your security needs without any cost.
Explore 2631 curated cybersecurity tools, with 14,549+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
FREE
A free book providing design and implementation guidelines for writing secure programs in various languages.
A free book providing design and implementation guidelines for writing secure programs in various languages.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A StalkPhish Project YARA repository for Phishing Kits zip files.
A StalkPhish Project YARA repository for Phishing Kits zip files.
Automatic authorization enforcement detection extension for Burp Suite
Automatic authorization enforcement detection extension for Burp Suite
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
A post-exploitation framework for attacking AWS infrastructure, enabling attacks on EC2 instances without SSH keypairs and extraction of AWS secrets and parameters.
A shellcode generator that creates position-independent code for loading and executing .NET Assemblies, PE files, and Windows payloads from memory.
A shellcode generator that creates position-independent code for loading and executing .NET Assemblies, PE files, and Windows payloads from memory.
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
A deep dive into the Ledger connect-kit compromise decryption process.
A deep dive into the Ledger connect-kit compromise decryption process.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.
A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.
Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.
Facilitating exchange of information and knowledge to collectively protect against cyberattacks.
Facilitating exchange of information and knowledge to collectively protect against cyberattacks.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.
A Python-based tool for subdomain enumeration and analysis
A Python-based tool for subdomain enumeration and analysis
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
The best security training environment for Developers and AppSec Professionals.
The best security training environment for Developers and AppSec Professionals.
A security dataset and CTF platform available in full (16.4GB) and attack-only (3.2GB) versions, pre-indexed for Splunk to help security professionals practice analysis skills.
A security dataset and CTF platform available in full (16.4GB) and attack-only (3.2GB) versions, pre-indexed for Splunk to help security professionals practice analysis skills.
A book that helps improve Docker security by covering risks and countermeasures
A book that helps improve Docker security by covering risks and countermeasures
MagSpoof is a hardware device that emulates magnetic stripe cards using electromagnetic fields for security research and educational purposes.
MagSpoof is a hardware device that emulates magnetic stripe cards using electromagnetic fields for security research and educational purposes.
