Free Cybersecurity Tools

Shuffle Automation is an accessible automation platform that provides workflow automation capabilities for security operations with both self-hosted and cloud deployment options.

Open source Python library for NTFS analysis

A collection of CTF write-ups demonstrating the use of pwntools for solving binary exploitation challenges across various cybersecurity competitions.

Hale is a modular botnet command and control monitoring tool that tracks C&C server communications across multiple protocols with web-based analysis interface and collaborative research capabilities.

A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.

A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.

CrowdSec is a collaborative behavior detection engine that analyzes system logs to identify and block malicious activities using community-shared threat intelligence.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

Official repository of YARA rules for threat detection and hunting

Repository containing MITRE ATT&CK and CAPEC threat intelligence datasets formatted in STIX 2.0 standard for cybersecurity analysis and threat intelligence sharing.

Online hacking game with realistic hacking experience and player interaction.

A tool for reverse engineering Android apk files.

A discontinued disk imaging utility originally developed by Intel that used block map files for efficient disk image copying operations.

Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.

Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.

A centralized repository containing CTF source files and write-ups from 2015 competitions, providing accessible documentation and solutions for cybersecurity challenges.

A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.

ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.

An open-source penetration testing framework for social engineering with custom attack vectors.

Cheat sheet with common enumeration and attack methods for Windows Active Directory.

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

A behavior-based malware detection system for Android platforms that uses crowdsourcing to detect anomalies and malware in applications.

A collection of tips and tricks for container and container orchestration hacking and security testing.

Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.