Free Cybersecurity Tools

A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.

Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.

Solve password-riddles on a website without logins or ads.

A simple web-based interface for subdomain enumeration using the subfinder tool.

An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.

A simple maturity model for enterprise detection and response

Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.

SharpShares efficiently enumerates and maps network shares and resolves names within a domain.

An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.

Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.

A comprehensive guide to reverse engineering by Dennis Yurichev, available for free download in multiple languages and formats, with praise from cybersecurity experts.

FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.

Automatic YARA rule generation for malware repositories.

A tool for dynamic analysis of mobile applications in a controlled environment.

PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.

A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.

Automatic YARA rule generator based on Koodous reports with limited false positives.

SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.

A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.

FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.

Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.

A multi-threaded intrusion detection system using Yara for network and stream IDS

A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.

A tool for recovering files by scanning block devices and extracting them based on 'magic bytes' in file contents.