As the threat of cyber security breaches increases, more and more people are turning to cyber security tools to help safeguard their privacy on the internet.
This list is designed for the average internet user who wants to start protecting themselves against cyber threats. These tools will help you protect your identity, get a handle on your passwords, and make sure that your data stays safe.
We’ve also included some fun tools for when you just want to take a break from being super serious about staying safe online. So go ahead and check out this list of 69 free cyber security tools!
These Free Cyber security Tools will help with:
- Internet Security Tools
- Email Security Tools
- Threat Detection Security Tools
- Password Management Tools
- Encrypted Communication Tools
- SIEM Solutions Tools
- Vulnerability Scanning Tools
- Penetration Testing Tools
- Host-Based Detection System Tools
- Network Protocol Analysis Tools
- Networking & OS Hardening Tools
Internet Security Tools
AdBlocker
Do you know how many ads are on the internet? A lot. From Facebook to YouTube to news sites, there is a never-ending supply of ads aimed at you and your personal information. As a result, internet security has become more important than ever before.
Online hackers have found ways to steal valuable data with just one click or one connection. To increase your own protection and improve your internet security, install an ad blocker right now!
Official Website: https://chrome.google.com
Tor Browser
Tor Browser is an internet browser that offers more privacy and security than other browsers. Unlike other browsers, Tor Browser is not subject to data retention laws, meaning it doesn’t log your browsing history or download history.
Tor also provides a high level of security against network surveillance: by bouncing your communications around a distributed network of relays run by volunteers all around the world, Tor prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. So it’s really a great cyber security tool necessary for safe internet usage.
Official Website: https://www.torproject.org
Redirect Detective
Internet security is a huge issue these days. It’s been a big topic for the past few years, and it’s not going away anytime soon. With hackers on the rise, identity fraud becoming more common, and phishing attacks on the rise, there are many ways for you to be vulnerable online.
So it’s important to improve your internet security by using Redirect Detective. This helps analyze short links to determine if they actually lead to malicious websites. It is one of the most important cyber security tools you need to use the internet safely.
Official Website: http://redirectdetective.com/
ScriptSafe
ScriptSafe is a free to use browser extension for Chrome and Firefox that blocks malicious scripts on webpages. When you visit any webpage, ScriptSafe will load a page of its own containing analysis of the page. If no malicious scripts are detected, it will then block anything that may pose a risk before you even load the page. ScriptSafe also blocks ads and trackers, letting you browse the internet with an increased level of security.
Official Website: https://chrome.google.com/webstore/
Scrim
Scrim is a new service that lets you share email addresses in a way that only humans can interact with. Instead of pasting your address on something where bots can collect it, you can scrim it. The recipient will have to follow the link and verify they’re human before seeing the email address.
Official Website: http://scr.im/
Sucuri SiteCheck
Website security is a major concern. If your website has been hacked, you can lose money, time, and trust in your company. The Sucuri SiteCheck Tool is designed to provide real-time protection against malware, spam, and malicious code insertion. Thousands of websites use this tool because it’s the most effective way to find website security issues.
Official Website: https://sitecheck.sucuri.net/
Have I Been Pwned?
Have I Been Pwned is a website that crawls the internet looking for lists and databases of compromised accounts. Enter your email address to find out if any of your accounts have been published anywhere!
Official Website: https://haveibeenpwned.com/
Email Security Tools
MailWasher
MailWasher is the first email security product to stop spam and virus emails before they get delivered to your inbox. MailWasher is a powerful anti-spam, anti-virus, anti-phishing and trojan protection cyber security tool that can help protect you from some of the worst email threats on the Internet.
MailWasher can stop up to 99% of all spam and virus emails before they ever reach your inbox. It does this by scanning incoming emails for viruses and other malware, as well as checking for phishing attempts and other email scams, preventing them from entering your inbox.
Official Website: https://www.mailwasher.net/
Spamihilator
Spamihilator is a powerful, effective, and easy-to-use email security tool that can help you protect your inbox from spam and phishing attacks.
Spamihilator automatically filters spam messages before they hit your inbox. You can use Spamihilator to create rules to block email addresses, keywords, or both. It also provides notifications to let you know when your filter has been triggered.
