Open-source tools represent a dynamic force in the technological landscape, embodying innovation, collaboration, and accessibility. These tools, developed with transparency and community-driven principles, allow users to scrutinize, modify, and adapt solutions according to their unique needs.
In cybersecurity, open-source tools are invaluable assets, empowering organizations to fortify their defenses against evolving threats.
In this article, you will find a list of open-source cybersecurity tools that you should definitely check out.


Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration tests and red team engagements).​​

SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications.

Mosint is an automated email OSINT tool written in Go designed to facilitate quick and efficient investigations of target emails. It integrates multiple services, providing security researchers with rapid access to a broad range of information.

Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models (LLMs).

AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident.

PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes.

Open-source solution k0smotron is enterprise-ready for production-grade Kubernetes cluster management with two support options.

Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0.

CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free.

Game of Active Directory (GOAD) is a free pentesting lab. It provides a vulnerable Active Directory environment for pen testers to practice common attack methods.

Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings.

Yeti serves as a unified platform to consolidate observables, indicators of compromise, TTPs, and threat-related knowledge. It enhances observables automatically, such as domain resolution and IP geolocation, saving you the effort.

BinDiff is a binary file comparison tool to find differences and similarities in disassembled code quickly.

LLM Guard is a toolkit designed to fortify the security of Large Language Models (LLMs). It is designed for easy integration and deployment in production environments.

Velociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities.

source