Feb 06 2024

20 free cybersecurity tools you should know about

Category: Information Security,Security Toolsdisc7 @ 10:36 am

https://www.techtarget.com/whatis/feature/17-free-cybersecurity-tools-you-should-know-about

Cybersecurity products can get pricy but there are many excellent open source tools to help secure your systems and data. Here’s a list of some of the most popular with cyber pros.

Cybersecurity tools aren’t just for the enterprise anymore; they’re essential for every type and size of organization.

Some tools specialize in antivirus, while others focus on spear phishing, network security or scripting. Even the best cybersecurity products can only do a few things very well, and there is no room for error.

Effective products, coupled with in-depth cybersecurity planning, are a must for all. Whether businesses have an in-house security team or outsource these services, every entity needs cybersecurity pros to discover and fix any points of weakness in computer systems. This reality can tax the bottom line, but luckily there are many free cybersecurity tools available.

Here is a rundown of some of the top free tools cybersecurity professionals use every day to identify vulnerabilities.

1. Aircrack-ng

Aircrack-ng is a must-have suite of wireless security tools that focus on different aspects of Wi-Fi security. Aircrack-ng focuses on monitoring, attack testing and cracking your Wi-Fi network. This package of tools can capture, analyze and export packet data, spoof access points or routers and crack complex Wi-Fi passwords. The Aircrack-ng suite of programs includes Airdecap-ng, which decrypts WEP or WPA-encrypted capture files; Airodump-ng, a packet sniffer; Airtun-ng, a virtual tunnel interface creator; and Packetforge-ng, which creates encrypted packets for injection. All of it is free and open source.

2. Burp Suite

Burp is a suite of tools specifically focused on debugging and testing web app security. Burp Suite includes a spider for crawling web app content, a randomness tool for testing session tokens and a sophisticated request repeater to resend manipulated requests. The real power of Burp Suite, however, is the intercepting proxy tool, which enables Burp to intercept, inspect, modify and send traffic from the browser to a target. This powerful feature makes it possible to creatively analyze a web app’s attack vectors from all angles — a key reason it’s often ranked as one of the best free cybersecurity tools. The community version of Burp Suite is free, but there is also a paid Enterprise Edition designed for enabling testing in DevSecOps.

3. Defendify

Defendify is an all-in-one product that provides multiple layers of protection and offers consulting services if needed. With Defendify, organizations can streamline cybersecurity assessments, testing, policies, training, detection and response in one consolidated cybersecurity tool.

Features include cybersecurity risk assessments, technology and data use policies, incident response plans, penetration testing, threat alerts, phishing simulations and cybersecurity awareness training.

4. Gophish

Many of the costliest data breaches and ransomware attacks in recent years can be traced back to simple phishing campaigns because many company workers fall for them. One of the best protections is to secretly test your staff to see who is gullible, and for that you can use the free program Gophish. Gophish is open source and provides a full-featured toolkit for security administrators to build their own phishing campaigns with relative ease. The overall goal is not to embarrass staff, but find out who needs greater phishing awareness and foster better security training within their organization.

5. Have I Been Pwned

Created by award-winning cybersecurity thought leader and teacher Troy Hunt, Have I Been Pwned is a website where you enter your email address to check if your address has been revealed in a data breach. Have I Been Pwned’s database is filled with billions of usernames, passwords, email addresses and other information that hackers have stolen and published online. Just enter your address in the search box.

6. Kali Linux

Kali Linux is a Debian Linux derivative specifically designed toward testing for security tasks, such as penetration testing, security auditing and digital forensics. Kali includes roughly 600 pre-installed programs, each included to help computer security experts carry out a specific attack, probe or exploit against a target. Aircrack-ng, Nmap, Wireshark and Metasploit are a few of the pre-installed tools that ship with the Kali Linux download.

