Free Cybersecurity Tools

Define and validate YARA rule metadata with CCCS YARA Specification.

Globally-accessible knowledge base of adversary tactics and techniques for cybersecurity.

Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.

Zui is a desktop application for data exploration and analysis that provides drag-and-drop data ingestion, automatic format detection, and interactive querying capabilities for structured and semi-structured data.

AzureGoat is a deliberately vulnerable Azure cloud infrastructure that incorporates OWASP Top 10 vulnerabilities and Azure service misconfigurations for security training and penetration testing practice.

CobaltBus integrates Cobalt Strike with Azure Service Bus to create covert C2 communication channels for red team operations.

NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.

Automated signature creation using honeypots for network intrusion detection systems.

GAUNTLT - Security and Rugged Testing tool

A comprehensive reference guide providing practical examples and commands for using Hashcat to crack various types of password hashes.

A complete suite of tools for assessing WiFi network security with capabilities for monitoring, attacking, testing, and cracking.

A platform to learn SQL injection techniques and methods

A collection of AWS security benchmark resources including CIS Foundations Benchmark 1.1, best practices guides, and configuration documentation for securing Amazon Web Services environments.

Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.

A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.

A comprehensive guide to navigating the world of secure messaging apps, providing insights and recommendations to help you make an informed decision.

A comprehensive resource for securing Active Directory, including attack methods and effective defenses.

A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).

A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.

ROPgadget is a cross-platform command-line tool that searches for ROP gadgets in binary files across multiple architectures to facilitate exploit development and ROP chain construction.

A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.

Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.

A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.

Open-source rules for detecting and preventing email attacks like BEC, malware, and credential phishing.