Cybersecurity tools can be quite expensive, and finding reliable free options is often a challenge. While free tools may not be as advanced as their paid counterparts, I believe they can still provide significant value. In this post, I've compiled a list of free tools I've discovered and tested so far, and I make an effort to keep it regularly updated.
OSINTs
Useful tools for IOC-based and community-backed detections.
- Virustotal - URL, file, domain, IP, hash
- Cisco Talos - domain, IP, email, sha256
- Abuse IPDB - IP
- Censys - hosts, certificates
- IBM X-Force - URL, IP, domain, email, cve, cidr, hash, mutex, yara
- Open Threat - URL, IP, domain, email, cve, cidr, hash, mutex, yara
- Domain Tools - check domain info
- Threat Miner - IP, domain, hash, email, ssl cert, file, registry, mutex expired domain
- Threat Crowd
- Sherlock - Social media OSINT
What is a mutex?
Mutex is a type of object used by programs for multithreading to avoid threads writing into the same shared memory. Reference: SANS.
Sandbox
Useful tools to check suspicious website or detonate malicious files.
- Browserling - Interact with websites
- Hybrid Analysis - Malware file sandboxing
Phishing Analysis
Useful tools to aid when performing phishing analysis
- Google Admin Toolbox - Email header analyzer
- PhishTank - A public threat feed that provides intelligence regarding phishing attacks and malicious artifacts
- DNS Twist - A phishing domain scanner
- PunyCoder - A tool to check for homographs
- Wannabrowser - A tool to check the destination URL of shortened URLs
- DNS Reverse Lookup - Useful to reverse DNS the
x-sender-ip - PhishTool - Easier way to gather email artifacts
Data Manipulation
Useful tool to encode, decode, hash, encrypt, decrypt, and more.