Free, open-source cybersecurity tools have become indispensable to protecting individuals, organizations, and critical infrastructure from cyber threats. These tools are created through collaborative and transparent efforts, making them affordable and accessible alternatives to proprietary software.
Here, you will find a curated list of free cybersecurity tools you should consider.
Authelia: Open-source authentication and authorization server
Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests.
BLint: Open-source tool to check the security properties of your executables
BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries.
Cloud Active Defense: Open-source cloud protection
Cloud Active Defense is an open-source solution that integrates decoys into cloud infrastructure. It creates a dilemma for attackers: risk attacking and being detected immediately, or avoid the traps and reduce their effectiveness.
Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity
Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment.
Damn Vulnerable RESTaurant: Open-source API service designed for learning
Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game.
Drozer: Open-source Android security assessment framework
Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier.
EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)
EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI.
Encrypted Notepad: Open-source text editor
Encrypted Notepad, an open-source text editor, ensures your files are saved and loaded encrypted with AES-256. With no ads, no network connection required, and no unnecessary features, it’s a tool that simply works.
Fail2Ban: Ban hosts that cause multiple authentication errors
Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log
, and blocks IP addresses that exhibit repeated failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses for a configurable amount of time.
Grafana: Open-source data visualization platform
Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored.
Graylog: Open-source log management
Graylog is an open-source solution with centralized log management capabilities. It enables teams to collect, store, and analyze data to get answers to security, application, and IT infrastructure questions.
LSA Whisperer: Open-source tools for interacting with authentication packages
LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided for livessp, negoexts, and the security package manager.
Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning
Mantis is an open-source command-line framework that automates asset discovery, reconnaissance, and scanning. You input a top-level domain, and it identifies associated assets, such as subdomains and certificates.
OWASP dep-scan: Open-source security and risk audit tool
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, making it suitable for integration with ASPM/VM platforms and use in CI environments.
Pktstat: Open-source ethernet interface traffic monitor
Pktstat is an open-source tool that is a straightforward alternative to ncurses-based Pktstat. On Linux, it utilizes AF_PACKET, while on other platforms, it employs generic PCAP live wire capture.
Prompt Fuzzer: Open-source tool for strengthening GenAI apps
Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats.
Protobom: Open-source software supply chain tool
Protobom is an open-source software supply chain tool that enables all organizations, including system administrators and software development communities, to read and generate Software Bill of Materials (SBOMs), file data, and translate this data across standard industry SBOM formats.
RansomLord: Open-source anti-ransomware exploit tool
RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption.
reNgine: Open-source automated reconnaissance framework for web applications
reNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process.
Tracecat: Open-source SOAR
Tracecat is an open-source automation platform for security teams. The developers believe security automation should be accessible to everyone, especially understaffed small- to mid-sized teams.
Must read: