Free & Open Source Security Tools

OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.

Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.

Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.

EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.

A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.

A collaborative repository documenting TTPs and attack patterns associated with malicious OIDC/OAuth 2.0 applications.

An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.

A visual guide that maps attack vectors and exploitation techniques for identifying vulnerabilities in GitHub Actions configurations and CI/CD pipelines.

ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.

A comprehensive repository of red teaming resources including cheatsheets, detailed notes, automation scripts, and practice platforms covering multiple cybersecurity domains.

The Cloudflare Learning Center provides educational resources covering various cybersecurity and internet-related topics, including DDoS attacks, CDNs, DNS, web application security, serverless computing, encryption protocols, bots, cloud computing, Zero Trust security, SASE, networking, data privacy, video streaming, email security, and AI.

LLM Guard is a security toolkit that enhances the safety and security of interactions with Large Language Models (LLMs) by providing features like sanitization, harmful language detection, data leakage prevention, and resistance against prompt injection attacks.

Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.

A tool to easily automate and multithread your pentesting and bug bounty workflow without any coding

A Docker-based penetration testing toolkit that provides a portable environment with GUI support and pre-installed security tools for web application testing and CTF activities.

Fetches known URLs from various sources for a given domain

Kunai is a Linux-based system monitoring tool that provides real-time monitoring and threat hunting capabilities.

Grype is a vulnerability scanner for container images and filesystems that scans for known vulnerabilities and supports various image formats.

A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.

A binary analysis platform for analyzing binary programs

A powerful reverse engineering framework

A reverse engineering framework with a focus on usability and code cleanliness

A Python library for working with network protocols

BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.