Free and open source cybersecurity tools have become essential for protecting individuals, organizations, and critical infrastructure from cyber threats. These tools are created through collaborative and transparent efforts, providing affordable and accessible alternatives to proprietary software.
Here is a curated list of free cybersecurity tools to consider.
Authelia: An open source authentication and authorization server
Authelia is an open source authentication and authorization server that provides 2FA and SSO to applications through a web portal. It works with reverse proxies to allow, deny or redirect requests.
BLint: An open source tool to check security properties of executable files
BLint is a binary linter designed to leverage LIEF to assess the security properties and capabilities of executable files. Starting with version 2, BLint can also generate a Software Bill of Materials (SBOM) for compatible binaries.
Cloud Active Defense: Open Source Cloud Protection
Cloud Active Defense is an open source solution that integrates decoys into cloud infrastructure, creating a dilemma for attackers: launch an attack and risk immediate detection, or avoid the trap and reduce its effectiveness.
Cloud Console Cartographer: An open-source tool that helps security teams transcribe log activity
Cloud Console Cartographer is an open-source tool that maps noisy log activity into concise, highly consolidated events, helping security practitioners cut through the noise and understand console behavior in their environments.
Damn Vulnerable RESTaurant: An open source API service designed for learning
Damn Vulnerable RESTaurant is an open-source project that helps developers learn how to identify and fix security vulnerabilities in their code through interactive games.
Drozer: An open source Android security evaluation framework
Drozer is an open-source security testing framework for Android whose main goal is to make the life of mobile application security testers easier.
EJBCA: An open source Public Key Infrastructure (PKI), Certificate Authority (CA)
EJBCA is open source PKI and CA software that can do almost anything, and was once called the kitchen sink of PKI.
Encrypted Notepad: an open source text editor
An open-source text editor, Encrypted Notepad ensures that your files are saved and loaded with AES-256 encryption. It is an easy-to-use tool with no ads, no network connection required, and no unnecessary features.
Fail2Ban: Ban hosts that cause multiple authentication errors
Fail2Ban is an open source tool that monitors log files such as: /var/log/auth.log
Blocks IP addresses that have repeated failed login attempts by updating your system's firewall rules to deny new connections from those IP addresses for a configurable amount of time.
Grafana: An open source data visualization platform
Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces, regardless of where they're stored.
Graylog: Open source log management
Graylog is an open-source solution with centralized log management that enables teams to collect, store, and analyze data to get answers to questions about security, applications, and IT infrastructure.
LSA Whisperer: An open source tool for interacting with authentication packages
LSA Whisperer consists of open source tools designed to interact with authentication packages through a proprietary messaging protocol. Currently, cloudap, kerberos, msv1_0, negote, pku2u, schannel packages and the AzureAD plugin for cloudap are supported. Partial or unstable support is provided for livessp, negoexts, and security package manager.
Mantis: An open source framework for automating asset discovery, reconnaissance, and scanning
Mantis is an open source command line framework that automates asset discovery, reconnaissance and scanning. Enter a top-level domain and it will identify associated assets, including subdomains and certificates.
OWASP dep-scan: an open source security and risk audit tool
OWASP dep-scan is an open source security and risk assessment tool that leverages information about vulnerabilities, advisories and license restrictions in project dependencies. It supports local repositories and container images as input sources, making it suitable for integration with ASPM/VM platforms and use in CI environments.
Pktstat: an open source ethernet interface traffic monitor
Pktstat is an open source tool that is a direct replacement for the ncurses-based Pktstat, using AF_PACKET on Linux and generic PCAP live wire capture on other platforms.
Prompt Fuzzer: An open source tool to power GenAI apps
Prompt Fuzzer is an open source tool that evaluates the security of system prompts in GenAI applications against dynamic LLM-based threats.
Protobom: An open source software supply chain tool
Protobom is an open source software supply chain tool that enables any organization, including system administrators and the software development community, to read and generate software bills of materials (SBOMs), file the data, and convert this data between industry standard SBOM formats.
RansomLord: An open source anti-ransomware tool
RansomLord is an open-source tool that automates the creation of PE files used to exploit ransomware pre-encryption.
reNgine: An open source automated reconnaissance framework for web applications
reNgine is an open-source automated reconnaissance framework for web applications with a focus on a highly configurable and streamlined reconnaissance process.
Tracecat: Open Source SOAR
Tracecat is an open source automation platform for security teams. The developers believe that security automation should be available to everyone, especially small to mid-sized teams that are understaffed.
Must read: