Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
International cybersecurity festival for all, who wants to dive into the world of cyber security and have a great time.
International cybersecurity festival for all, who wants to dive into the world of cyber security and have a great time.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.
Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
A CLI tool for bulk deletion and inspection of AWS resources to clean up testing accounts and prevent unnecessary charges.
A CLI tool for bulk deletion and inspection of AWS resources to clean up testing accounts and prevent unnecessary charges.
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A multiarch honeypot platform supporting 20+ honeypots and offering visualization options and security tools.
A multiarch honeypot platform supporting 20+ honeypots and offering visualization options and security tools.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
An open-source network security monitoring tool.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
An open source platform for secure remote access management with granular access control
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
Forensic imaging program with full hash authentication and various acquisition options.
Forensic imaging program with full hash authentication and various acquisition options.
PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.
PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.
Sample detection rules and dashboards for Google Security Operations
Sample detection rules and dashboards for Google Security Operations
Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.
Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.
