Free Cybersecurity Tools

A honeypot tool with RDP and VNC feed support.

Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.

Emulates browser functionality to detect exploits targeting browser vulnerabilities.

hpfeeds is a lightweight authenticated publish-subscribe protocol with Python 3 compatible broker and client.

A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.

A collection of detailed CTF challenge writeups organized by category, providing explanations of problems and their solutions for educational purposes.

The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.

drozer is an open source Android security testing framework that identifies vulnerabilities in mobile apps and devices through Android Runtime and IPC endpoint interaction.

An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.

A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.

Package verification tool for npm with various verification and testing capabilities.

An Outlook add-in that enables one-click reporting of suspicious emails to security teams with integrated statistics tracking and SMTP header collection.

API for querying domain security information, categorization, and related data.

A secure file and drive wiping tool that overwrites data with randomized ASCII characters to prevent data recovery.

A network responder supporting various protocols with minimal assumptions on client intentions.

A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.

Independent software vendor specializing in network security tools and network forensics.

A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.

Amazon GuardDuty is a threat detection service for AWS accounts.

An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.

DVXTE is a Docker-based training platform containing multiple vulnerable applications designed for cybersecurity education and skill development.

A Digital Bond research project to enumerate ICS applications and devices

A PHP-based command and control framework that maintains persistent web server access through polymorphic backdoors and HTTP header communication tunneling.

A comprehensive database of exploits and vulnerabilities for researchers and professionals