Free Cybersecurity Tools

A lightweight Command and Control (C2) implant written in Nim that provides remote access capabilities for penetration testing and red team operations.

Exiv2 is a C++ library and command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC metadata in image files.

CSRF crumb generation and validation tool for hapi framework.

A Python-based tool for detecting XSS vulnerabilities

A dynamic multi-cloud infrastructure framework that enables rapid deployment of disposable instances pre-loaded with security tools for distributed offensive and defensive security operations.

A collection of hands-on workshops and educational content focused on AWS security services, techniques, and best practices through practical scenarios.

A set of tools for securing JavaScript projects against software supply chain attacks.

Python module for fast packet parsing with TCP/IP protocol definitions.

Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.

An annual jeopardy-style capture-the-flag contest with challenges related to cybersecurity.

Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.

DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.

A collection of automation workflows for the Shuffle security orchestration platform that covers common cybersecurity use-cases and can be customized for organizational needs.

A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.

Haaukins is an automated virtualization platform that provides hands-on cybersecurity education through capture the flag exercises in controlled vulnerable environments.

A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.

A portable Rust-based tool for acquiring volatile memory from Linux systems without requiring prior knowledge of the target OS distribution or kernel.

A Python-based engine for automatic creation of timelines in digital forensic analysis

A collection of YARA rules for research and hunting purposes.

Documentation project for Digital Forensics Artifact Repository

A one-stop online resource for cybersecurity degree programs in the US, offering information on undergraduate and graduate levels, online programs, and career options.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.

Container image definitions that create standardized testing environments for software applications with consistent dependencies and configurations.

A set of interrelated detection rules for improving detection and hunting visibility and context