Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
FingerprintX is a standalone utility for service discovery on open ports.
FingerprintX is a standalone utility for service discovery on open ports.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
A cross-platform post-exploitation HTTP/2 Command & Control framework designed specifically for testing and exploiting containerized environments including Docker and Kubernetes.
A collection of command reference cheatsheets for penetration testing tools and security utilities, designed to help security professionals quickly recall important but infrequently used commands.
A collection of command reference cheatsheets for penetration testing tools and security utilities, designed to help security professionals quickly recall important but infrequently used commands.
A Linux-based environment for penetration testing and vulnerability exploitation
A Linux-based environment for penetration testing and vulnerability exploitation
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
A tool for extracting IOCs from various input sources and converting them into JSON format.
A tool for extracting IOCs from various input sources and converting them into JSON format.
Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.
Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.
A reference guide listing 44 advanced Google search operators for enhanced search filtering and precision in information gathering activities.
A reference guide listing 44 advanced Google search operators for enhanced search filtering and precision in information gathering activities.
Kubernetes security platform with industry standard open source utilities for securing Kubernetes clusters and apps.
Kubernetes security platform with industry standard open source utilities for securing Kubernetes clusters and apps.
A parsing tool for Yara Scan Service's JSON output file to help maximize benefits and automate parsing of Yara Scan Service results.
A parsing tool for Yara Scan Service's JSON output file to help maximize benefits and automate parsing of Yara Scan Service results.
Code injection library for OS X with cross-architecture support.
Scan files with Yara, match findings to VirusTotal comments.
Scan files with Yara, match findings to VirusTotal comments.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.
A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.
Set up IPsec VPN server in just a few minutes with IPsec/L2TP, Cisco IPsec, and IKEv2.
Set up IPsec VPN server in just a few minutes with IPsec/L2TP, Cisco IPsec, and IKEv2.
Highlighter is a FireEye Market app that integrates with FireEye products to provide enhanced cybersecurity capabilities.
Highlighter is a FireEye Market app that integrates with FireEye products to provide enhanced cybersecurity capabilities.
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.
Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.
Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.
A disassembly framework with support for multiple hardware architectures and clean API.
A disassembly framework with support for multiple hardware architectures and clean API.
This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.
This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.
A framework for improving detection strategies and alert efficacy.
A framework for improving detection strategies and alert efficacy.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
AWS Cloud Security offers security services and compliance tools for securing data and applications on AWS.
