Tools
Free Security Tools by Category
Network/Perimeter Security
Quad9 offers free public DNS protection by routing queries through a secure network of servers around the globe using threat intelligence from more than a dozen of the industry’s leading cyber security companies. If Quad9 detects that a site you want to reach is known to be infected, you’ll automatically be blocked from resolving the site and connecting. You can configure this on individual hosts or simply point your public DNS forwarders to 9.9.9.9 to add another layer of network protection.
The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages like Snort and Suricata IDS for additional functionality. Run it as a full-blown firewall with IPS or in parallel with a mirrored interface as a stand-alone IDS. Adding your purchased Emerging Threats professional (ETPro) ruleset subscriptions and scaling it's resources for your network environment is a snap. Commercial support is optionally available.
Security Onion is a free and open source Linux distribution for threat hunting, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Zeek (formerly known as Bro), Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. Optional training and pre-paid support hours are also available.
Endpoint Security
The Center for Internet Security, Inc. (CIS) Security Benchmarks program is recognized as a trusted, independent authority that facilitates the collaboration of public and private industry experts to achieve consensus on practical and actionable solutions. Because of this reputation, their resources are recommended as industry-accepted system hardening standards and are used by organizations in meeting compliance requirements for FISMA, PCI, HIPAA and other security requirements. Benchmark documents are available for a wide-variety of device platforms. Click Here for a full list of available CIS benchmarks.
Application Security
A summary of the most critical web application security flaws based on a broad consensus. | |
A “first principles” book that focuses on secure software engineering (regardless of coding language or framework). | |
A “best practices” web application penetration testing framework which users can implement in their own organizations. | |
A collection of high value information on specific web application security topics in an easy to read format. |
Video Resources:
- OWASP Application Security Basics Video Tutorial
- OWASP Application Security SQL Injection Tutorial
- OWASP Application Security Cross Site Scripting (XSS) Tutorial
- OWASP Application Security Strict Transport Security Tutorial
Data Security
CanaryTokens provides an innovative approach to "honeypot" detection. It is truly as simple as choosing from a variety of token types and start monitoring. The use cases are limitless. Commercial paid solutions are also available.
File Shredder is an easy to use secure erase program that is truly free to use under GNU general public licensing. It includes right-click secure delete and free disk space wiping capabilities.
Identity and Access
Under construction...
Threat Intelligence
- Cisco Talos (threat lookup)
- IBM X-Force Exchange (threat lookup)
- Virus Total (threat lookup)
- Webroot Brightcloud (threat lookup)
- RiskIQ (threat lookup)
Anomoli STAXX is a free software platform designed to help you leverage the Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Intelligence Information (TAXII) cyber threat sharing protocols. As part of this open, community-driven effort you can search various intelligence feeds to identify threat actors in your environment.