Official Website: https://www.spamihilator.com/en/
SpamBully
SpamBully is the first of its kind, and is one of the free cyber security tools for you to use. Most email-based marketing relies on sending out large numbers of emails to try and reach new customers. Such an approach can be dangerous because it leaves your business open to potential fraud. SpamBully solves this problem by filtering out all spam before it reaches your inbox. If you would like to take back control of your inbox and stop spam from clogging up your inbox, then give SpamBully a try today!
Official Website: http://www.spambully.com/
SPAMfighter
SPAMfighter, the email security tool, can be used to protect your emails from spam and viruses. With SPAMfighter’s built-in virus protection, your computer is protected against malware and Trojans. SPAMfighter also helps to keep you safe when browsing the internet with its integrated web protection feature.
SPAMfighter can help you stay connected without fear of being hacked or abused. You will get the most out of your email account and enjoy a safer internet experience with SPAMfighter’s email security tool.
Official Website: https://www.spamfighter.com
Threat Detection Security Tools
InfraGard
InfraGard is a public-private partnership between the FBI and the private sector. This organization helps to safeguard U.S. security by sharing information with businesses and academic institutions in order to identify potential terrorist threats.
InfraGard provides its members with the latest information concerning cyber and other emerging threats as well as physical security measures to protect their critical infrastructure. In addition, it has a robust network of subject matter experts in various fields including law enforcement, public safety, and emergency management who offer advice on current security trends and best practices.
Official Website: https://www.infragard.org/
Abuse.ch
The abuse.ch web pages are dedicated to the fight against cybercrime and to the promotion of safe use of the internet. This website is intended as a help in fighting cybercrime, offering information on how to protect yourself and your data when using the internet. It offers a multitude of services, including prevention tips, alert buttons, online reporting systems and email-based complaint addresses for law enforcement, as well as hotlines for victims of abuse.
In addition to these helpful tools, abuse.ch also provides guidelines for employers and other organizations who want to offer their own preventative measures or report incidents of crime committed by their employees or members.
Official Website: https://abuse.ch/
BlockList.de
BlockList.de is a free website that specializes in blocking spam email and text messages that are sent to users on an ongoing basis without their permission or knowledge. This process is called “blocklisting.” Also, the tool keeps the recipient’s inbox clear of spam, while also protecting their personal information from being revealed through the spammer’s marketing schemes. When using the site, you can choose which types of emails or texts you want to block, and BlockList will do the rest for you!
Official Website: http://www.blocklist.de/en/index.html
Gophish
Gophish is a cross-platform phishing toolkit that can be used to test the strength of your organization’s security and train users in best phishing practices. Gophish also provides a secure, online platform for managing all of your phishing campaigns and delivering attack simulation training to your users.
Gophish offers a number of features, including an easy-to-use graphical interface, unlimited license plate tracking, and support for any type of hardware terminal or browser. You can also create custom templates and integrate Gophish into your company’s existing infrastructure.
Official Website: https://getgophish.com/
Password Management & Recovery Tools
Cain and Abel
Cain and Abel is a powerful, freeware password recovery utility for Microsoft Operating Systems. It allows easy recovery of various kinds of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, uncovering cached passwords and analyzing routing protocols.
It can recover various kind of passwords by sniffing the network (even if they are not sent in plain text), cracking encrypted passwords using Dictionary, Brute-force and Cryptanalysis attacks, recording VoIP conversations (even if Skype is not running), decoding scrambled passwords, uncovering cached passwords and analyzing routing protocols.
Official Website: https://sectools.org/tool/cain/
RoboForm
The internet is a dangerous place. It’s full of crime, scams and frauds that could cost you money, your identity, or even your freedom. And it’s only getting worse. Thankfully, there are tools out there that can help you protect your online life and keep yourself safe. One such tool is RoboForm.
RoboForm is an online password manager that can securely store all of your passwords in one place, so you don’t have to remember them all yourself! While anyone who knows what they’re doing should be able to secure their accounts without RoboForm, it’s still a great tool for those who need help remembering all their passwords!
Official Website: https://www.roboform.com/
KeePass
KeePass is a free, open-source password management software that helps you to organize your passwords and keys. It’s available for Windows, Mac OS X, Linux, and Android. The name KeePass derives from the first letters of its three major functions: keep (the information), safe (from online threats), and pass (the information on).
All you need is one password, backed up by an encryption key that only you know. Simply store your whole list of passwords in one place so that you can always log in on any device – no matter where you are or what device you’re using. KeePass is an easy way to keep your passwords safe while also going digital!
