Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2629 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.
A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.
A textmode sniffer for tracking tcp streams and capturing data in various modes.
A textmode sniffer for tracking tcp streams and capturing data in various modes.
OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.
OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.
A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.
A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.
A command-line password manager that encrypts credentials using GnuPG and stores them in YAML files with git synchronization support.
A command-line password manager that encrypts credentials using GnuPG and stores them in YAML files with git synchronization support.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
UglifyJS 3 is a JavaScript toolkit that provides parsing, minification, compression, and beautification capabilities for JavaScript code optimization and processing.
Encrypt Kubernetes Secrets into SealedSecrets for safe storage and controlled decryption within the cluster.
Encrypt Kubernetes Secrets into SealedSecrets for safe storage and controlled decryption within the cluster.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
nyx is a threat intelligence artifact distribution system that facilitates the sharing of threat intelligence indicators from various sources to defensive security systems with configurable criticality levels.
nyx is a threat intelligence artifact distribution system that facilitates the sharing of threat intelligence indicators from various sources to defensive security systems with configurable criticality levels.
FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.
FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.
PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.
PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.
Themis is an open-source cryptographic services library that provides high-level encryption and data protection capabilities for securing data during authentication, storage, messaging, and network exchange.
Themis is an open-source cryptographic services library that provides high-level encryption and data protection capabilities for securing data during authentication, storage, messaging, and network exchange.
VX-Underground is a vast online repository of malware samples, featuring various collections for cybersecurity professionals and researchers to analyze and combat cyber threats.
VX-Underground is a vast online repository of malware samples, featuring various collections for cybersecurity professionals and researchers to analyze and combat cyber threats.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
A repository documenting AppLocker bypass techniques with verified methods, legacy DLL execution approaches, and a PowerShell module for identifying AppLocker weaknesses.
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
Knowledge base workflow management dashboard for YARA rules and C2 artifacts.
Knowledge base workflow management dashboard for YARA rules and C2 artifacts.
Automatically redirect users from www to non-www for a secure connection.
Automatically redirect users from www to non-www for a secure connection.
StegSolve is a steganography analysis tool with image analysis features.
StegSolve is a steganography analysis tool with image analysis features.
Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.
Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.