7. Metasploit Framework

Similar to Kali Linux but at the application layer rather than OS, the Metasploit Framework can test computer system vulnerabilities or can be used to break into remote systems. It is, in other words, a network penetration “Swiss Army knife” used by both ethical hackers and criminal gangs to probe networks and applications for flaws and weaknesses. There is both a free and a commercial version — known as the Framework and Pro editions, respectively — which are available for trial. Both editions are de facto standard for penetration testing with more than 1,500 exploits. Metasploit comes pre-installed on Kali Linux.

8. Nmap

Nmap is a free network mapper used to discover network nodes and scan systems for vulnerability. This popular free cybersecurity tool provides methods to find open ports, detect host devices, see which network services are active, fingerprint operating systems and locate potential backdoors.

While Nmap provides users immense power and capability to explore networks, the program has a rather steep learning curve to get over before one becomes truly proficient in using it.

9. Nikto

Nikto is an ultra-powerful, command-line tool useful for uncovering vulnerabilities in web apps, services and web servers. Originally launched in the early 2000s, Nikto is still widely used by both blue and red teams that want to quickly scan web servers for unpatched software, misconfigurations and other security issues. The program also features built-in support for SSL proxies and intrusion detection system evasion. Nikto can run on any computer capable of supporting the Perl programming language.

10. Open Vulnerability Assessment Scanner

OpenVAS is an all-in-one vulnerability scanner that comprehensively tests for security holes, misconfigured systems and outdated software. The scanner gets the tests for detecting vulnerabilities from a feed with daily updates. Much of the program’s power stems from its built-in programming interface, which enables developers to create custom scans that fit niche needs.

Its capabilities include unauthenticated and authenticated testing, high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

11. OSSEC

OSSEC is a free program for cybersecurity professionals that’s been touted as one of the most popular systems for intrusion detection and prevention. Made up of multiple components — including a server, agent and router monitor — OSSEC is capable of rootkit detection, system integrity checking, threat alerts and response. One of OSSEC’s highlights is its comprehensive log analysis tool, empowering users to compare and contrast log events from many different sources.

OSSEC comes in three versions: standard; OSSEC+, which includes machine learning and real-time community update; and Atomic OSSEC, with more advanced functions.

12. Password managers

Using only strong passwords — and keeping them secure — is an essential step in the security of any system. But since a best practice is to use a unique password for every website, app and service, that can get tricky. A good password manager makes it possible to safely store all passwords together so a user only needs to remember one master key rather than dozens of unique passwords. This is especially true for cybersecurity professionals tasked with guarding passwords to mission-critical systems. Fortunately, there are free password management tools. Three good, free options for cybersecurity pros are KeePassBitwarden and Psono.

13. PfSense

The firewall/router software pfSense can be installed on either a physical computer or virtual machine to protect networks. PfSense is based on the FreeBSD OS, and has become one of the most popular open source firewall/router projects available. PfSense can also be configured for intrusion detection and prevention, traffic shaping, load balancing and content filtering. The pfSense site includes a tour, a community page, a link to both training and support and a download of the latest version of the community edition of the software.

14. P0f

Endpoint fingerprinting is analysis of web traffic to find patterns, responses and packets sent and received in a particular direction — even if they are encrypted. This works even with “dumb” devices that don’t interact with the network but can still enable unauthorized access to an organization’s systems.

P0f is a simple yet powerful network-level fingerprinting and forensics program. While other free cybersecurity programs do a similar job, p0f is unique in that it’s designed for stealth. Where most other programs rely on active scanning and packet injection, p0f can identify fingerprints and other vital information without network interference. Being passive rather than active means p0f is nearly impossible to detect and even harder to block, making it a favorite tool for ethical hackers and cybercriminals alike.

15. REMnux

Normally the dissection and examination of malware is left to the antimalware vendors. But if you would like to do the job yourself, there is REMnux, a free Linux toolkit for reverse-engineering and analyzing malware.

