Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
A command-line tool that discovers and catalogs all AWS resources across an account using botocore, outputting results in JSON format.
A command-line tool that discovers and catalogs all AWS resources across an account using botocore, outputting results in JSON format.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.
Curated datasets for developing and testing detections in SIEM installations.
Curated datasets for developing and testing detections in SIEM installations.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
Parse YARA rules into a dictionary representation.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
Dump iOS Frequent Locations from StateModel#.archive files.
Dump iOS Frequent Locations from StateModel#.archive files.
An Event Hub to gather, process, and monitor system events and link them to an inventory.
An Event Hub to gather, process, and monitor system events and link them to an inventory.
Markdown version of OWASP Testing Checklist v4 for various platforms.
Markdown version of OWASP Testing Checklist v4 for various platforms.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.
SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.
SentryPeer is a fraud detection tool that monitors and detects fraudulent activities on SIP servers, capturing IP addresses and phone numbers of suspicious activities and providing a notification system to service providers.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
A comprehensive guide for computer security incident handling, providing guidelines for establishing incident response capabilities and handling incidents efficiently and effectively.
A comprehensive guide for computer security incident handling, providing guidelines for establishing incident response capabilities and handling incidents efficiently and effectively.
A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.
A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
A library for accessing and parsing OLE 2 Compound File (OLECF) format files, including Microsoft Office documents and thumbs.db files.
A library for accessing and parsing OLE 2 Compound File (OLECF) format files, including Microsoft Office documents and thumbs.db files.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for offensive security assessments.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
Detects steganography-hidden data in PNG and BMP image files
Detects steganography-hidden data in PNG and BMP image files