Official Website: https://keepass.info/
NordPass
NordPass is a new password manager that makes it easier to keep track of all your passwords. Do you find yourself constantly forgetting your passwords? NordPass can help you to be more organized. With NordPass, you don’t need to remember your passwords because they are stored in an encrypted database on your computer. All you have to do is memorize one master password and NordPass will take care of the rest for you. You can even create different profiles with different passwords for different accounts.
Official Website: https://nordpass.com/homepage/
Ophcrack
Ophcrack is an open source Windows password cracker based on rainbow tables. It is designed to perform fast dictionary attacks against a Microsoft Windows user account database file (.PWD, .RDP) using Rainbow Tables.
The tables are available from different sources on the internet, including cracking sites and other websites that offer such resources for free. Once set up, Ophcrack can be used to find passwords for many Microsoft accounts in a few seconds.
Official Website: http://ophcrack.sourceforge.net/
Dashlane
Dashlane is a password manager tool that also works as a virtual wallet and travel organizer. Dashlane has all the tools you need to get organized, so you can focus on the things you love. Dashlane is an easy-to-use tool for your computer, web browser, and mobile device.
It stores all of your passwords, credit card details, and other personal information securely in one place. To log into an account from another device, all you have to do is enter your master password once – then simply answer one of two security questions when prompted.
Official Website: https://www.dashlane.com/
LastPass
LastPass is a password management tool that saves all of your passwords in one central location. It also can generate strong passwords, automatically log you into websites and fill any login forms with just one click. LastPass has a web browser extension, a mobile app and other features that are easy to use and take the hassle out of remembering and creating passwords.
Official Website: https://www.lastpass.com/
DUO
DUO is a great tool for protecting yourself. It’s an app that you download to your phone and use to authenticate into any service that requires a password. It takes two steps to set up DUO. First, you enter your credentials on the app and then you send it to DUO themselves so they can verify that it’s you. Next, they send it back to your phone with the verification code already entered so all you have to do is tap “accept”.
With DUO, we only enter our credentials once and then our access is guaranteed. This way, no one can get past our defenses without having access to our phone or knowing our password.
Official Website: https://duo.com/
Encrypted Communication Tools
Signal Private Messenger
Signal Private Messenger is a free and open-source messaging app that uses end-to-end encryption to secure your communication. Signal is a beautifully designed phone and tablet app that follows Google’s Material Design guidelines. It’s also available on desktop and offers support for push notifications, light or dark theme, pinning chats to the top of the list, setting an avatar for individual conversations, and more.
Whether you want to share something with someone in private or need to send large files like PDFs or videos, Signal has you covered with its speedy uploads and downloads from anywhere in the world.
Official Website: https://signal.org/
Openswan
Openswan is a free, open source IPsec-based VPN solution. It provides no security without IPsec and is not meant to replace higher-level tools like IKEv2 or OpenVPN. Openswan is designed to be fast, easy to set up, and give you maximum control over your network segmentation.
IPsec (Internet Protocol Security) is the latest evolution of the Secure Sockets Layer (SSL), the protocol for securing data sent over a computer network. IPsec provides a framework for authentication, encryption, and data integrity services.
Official Website: https://www.openswan.org/
StrongSwan
StrongSwan is a featureful and modern IKEv2 IPsec VPN solution for Linux, Android, Mac, iOS, and Windows users. It runs on numerous other operating systems as well. The advantage of this tool is that it is integrated in the Linux kernel, which means that it benefits from stability and low latency. In addition to stability, it also offers good performance and a broad range of features, such as:
- Strong authentication using X509 certificates
- Encryption using AES, Blowfish, or Camellia ciphers, with key lengths of 128 bits, 256 bits
- Perfect forward secrecy for encryption keys
- Dynamic address assignment from a DHCP server
- Support of common routing protocols such as RIPv1, RIPv2 and OSPFv2
- Support for generic routes passing and redistributing into OSPF via Redistribute connected
Official Website: https://www.strongswan.org
SoftEther
SoftEther is a cross-platform, multi-protocol VPN program that allows both remote access and site-to-site connections. It was designed to be a fast and reliable software with configurable levels of security. SoftEther VPN is also compatible with multiple platforms such as Windows, Mac OS X and Linux.
