Open Source
Explore 53 curated tools and resources
LATEST ADDITIONS
AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.
OpenFHE is an open-source library implementing post-quantum Fully Homomorphic Encryption schemes with simplified APIs and cross-platform support.
Zama's fhEVM Coprocessor is an open-source tool for developing applications using Fully Homomorphic Encryption, enabling privacy-preserving computations in various domains.
Microsoft SEAL is a homomorphic encryption library that allows computations on encrypted data without decryption, supporting integer and approximate real number arithmetic.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.
RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.
LLM Guard is a security toolkit that enhances the safety and security of interactions with Large Language Models (LLMs) by providing features like sanitization, harmful language detection, data leakage prevention, and resistance against prompt injection attacks.
A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages
A PHP library for secure data encryption with easy-to-use API.
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing, utilizing Message Query Language (MQL) for behavior description.
Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.
A collection of tools and resources for threat hunters.
Cybersecurity project for security monitoring of Node.js applications.
MIDAS (Mac Intrusion Detection Analysis System) - archived and no longer supported.
A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.
An open-source tool for finding security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code
GCTI's open-source detection signatures for malware and threat detection
Donate to your favorite open-source projects and charities using PayPal
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
ClamAV is an open-source antivirus engine that detects trojans, viruses, malware, and other malicious threats.
Non-profit organization supporting the advancement of open source software.
An open-source phishing toolkit for businesses and penetration testers.
Community-driven collection of open source tools being archived with limited support.
Open Source Threat Intelligence Collector with plugin-oriented framework.
A crawler-based low-interaction client honeypot for exposing website threats.
Website providing information on Snap7 open-source communication library.
Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
An open-source intelligence collection, research, and artifact management tool inspired by SpiderFoot, Harpoon, and DataSploit.
Free and open-source cybersecurity training classes with multi-class learning paths for high-skill, high-pay job skills.
A collaborative and open-source incident response platform for sharing observables among analysts.
A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.
An open source, self-hosted implementation of the Tailscale control server.
Automate software supply chain security by blocking malicious open source components
Interactive incremental disassembler with data/control flow analysis capabilities.
An open-source Python software for creating honeypots and honeynets securely.
A community-driven GRC solution that is simple, affordable, and open-source.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
A recognition framework for identifying products, services, operating systems, and hardware by matching fingerprints against network probes.
OWASP offers essential resources and community support to enhance application security.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
libevt is a library to access and parse Windows Event Log (EVT) files.
Bearded Avenger is a cybersecurity tool with various integrations and deployment instructions available.
A Unix-based tool that scans for rootkits and other malware on a system, providing a detailed report of the scan results.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security