Free & Open Source Security Tools
Discover community-driven and free security solutions. Complement your enterprise stack with zero-cost tools.
Browse 2,685 free & open source security tools tools
FEATURED
OPEN SOURCE
A discontinued disk imaging utility originally developed by Intel that used block map files for efficient disk image copying operations.
A discontinued disk imaging utility originally developed by Intel that used block map files for efficient disk image copying operations.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
A centralized repository containing CTF source files and write-ups from 2015 competitions, providing accessible documentation and solutions for cybersecurity challenges.
A centralized repository containing CTF source files and write-ups from 2015 competitions, providing accessible documentation and solutions for cybersecurity challenges.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.
An open-source penetration testing framework for social engineering with custom attack vectors.
An open-source penetration testing framework for social engineering with custom attack vectors.
Cheat sheet with common enumeration and attack methods for Windows Active Directory.
Cheat sheet with common enumeration and attack methods for Windows Active Directory.
A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.
A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.
A behavior-based malware detection system for Android platforms that uses crowdsourcing to detect anomalies and malware in applications.
A behavior-based malware detection system for Android platforms that uses crowdsourcing to detect anomalies and malware in applications.
A collection of tips and tricks for container and container orchestration hacking and security testing.
A collection of tips and tricks for container and container orchestration hacking and security testing.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
A comprehensive collection of resources for learning ARM assembly language and shellcode development.
A comprehensive collection of resources for learning ARM assembly language and shellcode development.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
Free cyber threat intelligence feeds for proactive threat detection
Free cyber threat intelligence feeds for proactive threat detection
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
A modular tool for collecting intelligence sources for files and outputting in CSV format.
A modular tool for collecting intelligence sources for files and outputting in CSV format.
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.
CIRTKit is a DFIR console built on the Viper Framework that integrates various forensic tools and provides modules for packet analysis, memory analysis, and automated incident response workflows.