It supports most VPN protocols including TCP/IP, OpenVPN, IPsec, L2TPv3 and EtherIP. It can be used for Internet access filtering by blocking certain websites or for online privacy protection by encrypting the connection from your computer to the internet service provider.
Official Website: https://www.softether.org/
Security Information & Event Management (SIEM) Tools
SIEMonster
SIEMonster is a free and open-source tool for designing, deploying, and managing SIEMs. The software can be used to monitor any kind of security events from network traffic and OS logs. It has an intuitive user interface that allows you to configure your own SIEM with a few clicks. The goal of the project is to make it easier for organizations to deploy their own SIEM by providing a free and open source solution.
Official Website: https://siemonster.com/
Event Log Consolidator
Event Log Consolidator is a free tool that helps you to manage your Windows event logs. The tool helps you to consolidate, parse, filter and export event logs. Nowadays, many IT professionals are required to monitor large numbers of servers and workstations. Event Log Consolidator Tool helps them to collect, store and analyze their logs in one place for better management.
The program is easy-to-use and it supports any language version of Microsoft Windows from XP up to the latest operating systems. This application has a modular design, which means that you can install only the modules that you need or want. You can also add new modules easily.
Official Website: https://www.solarwinds.com
Splunk
Splunk is the leading provider of software for machine data. With Splunk, companies collect, index and analyze machine data to solve problems faster and drive increased innovation.
Splunk is a tool that helps you monitor your network, operate more efficiently and safeguard your business. Whether you need to track an IT issue, find unauthorized access to sensitive files or uncover an insider threat, Splunk can help you make sense of the vast amounts of machine data generated by today’s technology environment. With Splunk you can collect all this machine data in one place and take immediate action when needed.
Official Website: https://www.splunk.com/
LogRythm NetMon
LogRythm NetMon is the next generation of cybersecurity and threat intelligence tool. Designed by experts in the field of cyber security and network monitoring, LogRythm NetMon offers a myriad of features that you need to protect your data and your systems.
LogRhythm NetMon includes a range of features that you can use to monitor networks, detect threats, and keep your business running securely. Instantly view real-time traffic so you can identify potential issues before they become an issue. With LogRhythm NetMon, you get continuous network monitoring at the speed of light.
Official Website: https://logrhythm.com
CorreLog
CorreLog is the SIEM solution that can be deployed on-premises or in the cloud. CorreLog provides a holistic view of your IT infrastructure and security, enabling you to see threats as they happen and to mitigate them before they become a problem. The platform is available for free trial, so you can experience it firsthand before deciding which deployment option is right for you.
Official Website: https://correlog.com
Alienvault OSSIM
Alienvault OSSIM is a SIEM and network security tool that helps you to monitor your network, detect violations and threats, and take action.
This tool can be used for intrusion detection, vulnerability assessment, log management and compliance purposes. It features intelligent and real-time alerts; reliable data collection; unlimited scalability; 24/7 operational support; auditing capabilities for PCI DSS 3.0, ISO 27001, SOX Section 404, HIPAA Security Rules and more. Alienvault offers you the best in class protection for your organization’s IT infrastructure by focusing on both prevention and detection of attacks.
Official Website: https://www.alienvault.com
Vulnerability Scanning Tools
OWASP Zed Attack Proxy Project (ZAP)
The OWASP Zed Attack Proxy (ZAP) is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications. While it is primarily a security tool, it can also be used for general-purpose traffic analysis and network monitoring. Originally developed in 2008 by long-time industry developer David Kennedy, ZAP provides a simple interface with powerful features to help accomplish real-world tasks.
One of the really cool things about ZAP is that it’s free and open source under the Apache license so you can visit and enjoy it today!
Official Website: https://www.zaproxy.org/
Burp Suite
Burp Suite is a free tool that can be used to test and find vulnerabilities in applications. It provides software tools for a variety of tasks, such as intercepting network traffic, breaking encrypted cookies, scanning web servers for vulnerabilities and crawling websites for data. Burp Suite includes the following modules:
- Interceptor: A tool for capturing and replaying browser requests
- Intruder: A tool for testing all forms/post bodies and HTML tags on a web page
- Repeater: A tool to automate common manual tasks, such as parameter sweeping or fuzzing
- Comparer: A tool to compare two sets of files or database records
- Burp Scanner: An interactive web application security scanner that checks the site against 6,000+ manually curated rules against SQL injection, cross-site scripting and other vulnerabilities
Official Website: https://portswigger.net/burp
ThreadFix
Software vulnerabilities are bugs and errors in software code that can be exploited to undermine the security of a computer system. And when these vulnerabilities are left unpatched, they can lead to malicious attacks that result in identity theft and data loss.