Included in every REMnux distribution are tools to analyze Windows executables, reverse-engineer binaries and inspect suspicious documents. It also includes a collection of free tools cybersecurity professionals can use to monitor networks, gather data and conduct memory forensics. 

16. Security Onion

Security Onion is an open source software collection based on the Linux kernel that helps cybersecurity professionals develop a comprehensive profile of their system’s security posture. Security Onion provides network monitoring using full packet capture, host-based and network-based intrusion detection systems, log indexing, search and data visualization features.

The operating system emphasizes ease of use and makes it possible to interweave data and analytics from multiple tools into a unified dashboard. The overarching goal of the project is to offer teams a foolproof security monitoring solution that reduces decision paralysis and false alerts.

17. Snort

Snort is an open source network intrusion prevention and intrusion detection system capable of real-time traffic analysis and logging. It uses a series of rules to identify malicious network activity, find the packets and generate alerts. This packet sniffer — managed by Cisco — actively searches and analyzes networks to detect probes, attacks and intrusions. Snort accomplishes this by fusing a sniffer, packet logger and intrusion detection engine into a single package.

Its developer recently released version 3, which includes a new rule parser and rule syntax, support for multiple packet-processing threads, use of a shared configuration and attribute table, access to more than 200 plugins, rewritten TCP handling and new performance monitoring.

18. Sqlmap

Sqlmap is an open source penetration testing tool that automates detecting and exploiting SQL injection flaws of database servers, enabling a remote hacker to take control. It comes with a detection engine and many niche features for the ultimate penetration tester. It supports a variety of databases — including Oracle and open source — and a number of injection types.

19. Wireshark

Wireshark is considered by many to be an indispensable tool to locate, identify and examine network packets to diagnose critical issues and spot security weaknesses. The website for Wireshark outlines its broad set of features and provides a user’s guide and other resources for putting this free cybersecurity tool to best use.

20. Zed Attack Proxy (ZAP)

ZAP is an open source penetration testing tool designed specifically for testing web applications. It is known as a “man-in-the-middle proxy,” where it intercepts and inspects messages sent between browsers and web applications.

ZAP provides functionality for developers, testers new to security testing and security testing specialists. There are also versions for each major operating system and Docker. Additional functionality is available via add-ons in the ZAP Marketplace.

Every cybersecurity expert carries a different set of tools, depending on their mission and skill set. However, the free cybersecurity tools here serve as an entry point for those looking to increase their cybersecurity skills and knowledge. Cyberthreats are getting more lethal every year — and more efficient.

The Ultimate Kali Linux Book: Perform advanced penetration testing using Nmap, Metasploit, Aircrack-ng, and Empire

InfoSec tools | InfoSec services | InfoSec books | Follow our blog | DISC llc is listed on The vCISO Directory

Tags: free cybersecurity tools


Jan 26 2023

ENISA gives out toolbox for creating security awareness programs

Category: Security Awareness,Security ToolsDISC @ 9:33 am

The European Union Agency for Cybersecurity (ENISA) has made available Awareness Raising in a Box (AR-in-a-BOX), a “do it yourself” toolbox to help organizations in their quest to create and implement a custom security awareness raising program

security awareness toolbox

The package includes:

  • A guideline on how to build an internal cyber-awareness raising program tailored to employees’ needs
  • A guideline on creating an awareness campaign targeted at external stakeholders
  • A how-to guide on how to select the appropriate tools and channels to best reach the target audience and tips for effective communication in social media
  • Instructions on selecting the right metrics and developing key performance indicators (KPIs) to evaluate the effectiveness of a program or campaign
  • A guide for the development of a communication strategy
  • An awareness raising game, in different versions and styles, for a generic audience and for an audience in the energy sector. It also comes with a guide on how it should be played
  • An awareness raising quiz to test comprehension and retention of key information (e.g., how to create good passwords)

Why security awareness matters

People have become cyber-attackers’ primary attack vector, which means that programs for raising cyber awareness are crucial for an organization’s cybersecurity strategy. The goal of these programs is to promote good cybersecurity practices of employees, managers and executives and improve their cybersecurity behavior.

