Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
A collection of payloads and methodologies for web pentesting.
A golang utility to spider through a website searching for additional links.
A golang utility to spider through a website searching for additional links.
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
A tool for enumerating subdomains of a given domain
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
A next-generation crawling and spidering framework for extracting data from websites
A next-generation crawling and spidering framework for extracting data from websites
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses
A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses
A tool to generate a PNG image containing a XSS payload
A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.
A Python tool that tests multiple AWS S3 buckets for security misconfigurations including directory listing and upload permissions.
A Go-based web spider tool for automated crawling and data collection from web resources across multiple protocols and formats.
A Go-based web spider tool for automated crawling and data collection from web resources across multiple protocols and formats.
A multithreaded vulnerability scanner for web-based applications
A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.
A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
A python tool for discovering endpoints, parameters, and wordlists in a given target
A python tool for discovering endpoints, parameters, and wordlists in a given target