ThreadFix is a software vulnerability management system that helps companies find, assess, and fix vulnerabilities before they become a problem. ThreadFix features include automated vulnerability assessment, prioritized vulnerability management, self-service fixes for low-risk bugs, and more!
Official Website: https://github.com/denimgroup/threadfix
Tails
Tails is a Linux-based operating system that you can use from a DVD, USB stick, SD card or another computer. Tails provides all the tools necessary to be as safe as possible when working on a computer.
It’s designed to bypass online surveillance and to help you stay anonymous online. Using Tails means leaving no trace of your activity on the computer you are using unless you ask it explicitly, so the risk of being monitored by your internet service provider is minimized. Using Tails means that no software installed in it will be able to spy on what goes on inside the memory of your computer, so there’s less chance for malicious software like keyloggers and trojans to capture sensitive information like passwords and banking details.
And finally, using Tails also means that all the data stored inside this operating system will be encrypted with strong cryptography so nobody can access it without using an encryption key!
Official Website: https://tails.boum.org/
TheHarvester
TheHarvester is a new tool created to help security professionals find email addresses, subdomains and phone numbers in various public sources of information. It is designed to be used for good, with the purpose of finding valid data sources, email lists and discovering potential vulnerabilities.
Official Website: https://github.com/laramies/theharvester
Malwarebytes
Malwarebytes is a software suite, which detects and removes malware by utilizing the advanced anti-malware protection system. The Malwarebytes’ Anti-Malware will work on a variety of machines, like Windows, iOS, Android, Mac OS X, and Linux machines. It can also detect and remove other threats like ransomware or Trojan horses.
Official Website: https://www.malwarebytes.com/
Qubes
Qubes is a Linux-based operating system that aims to provide security through isolation. It works by creating virtual machines for different tasks and then limiting those tasks’ access to the hardware of the computer and the network. Qubes uses Xen, a type 2 hypervisor, which allows it to run many instances of an operating system simultaneously on one physical machine.
These virtual machines function as secure containers for any task you want to separate from the rest of your workflow. The result is that you can use a single computer while doing work with no fear of sensitive data being compromised in the event of an attack or accident.
Official Website: https://www.qubes-os.org/
Nessus
Nessus is a free and open source vulnerability scanner that can be used by everyone in the information security industry. With scanning speeds of up to 10,000 IPs per hour, it’s one of the fastest tools on the market. It can be downloaded and installed on any machine running Windows, Linux, or Mac OSX to quickly scan an entire network or host for vulnerabilities.
Official Website: https://www.tenable.com/nessus
Penetration Testing Tools
Metasploit
The Metasploit Framework is the world’s most advanced open-source penetration testing software. Designed for both home users and pentesters, this framework is a significant development in the field of computer security. Encompassing more than just exploits, it is a fully-functional information security environment that can be integrated into other hacking tools such as vulnerability scanners and IDS/IPS.
The Metasploit Framework also provides several unique features to make the job of exploiting targets easier, including a web interface with built-in exploitation capabilities and an integrated packet capture module to verify successful exploits.
Official Website: https://www.metasploit.com/
Kali Linux
The Kali Linux operating system, or Kali for short, is a Debian-based Linux distribution aimed at advanced penetration testing and security analysis. The project was founded by Mati Aharoni and Devon Kearns of Offensive Security in 2006. It has since grown to become the most popular pentesting distribution with over 300 tools. The development of this project has been fueled by its popularity among hackers, IT professionals, and security researchers around the world. More than 1 million people downloaded this tool in one year.
As part of its design philosophy, Kali includes only necessary tools so as not to have “bloat” that could make it difficult for people who are new to penetration testing to find their way around the environment.
Official Website: https://www.kali.org/
Wireshark
With all the hackers out there, it’s important to be safe on the internet. For this reason, many people are now using a Wireshark tool. Wireshark is an open-source program used for analyzing data packets.
It’s mainly used for network troubleshooting and analysis of protocols such as Ethernet, WiFi, Bluetooth, and more. Whether you’re looking to find security flaws in your network or your company’s competitors’ networks, what browser someone uses, or how they conduct their online transactions – Wireshark has the answers.
