Free Cybersecurity Tools
Find the right solution for your security needs without any cost.Explore 2627 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
PINNED
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Identifies 137 malicious npm packages and gathers system information to a remote server.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
A comprehensive guide for computer security incident handling, providing guidelines for establishing incident response capabilities and handling incidents efficiently and effectively.
A comprehensive guide for computer security incident handling, providing guidelines for establishing incident response capabilities and handling incidents efficiently and effectively.
Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.
Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
A library to access and parse OLE 2 Compound File (OLECF) format files.
A library to access and parse OLE 2 Compound File (OLECF) format files.
Sysreptor offers a customizable reporting solution for offensive security assessments.
Sysreptor offers a customizable reporting solution for offensive security assessments.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
Detect stegano-hidden data in PNG & BMP using zsteg tool.
A collection of disposable and temporary email address domains used for spamming or abusing services.
A collection of disposable and temporary email address domains used for spamming or abusing services.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.