Free Cybersecurity Tools

A collection of Yara signatures for identifying malware and other threats

Honeypot for analyzing data with customizable services and logging capabilities.

Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.

XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.

A practical guide on NTLM relaying for Active Directory attacks.

Autopsy is a GUI-based digital forensics platform for analyzing hard drives and smart phones, with a plug-in architecture for custom modules.

Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.

A comprehensive cheat sheet for using JtR (John the Ripper), a password cracking tool.

TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.

Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.

Interactive incremental disassembler with data/control flow analysis capabilities.

A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.

A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.

A Java bytecode assembler and disassembler toolkit that converts classfiles to human-readable format and provides decompilation capabilities for reverse engineering Java applications.

A tool to locally check for signs of a rootkit with various checks and tests.

Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.

A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.

A Bash completion script that provides auto-completion functionality for Android SDK command-line tools including adb, emulator, fastboot, and repo.

A nonprofit security organization that collects and shares threat data to make the Internet more secure.

A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.

A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL

An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.

Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.

A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.