Official Website: https://www.wireshark.org/
Samurai Web Testing Framework
Samurai is a free and open source web application testing framework. It’s built on the Robot Framework, which is an open source acceptance testing framework that’s designed to be powerful and easy to use.
Samurai has been developed by the R&D team at QASymphony, who have extensive experience in software development and testing. Samurai was created to simplify your work with automated browser tests, making it easier for you to use both commercial and open-source tools for web app testing.
Official Website: http://www.samurai-wtf.org/
Nmap
Nmap is a powerful security scanner. It’s used by network administrators and those who want to keep their networks secure. Nmap is free and open source software, available for Linux, Windows, and Mac OS X operating systems. Nmap was created in 1997, making it one of the oldest active port scanning tools still in use. Nmap can be used to explore networks for hosts that are alive on your LAN or to find guards on your wireless network.
Official Website: https://nmap.org/
HPing
HPing is a tool used to ping test. It’s different from other tools because of its ability to send more than just ICMP requests. Instead, it can also be used for testing firewalls and advanced TCP stack checking as well!
Official Website: http://www.hping.org/
Nikto
Nikto is an open-source pen tester tool designed for scanning web servers for potential vulnerabilities and other problems. It can be used from any platform with the required Perl modules installed, but the best way to use it is through CURL, which those of you on a Unix-like system will have available by default. It runs on Linux, Windows, and Mac OS X and can scan remote hosts for potential security vulnerabilities.
Official Website: https://cirt.net/Nikto2
John the Ripper
John the Ripper is a free and open source password cracking software that can be used to crack local hashes. It supports various hashing algorithms and has them available in a dictionary. It is commonly used as a part of pen-test, network security assessments, and forensics investigations. John the Ripper can be installed on all major operating systems with the exception of MacOSX.
Official Website: https://github.com/openwall/john
Host-Based Detection System Tools
OSSEC
It is an acronym for Open Source Security Event Correlator and is a powerful tool that allows you to analyze log files, check file integrity, monitor rules, detect rootkits, and use detection methods to actively respond to signatures and anomalies. One can get a picture of the systemic surgery to identify the abnormality.
Official Website: https://www.ossec.net/
Tripwire
Tripwire is an open-source host-based intrusion detection system (HIDS) and provides in-depth analysis of the integrity of a file system and is widely used as a protection against malicious intrusions.
Tripwire protects systems from unauthorized changes to software, configuration files and directories. It can also be used to detect signs of intrusion and malware by collecting detailed information about the state of the monitored system and its files at regular intervals.
Official Website: https://www.tripwire.com/
Fierce Domain Scanner
Fierce Domain Scanner is a pre-reconnaissance tool that was created by David Pepper because he thought other network recon tools were only working on contiguous IP ranges. Fierce Domain Scanner works using DNS to find related IP ranges within the domain, which it then logs and spoofs so you can conduct reconnaissance missions with ease.
Official Website: https://fierce.pl
Samhain
Samhain is a great tool for central log management and detection. It’s simple to install, providing security by monitoring file integrity, hidden processes and TCP/IP communications. Samhain offers logging capabilities for SQL databases as well as all consoles, emails and syslogs.
Though it has stealth options which make intrusion difficult or impossible – when those are combined with its other fantastic features like easy installation and the provision of centralized log management- Samhain is definitely worth checking out!
Official Website: https://www.la-samhna.de/samhain/index.html
Security Onion
Security Onion is an open-source Linux distribution for intrusion detection, network security monitoring, and log management. The goal is to collect as much information about network activity as possible and then use the Security Onion platform to detect patterns indicative of malicious activity.
Security Onion gives you the power of a live CD collection of tools, with a slick graphical user interface, without any desktop environment or other unnecessary tools taking up space on your hard drive.
The Security Onion team has developed customized images for USB sticks and SD cards which are suitable for running in low-memory environments like those found in ARM computers or virtual machines.
Official Website: https://securityonionsolutions.com/
Network Protocol Analysis Tools
NGREP
Network protocol analyzers are a powerful and indispensable tool for any network engineer. They enable the user to capture, analyze, and decode data packets that are transmitted over wired or wireless networks. These tools can be used to troubleshoot network problems, assess performance, and monitor traffic.