A lot of advice can be found online on how to upgrade your security awareness efforts and engage your employees with better cybersecurity training, but sometimes organizations don’t know where to start.

AR-in-a-BOX can help them wrap their head around the task and push them towards realization.

“AR-in-a-Box is offered by ENISA to public bodies, operators of essential services, large private companies as well as small and medium ones (SMEs). [It] is dynamic and will be regularly updated and enriched,” the agency noted.

ENISA has previously published helpful materials for cybersecurity awareness campaigns aimed at electricity operators and the healthcare sector.

Checkout our previous posts on Security Awareness

DISC InfoSec

#InfoSecTools and #InfoSectraining

#InfoSecLatestTitles

#InfoSecServices

Follow DISC #InfoSec blog

Ask DISC an InfoSec & compliance related question

Tags: free cybersecurity tools, Security Awareness


Feb 19 2022

CISA compiled a list of free cybersecurity tools and services

Category: Security ToolsDISC @ 9:45 pm

The U.S. CISA has created a list of free cybersecurity tools and services that can help organizations increase their resilience.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced this week that it has compiled a list of free cybersecurity tools and services that can help organizations to reduce cybersecurity risk and increase resilience.

The list is part of an ongoing project, it will be continuously updated by CISA that also plans to allow third parties to propose their resources to include in the list.

The list includes open source tools and free resources provided by government organizations and private cybersecurity firms.

The tools cover a broad range of activities normally conducted by defenders, from incident response to threat detection.

“As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. CISA will implement a process for organizations to submit additional free tools and services for inclusion on this list in the future.” reads the announcement published by CISA. “The list is not comprehensive and is subject to change pending future additions.”

The US agency proposed the following categorization according to the four goals outlined in CISA Insights: Implement Cybersecurity Measures Now to Protect Against Critical Threats:

  1. Reducing the likelihood of a damaging cyber incident;
  2. Detecting malicious activity quickly;
  3. Responding effectively to confirmed incidents; and
  4. Maximizing resilience.

The list already includes cybersecurity tools and services from major IT and cybersecurity firms, including ones provided by CISA, AT&T Cybersecurity, Cloudflare, Cisco, Center for Internet Security, CrowdStrike, Google, IBM, Microsoft, Mandiant, Splunk, SANS, Secureworks, Tenable, and Palo Alto Networks. The list also includes tens of tools are open source.

CISA pointed out that it does not endorse any commercial product or service.

DISC InfoSec Tools and training

DISC InfoSec Books

DISC InfoSec Services

Tags: CISA, free cybersecurity tools


Feb 24 2021

6 free cybersecurity tools CISOs need to know about

Category: CISO,vCISODISC @ 3:11 pm
Contact DISC

6 free cybersecurity tools for 2021

1: Infection Monkey

Infection Monkey is an open source Breach and Attack Simulation tool that lets you test the resilience of private and public cloud environments to post-breach attacks and lateral movement, using a range of RCE exploiters.

Infection Monkey was created by Israeli cybersecurity firm Guardicore to test its own segmentation offering. Developer Mike Salvatore told told The Stack: “Infection Monkey was inspired by Netflix’s Chaos Monkey.

“Chaos Monkey randomly disables production instances to incentivize engineers to design services with reliability and resilience in mind. We felt that the same principles that guided Netflix to create a tool to improve fault tolerance could be applied to network security. Infection Monkey can be run continuously so that security-related shortcomings in a network’s architecture can be quickly identified and remediated.”

The company recently added a Zero Trust assessment, as well as reports based on the MITRE ATT&CK framework.

Source: 6 free cybersecurity tools CISOs need to know about

Tags: free cybersecurity tools, Infection Monkey