Free Cybersecurity Tools

A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.

A standardized framework for describing and classifying cybersecurity incidents

A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.

A comprehensive guide for implementing best practices in cybersecurity across various systems.

A leading technology media brand providing news, analysis, and opinion on IT leadership and digital transformation.

Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.

A collection of vulnerable ARM binaries designed for educational exploit development and vulnerability research practice across different architectures and exploitation techniques.

A proof-of-concept for an adaptive parallelised DNS prober

Syrup is a Go-based SSH honeypot that simulates SSH services with fake shells, session recording, and comprehensive logging to monitor and analyze unauthorized access attempts.

CSET is a free Windows-based tool that helps organizations identify cybersecurity vulnerabilities in enterprise and industrial control systems using hybrid risk and standards-based assessment approaches.

Pwntools is a Python CTF framework and exploit development library that provides tools for rapid prototyping and development of exploits and CTF challenge solutions.

Chameleon aids in evading proxy categorization to bypass internet filters.

Developing APIs to access memory on industrial control system devices.

High-interaction SSH honeypot for logging SSH proxy with ongoing development.

FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity

Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.

CFRipper is a security analyzer for AWS CloudFormation templates that identifies vulnerabilities and misconfigurations before cloud deployment.

A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

International cybersecurity festival for all, who wants to dive into the world of cyber security and have a great time.

A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.

Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.