Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
Knowledge base workflow management dashboard for YARA rules and C2 artifacts.
Knowledge base workflow management dashboard for YARA rules and C2 artifacts.
Automatically redirect users from www to non-www for a secure connection.
Automatically redirect users from www to non-www for a secure connection.
StegSolve is a steganography analysis tool with image analysis features.
StegSolve is a steganography analysis tool with image analysis features.
Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.
Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.
A library to access and parse Windows Shortcut File (LNK) format.
A library to access and parse Windows Shortcut File (LNK) format.
InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.
InvisibilityCloak is a proof-of-concept C# code obfuscation toolkit designed for red teaming and penetration testing to conceal post-exploitation tools from detection.
Provision, manage, and renew SSL/TLS certificates for your AWS resources with AWS Certificate Manager.
Provision, manage, and renew SSL/TLS certificates for your AWS resources with AWS Certificate Manager.
A tool to leak git repositories from misconfigured websites
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
Educational repository containing RPISEC's course materials for teaching modern binary exploitation, vulnerability research, and reverse engineering at Rensselaer Polytechnic Institute.
Educational repository containing RPISEC's course materials for teaching modern binary exploitation, vulnerability research, and reverse engineering at Rensselaer Polytechnic Institute.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.
Darkarmour is an open-source Windows antivirus evasion framework that enables security professionals to bypass antivirus detection through customizable obfuscation and anti-analysis techniques.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A crawler-based low-interaction client honeypot for exposing website threats.
A crawler-based low-interaction client honeypot for exposing website threats.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
Cybersecurity conference with talks on privacy, security monitoring, ransomware, and more.
Cybersecurity conference with talks on privacy, security monitoring, ransomware, and more.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A medium-interaction PostgreSQL honeypot with configurable settings
A medium-interaction PostgreSQL honeypot with configurable settings
Incident response and case management solution for efficient incident response and management.
Incident response and case management solution for efficient incident response and management.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
