Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
YARA rules for ProcFilter to detect malware and threats
Extract local data storage of an Android application in one click.
Extract local data storage of an Android application in one click.
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
SCOT is a cybersecurity incident tracking and management platform that enables security operations centers to document, analyze, and coordinate responses to security events through collaborative workflows.
SCOT is a cybersecurity incident tracking and management platform that enables security operations centers to document, analyze, and coordinate responses to security events through collaborative workflows.
A utility for recovering deleted files from ext3 or ext4 partitions.
A utility for recovering deleted files from ext3 or ext4 partitions.
A Python 3 tool for analyzing XOR-encrypted data that can guess key lengths and decrypt XOR ciphers based on character frequency analysis.
A Python 3 tool for analyzing XOR-encrypted data that can guess key lengths and decrypt XOR ciphers based on character frequency analysis.
Andromeda makes reverse engineering of Android applications faster and easier.
Andromeda makes reverse engineering of Android applications faster and easier.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
VxSig is a Google-developed tool that automatically generates antivirus byte signatures from similar binaries for Yara and ClamAV detection engines.
VxSig is a Google-developed tool that automatically generates antivirus byte signatures from similar binaries for Yara and ClamAV detection engines.
Tool for visualizing correspondences between YARA ruleset and samples
Tool for visualizing correspondences between YARA ruleset and samples
A CLI tool for signing and verifying npm and yarn packages.
Original SmaliHook Java source for Android cracking and reversing.
A comprehensive library documenting Amazon S3 attack scenarios and risk-based mitigation strategies for cloud storage security.
A comprehensive library documenting Amazon S3 attack scenarios and risk-based mitigation strategies for cloud storage security.
A C/C++ tool for remote process injection, supporting x64 and x86 operations, with system call macros generated by SysWhispers script.
A C/C++ tool for remote process injection, supporting x64 and x86 operations, with system call macros generated by SysWhispers script.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
Offensive security tool for reconnaissance and information gathering with a wide range of features and future roadmap.
Offensive security tool for reconnaissance and information gathering with a wide range of features and future roadmap.
A super-simple, modern framework for organizing and automating cybersecurity tasks.
A super-simple, modern framework for organizing and automating cybersecurity tasks.
Ghost USB Honeypot emulates USB storage devices to detect and analyze malware that spreads via USB without requiring prior threat intelligence.
Ghost USB Honeypot emulates USB storage devices to detect and analyze malware that spreads via USB without requiring prior threat intelligence.
Best practices for corporate network segmentation to protect against basic targeted attacks
Best practices for corporate network segmentation to protect against basic targeted attacks
A library and tools to access and analyze APFS file systems
A library and tools to access and analyze APFS file systems
A library of adversary emulation plans to evaluate defensive capabilities against real-world threats.
A library of adversary emulation plans to evaluate defensive capabilities against real-world threats.
IE10Analyzer can parse and recover records from WebCacheV01.dat, providing detailed information and conversion capabilities.
IE10Analyzer can parse and recover records from WebCacheV01.dat, providing detailed information and conversion capabilities.
Dark Reading is a trusted online community for cybersecurity professionals, offering news, analysis, and insights on the latest cyber threats, technologies, and best practices.
Dark Reading is a trusted online community for cybersecurity professionals, offering news, analysis, and insights on the latest cyber threats, technologies, and best practices.