NGREP is a protocol analyzer tool used in TCP/IP networks. It is a powerful tool that captures packets and displays those packets in an easy-to-understand format with the help of various filters. It also offers real-time data monitoring capability and has a very robust scripting interface for automation.
Official Website: https://github.com/jpr5/ngrep/
httpry
httpry is a packet sniffer and network protocol analyzer, which helps you understand the different types of data that are transmitted over HTTP or HTTPS connections. httpry is great for learning about how web services work, for troubleshooting broken connections, or for identifying the source of an attack. You can also use it to view traffic from any device that transmits data over the HTTP and HTTPS protocols.
Official Website: https://github.com/jbittel/httpry
TCPFLOW
TCPFLOW is a free and open-source network protocol analyzer that could be used for identifying the root cause of many networking problems. The TCPFLOW program can be used to analyze data at, for example, the packet level. It’s often employed by network administrators, IT professionals and developers to troubleshoot problems within their networks.
The packet details in the TCPFLOW program are analyzed with a powerful search mechanism to help figure out what is going wrong. This powerful search engine includes filters for different criteria including IP addresses or port numbers.
Official Website: https://github.com/simsong/tcpflow
Moloch
Moloch is a protocol analyzer and packet capturing tool with a GPLv3 license. With this tool, you can capture network packets at layer 2-4 and dump them into a PCAP file or to STDOUT for further analysis.
If you’re worried about eavesdroppers on your Wi-Fi enabled coffee shop’s free and public Wi-Fi network, Moloch is more than capable of monitoring what goes across its airwaves. It also works for data centers with millions of pounds of bandwidth slurping servers and wires, as well as your old home DSL router.
Official Website: https://arkime.com/
Maltego
Maltego is a powerful open-source intelligence and forensics application that offers data mining from different types of sources. Maltego provides an easy way to map out the relationships between various entities in a system, such as people, malware files, web servers, or organizations. It supports all major operating systems including Windows, Mac OSX, and Linux.
This tool can be used by analysts to uncover connections between people and their social networks, understand how malware propagates through a network, or reveal the relationships between an organization and its suppliers.
Official Website: https://www.paterva.com
Networking & OS Hardening Tools
OpenVPN
OpenVPN is a robust, easy to use and cross-platform open source virtual private network application. It can be used to create both point-to-point and site-to-site connections to insecure networks using the OpenVPN protocol.
OpenVPN offers both a graphical user interface (GUI) and a command line interface (CLI). It is one of the most popular VPN software out there. The GUI has been designed to make you feel right at home with its Windows XP style layout. The command line interface, on the other hand, requires some time getting used to it but is much more powerful and allows for a scriptable installation which makes it perfect for large deployments.
Official Website: https://openvpn.net
ModSecurity
ModSecurity is a Web application firewall (WAF) which is designed to prevent Web-based attacks. Installed as a module for the Apache and Nginx web servers, ModSecurity monitors traffic to and from the server, blocking anything that appears to be an attack. It analyzes HTTP requests in real time, checking them against a ruleset of possible malicious actions.
Official Website: https://github.com/SpiderLabs/ModSecurity
SafePad
The SafePad is a simple and effective solution to the threats of online bullying, identity theft and cyber-bullying. The tool helps protect your device and personal information by locking it down with one single key. You can also use it to find lost devices and track them when they’re offline.
Official Website: https://github.com/stephenhaunts/SafePad
IP Tracker Online
IP Tracker is an online tool that helps you find out the location, ISP, and ASN of any IP address. You can also use it to identify the company behind a particular IP address!
IP Tracker has been used by several different government agencies and large educational institutions. It is also the perfect solution for law enforcement agencies, marketing firms, and webmasters who need to track down suspicious activity on their network. IP Tracker provides a wide range of tools for tracking down anything from child pornographers to hackers. You can even use it to trace your own IP address!
Official Website: https://www.iptrackeronline.com
PacketFence
The PacketFence project is an open-source software firewall that can be used to monitor, filter, and protect a network. It provides a web-based console for configuring the filtering policies of the host system. It also has a command line interface which can be used by scripting applications. PacketFence is useful even if you are not running it on a router because it can help protect the rest of your network from attacks originating outside the router.
Official Website: https://packetfence.org/
So…What Do you Think?
Now I want to hear from you.
What are your thoughts on this list?
Is there another free cybersecurity tool that we missed?
Please: Let us know by leaving a comment below.
