Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

LINKS

Blog Contact

LEGAL

Terms of services Privacy policy

CyberSecTools

CyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

LINKS

Blog Contact

LEGAL

Terms of services Privacy policy

Free Cybersecurity Tools

Find the right solution for your security needs without any cost.
Explore 2624 curated tools and resources

All

Free

Commercial

Task

Home
Free Tools

PINNED

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial

Resources

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Commercial

Application Security

Check Point CloudGuard WAF

A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Commercial

Application Security

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Commercial

Cloud Security

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Commercial

Application Security

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial

Cloud Security

LATEST ADDITIONS

surf
A tool to escalate SSRF vulnerabilities on modern cloud environments
0
Free
Network Security
ssrf
cloud-security
+3
fuzz.txt
A GitHub repository for fuzzing and testing file formats
0
Free
Malware Analysis
malware
file-analysis
+1
HostileSubBruteforcer
A tool for bruteforcing subdomains of a given domain
0
Free
Honeypots
nmap
python
+3
DOMdig
DOM XSS scanner for Single Page Applications
0
Free
Malware Analysis
appsec
appsec-tool
+2
BurpJSLinkFinder
A Burp extension for scanning JavaScript files for endpoint links
0
Free
Application Security
appsec
javascript
+2
cariddi
A tool for security researchers and penetration testers to automate the process of finding sensitive information on a target domain.
0
Free
Offensive Security
api-metadata
asset-inventory
+2
Nosey Parker
A command-line program for finding secrets and sensitive information in textual data and Git history.
0
Free
Malware Analysis
appsec
binary-security
+3
XSSOauthPersistence
Maintaining account persistence via XSS and Oauth
0
Free
Offensive Security
xss
jwt_tool
A toolkit for testing, tweaking and cracking JSON Web Tokens
0
Free
Data Protection
jwt
security-research
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
0
Free
Malware Analysis
java
deserialization
+4
Secret Bridge
Monitors GitHub for leaked secrets
0
Free
Data Protection
github
security-monitoring
+3
Nuclei
Fast and customizable vulnerability scanner
0
Free
Vulnerability Management
vulnerability-scanner
yaml
+2
censys-subdomain-finder
A tool for performing subdomain enumeration using Censys API
0
Free
Network Security
subdomain-enumeration
censys
+2
XSSwagger
A simple Swagger-ui scanner that detects old versions vulnerable to various XSS attacks
0
Free
Application Security
xss
vulnerability-scanning
+3

Free Cybersecurity Tools

PINNED

InfoSecHired

Checkmarx SCA

Check Point CloudGuard WAF

Orca Security

DryRun

Wiz

LATEST ADDITIONS

surf

fuzz.txt

HostileSubBruteforcer

DOMdig

BurpJSLinkFinder

cariddi

Nosey Parker

XSSOauthPersistence

jwt_tool

ysoserial

Secret Bridge

Nuclei

censys-subdomain-finder

XSSwagger