Free Cybersecurity Tools

A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.

Comprehensive business security suite with enhanced features to protect against malware, phishing, and advanced threats.

A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container, aiding in digital forensic triage.

A project focusing on understanding and combating threats to the Internet economy and net citizens.

Phish Report is inaccessible without JavaScript and cookies enabled.

A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.

Web interface for the Volatility Memory Forensics Framework

A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.

A Flask-based honeypot that simulates Outlook Web App (OWA) environments to attract and analyze malicious activities targeting OWA systems.

FSF is a modular, recursive file scanning solution that enables analysts to extend the utility of Yara signatures and define actionable intelligence within a file.

A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.

A pre-indexed Splunk security dataset and CTF platform that provides realistic security data for training, research, and educational purposes for cybersecurity professionals and students.

A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement

Pentest active directory LAB project for practicing attack techniques.

AWS IR is a Python command line utility for automated incident response and mitigation of instance and key compromises in Amazon Web Services environments.

High interaction honeypot solution for Linux systems with data control and integrity features.

ARM TrustZone provides a secure execution environment for applications on ARM processors.

A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.

A practical guide to enhancing digital investigations with cutting-edge memory forensics techniques, covering fundamental concepts, tools, and techniques for memory forensics.

SILENTTRINITY is a Python-based, asynchronous C2 framework that uses .NET scripting languages for post-exploitation activities without relying on PowerShell.

Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.

Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.

A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.

A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.