Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2627 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Leveraging WebDAV features for covert communication and payload delivery.
Leveraging WebDAV features for covert communication and payload delivery.
DECAF++ is a fast whole-system dynamic taint analysis framework with improved performance and elasticity.
DECAF++ is a fast whole-system dynamic taint analysis framework with improved performance and elasticity.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
A Live CD and Live USB for penetration testing and security assessment
A Live CD and Live USB for penetration testing and security assessment
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
YARA rules for ProcFilter to detect malware and threats
YARA rules for ProcFilter to detect malware and threats
Extract local data storage of an Android application in one click.
Extract local data storage of an Android application in one click.