Free Tool

Monitoring networks and intercept traffic packets.

Free
Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Free / Open Source

Network discovery and security auditing. Useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Uses raw IP packets to determine what hosts are available on the network, what services, what operating systems, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Free Community Version

Secure your whole web portfolio, integrate security with development, and free time for AppSec to do more - with automated dynamic scanning.

Free / Open Source

Zed Attack Proxy (ZAP) is a free, open-source penetration testing tool. A “man-in-the-middle proxy.” It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application

Free / Opensource
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

Open Source / Some Paid Features

Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts.

Subscription Access
TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers, incorporation guides and challenges to cater for different learning styles.

Free

p0f performs passive OS detection based on SYN packets. Unlike nmap and queso, p0f does recognition without sending any data. Additionally, it is able to determine the distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics.

Kali Official Version linked.

v3 Available from other sources.

Free / Open Source

Web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.

Subscription Access
A Massive Hacking Playground!

Join a dynamically growing hacking community and take your cybersecurity skills to the next level through the most captivating, gamified, hands-on training experience!

Opensource

Host Intrusion Detection

Free Website security scans.

SiteLock site can be used to scan your website for vulnerabilities.

Free Resource
A simple, intuitive web app for analysing and decoding data without having to deal with complex tools or programming languages.

Free Resource.
WARGAMES, Test your Skills!

Free / Open Source

Threat hunting, enterprise security monitoring, and log management. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

Free

Aircrack-ng is a complete suite of tools to assess WiFi network security. Find those vulnerabilities and lock them down!

Free / Open Source

open-source driven firewall, router, and VPN solution for network edge and cloud secure networking.

Free / Open Source

Gophish is a powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing.

Check your email address for events that could have exposed its data including passwords.

Free / Open Source

Unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and implement any type of vulnerability test.

Free

Secure Password Manager across all your devices.

Free

Secure Containers to Reverse Engineer Malware with an array of tools to assist.

Free

Username checker for OSINT Recon. Guide linked.

Checks 1000+ Commonly used sites for the username provided.

Free

RustScan is a modern take on the port scanner. Sleek & fast.

PAID SUBSCRIPTION

“Advanced Encryption in a Simple Interface” 128 and 256 Encryptions of your files. A solution for staff that need to encrypt but arent cyber experts.

PAID SERVICE

Enpoint Behaviour Detection and Monitoring. Capture, Analyze and Control User Desktop Activity For Any Use Case.

PAID

Provides monitoring of all mission-critical infrastructure components including applications, services, operating systems, network protocols, systems metrics, and network infrastructure. Hundreds of third-party addons provide for monitoring of virtually all in-house and external applications, services, and systems.