Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2627 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Firewall, Blackhole, and Privatizing Proxy for macOS with comprehensive security features.
Firewall, Blackhole, and Privatizing Proxy for macOS with comprehensive security features.
A simple file format fuzzer for Android that can fuzz multiple readers at once
A simple file format fuzzer for Android that can fuzz multiple readers at once
A semi-automatic tool to generate YARA rules from virus samples.
A semi-automatic tool to generate YARA rules from virus samples.
A knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.
A knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.
A set of PHP scripts for practicing LFI, RFI, and CMD injection vulnerabilities.
A set of PHP scripts for practicing LFI, RFI, and CMD injection vulnerabilities.
SharpAppLocker provides a C# adaptation of the Get-AppLockerPolicy cmdlet for managing application control policies.
SharpAppLocker provides a C# adaptation of the Get-AppLockerPolicy cmdlet for managing application control policies.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.
A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
