🔒SecurityRepoIndex

Search Tools

Search by tool name, category, use case, or keyword.

16 results for "free"

Metasploit Framework

RubyBSD-3-Clause

4.6

The de-facto exploitation framework — a massive library of payloads and exploit modules with a consistent console

38,554 starsExploitation / Post-Exploitation
Offensive SecurityExploitationOpen Source

SQLMap

PythonGPL-2.0

4.5

The standard, automatic SQL injection exploitation tool — detect, fingerprint and dump databases through a vulnerable parameter

37,862 starsInitial Access / Exploitation
Offensive SecurityExploitationOpen Source

Nuclei

GoMIT

4.7

Template-driven vulnerability scanner that fires thousands of community-maintained checks against live hosts in minutes

29,704 starsVulnerability Analysis / Initial Access recon
Offensive SecurityVulnerability ScannerOpen Source

Burp Suite Community

JavaProprietary (free tier)

4.5

The free edition of the industry-standard web pentest proxy — manual intercept, repeater and intruder (throttled) for hands-on testing

0 starsVulnerability Analysis
Offensive SecurityWeb ScanningFree

BloodHound

GoApache-2.0

4.8

Maps Active Directory attack paths so you can see — and prove — how a low-priv user becomes Domain Admin

3,183 starsPrivilege Escalation / Lateral Movement / Domain Dominance
Offensive SecurityActive DirectoryOpen Source

Amass

GoApache-2.0

4.4

OWASP\'s attack-surface mapping tool — passive, active and brute-force enumeration of an organization\'s external footprint

14,823 starsReconnaissance
ReconnaissanceOpen SourceFree

Subfinder

GoMIT

4.5

Fast passive subdomain enumeration across dozens of OSINT sources — the quick way to expand a target\'s scope

13,987 starsReconnaissance
ReconnaissanceOpen SourceFree

Trivy

GoApache-2.0

4.6

A single scanner for vulnerabilities, misconfigurations, secrets and SBOM across containers, filesystems, IaC and clouds

36,866 starsVulnerability Management / Supply Chain
Cloud SecurityContainer SecurityOpen Source

Wazuh

C++GPL-2.0

4.3

Open-source XDR and SIEM that does agent-based threat detection, integrity monitoring and compliance across endpoints, containers and cloud

16,075 starsDetection & Response
Defensive SecuritySIEMOpen Source

Security Onion

PythonMIT

3.9

Free IDS/NSM distro

3,500 starsMultiple
Defensive SecuritySIEMOpen Source

Velociraptor

GoAGPL-3.0

4.6

Endpoint visibility and DFIR at scale using VQL — query live hosts and hunt across a fleet in one language

4,070 starsDetection / Response / IR
Offensive SecurityDFIROpen Source

Snort

C++GPL-2.0

4.2

The original open-source network intrusion detection system — signature-based packet analysis with a rule language the industry learned on

3,379 starsDetection
Defensive SecurityIDS/IPSNetwork Analysis

OWASP ZAP

JavaApache-2.0

4.4

The open-source web app security scanner (DAST) — proxy, spider, active/passive scanning and a baseline you can CI

15,391 starsVulnerability Analysis
Offensive SecurityWeb ScanningOpen Source

Volatility

PythonGPL-2.0

4.3

The open-source memory forensics framework — analyze a RAM dump to reveal what was actually running

8,042 starsIR / DFIR
Offensive SecurityDFIRMalware Analysis

Redline

PythonMIT

3.6

Free IR endpoint triage

1,500 starsMultiple
Offensive SecurityOpen Source

Let's Encrypt

C/PythonMIT

3.9

Free TLS certificates for everyone

4,000 starsMultiple
GRC & ComplianceOpen Source