Here are a number of outstanding free security tools that will certainly make your daily safety work easier.
In this list you will find the 23 best free security tools: password crackers, vulnerability management systems, network scanners…
Regardless of your role in the field of computer security, they will be useful to you.
Maltego
This forensic application is able to gather information published on the Internet about certain entities(people, companies, organizations, websites, etc.), and analyze the relationships between them. Maltego presents its results through a wide variety of graphic elements, allowing you to see relationships quickly and with great precision. It has a paid license, and a free license with restrictions. Info Maltego
OWASP Zed Attack Proxy (ZAP)
Zed Attack Proxy is responsible for finding vulnerabilities present in a web application. It provides both automatic scanners and a set of utilities for manual searches. INFO ZAP
Samurai Web Testing Framework
Samurai Web Testing Framework is a virtual machine that contains several of the free security tools present in this list(Fierce Domain Scan, Maltego, Burp…), as well as functions such as a web environment for pen-testing. It can be downloaded as a VMWare image, with the toolset inside. As drawbacks we have that the developer mailing list has been inactive for several years; in addition to its latest version dating back to 2016, so it contains outdated tool versions. Info Samurai Web Testing Framework
Kali Linux
Kali Linux (formerly known as BackTrack) is a Linux pen-testing distribution. Used by security professionals to carry out their assessments, in it we can find everything from port scanners to password decryptors. It is available for download as ISO, or even as a VM image for VMWare or Hyper-V. Info Kali Linux
Cain & Abel
We are faced with a password recovery utility for Microsoft operating systems, up to Windows XP(the tool has not been updated since 2014). It allows you to easily recover a multitude of password types, using various methods: capturing network traffic, decrypting encrypted passwords through dictionary attacks, brute force and cryptanalysis, recording VoIP conversations, retrieving keys from wireless networks, revealing password boxes, discovering cached passwords and analyzing routing protocols. Info Cain & Abel
Fierce Domain Scan
Fierce highlights potential goals, inside and outside a corporate network, by observing DNS entries. It is basically a script written in Perl, developed to scan domains in a matter of minutes, using multiple tactics. Although its author, Robert Hansen, closed his blog, we can find Fierce in a Github repository. Because the underlying principles of DNS haven’t changed in the last decade, it can still be useful to us. Info Fierce Domain Scan
The Harvester
The Harvester, a favorite among pen testers, is an open source intelligence tool (OSINT). It is used to obtain subdomain names, email addresses, and domain-related usernames, using public sources such as Google and LinkedIn. Info The Harvester
Hping
Hping is a command-line tool that can be used to assemble and analyze custom TCP/IP packets. It can be used for testing firewalls, port scanning, testing networks using different protocols, OS fingerprinting, and as an advanced traceroute. It can run on Linux, FreeBSD, NetBSD, OpenBSD, Solaris, MacOs X, and Windows. It hasn’t been updated in years (although neither has TCP/IP). Info Hping
John the Ripper
This is a password utility available for Unix, Windows, DOS, BeOS, and OpenVMS systems(although you may need to build the free version yourself). It is mainly used to get weak Unix passwords. Info John the Ripper
Nessus
It is one of the most popular vulnerability assessment and configuration tools in the world. It started out as an open source project but later jumped into a proprietary license. Despite this, Nessus is still free for personal use on home networks, where it will scan up to 16 IP addresses. As indicated on your website, Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, patch management integration, and vulnerability analysis. Info Nessus
Nmap
Nmap is an open source tool for network scanning and security auditing. More than 20 years after its release, its developers still update it. It is designed to quickly scan large networks, although it also works against unique hosts. According to the NMap website, the scanner uses raw IP packets to determine which hosts are available on the network, the services that those hosts are offering, the operating systems they are running, types of packet/firewall filtering that are in use, and many other features. Info Nmap
Openvpn
OpenVPN is an open source SSL VPN tool. It works in a wide range of configurations, including remote access, point-to-point VPN, Wi-Fi security, and enterprise-scale remote access solutions. It offers load balancing, failover, and access controls. It is available for Windows, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Solaris machines. OpenVPN Info
Ophcrack
Ophcrack is a free tool to decrypt Windows passwords using rainbow tables. It is cross-platform, and has a graphical interface, in which it displays real-time graphs to analyze passwords. You can decrypt passwords using LM and NTLM hashes using the free rainbow tables available on the website. Info Ophcrack
Python Security
The OWASP Python Security Project set out to create a reinforced version of Python that would allow developers to build applications for use in high-risk environments, and ended up building the largest collection of security information in the Python programming language. Info OWASP Python Security Project
Wireshark
Wireshark is an analyzer that allows you to interactively capture and explore traffic on a network. During its more than 20 years of development, a long list of features have been incorporated, including real-time capture and offline analysis, and an in-depth inspection of hundreds of protocols. It is cross-platform, being able to run on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, etc. It is capable of, among other things, analyzing VoIP traffic; decrypt SSL/TLS, WEP, and WPA/WPA2 traffic, and read traffic carried by USB, Bluetooth, and even Frame Relay. Info Wireshark
ModSecurity
ModSecurity es un conjunto de herramientas para la supervisión, registro y control de acceso de aplicaciones web en tiempo real, desarrollado por el Equipo SpiderLabs de Trustwave. You can perform a full record of HTTP transactions, capturing full requests and responses; conduct ongoing security assessments; and harden web applications. It can be incorporated into an Apache 2.x installation, or deployed as a reverse proxy to protect any web server. Info ModSecurity
ThreadFix
ThreadFix is an application vulnerability management platform from Denim Group. Combines dynamic, static, and interactive application scanner reporting results. It has an open source community edition, but there is also a paid version of ThreadFix, with advanced features. Info ThreadFix
Burp Suite
Burp Suite is a web application security testing platform. Its various tools cover the entire testing process, from initial mapping and analysis of an application’s attack surface, to finding and exploiting security vulnerabilities. Portswigger offers a free edition, which lacks the browser’s web vulnerabilities and some of the advanced manual tools. Info Burp Suite
Metasploit
The Metasploit Project is a security project that provides vulnerability information and help in penetration testing and signature development for IDS (intrusion detection systems). This project resulted in metasploit Framework, an open source platform for writing security tools and exploits. In 2009, Rapid7, a provider of vulnerability management solutions, acquired Metasploit Project. Since the acquisition of the Metasploit Framework, Rapid7 has added two proprietary open-core versions, called Metasploit Express and Metasploit Pro. MetasploitInfo
Aircrack-ng
It is a complete set of tools to monitor packages, test hardware, decrypt passwords and launch attacks on Wi-Fi networks. What Wireshark does on Ethernet, Aircrack-ng does over Wi-Fi. Version 1.2, released in April 2018, brings major improvements in speed and security, and expands the list of hardware it supports. Info Aircrack-ng
Tails
The Amnesiac Incognito Live System (TAILS) is a live Linux distribution that can be run from a DVD or USB device. It does not track your activities from one session to the next, and uses Tor for all communications on the Internet. You may disclose your identity to someone who is monitoring your Tor connection if you sign in, for example, with your account on a social network; But as long as you don’t do anything like that, TAILS can be a great help to keep your online activity secret. TailS Info
Qubes OS
Qubes OS is called “a reasonably secure operating system”. It is a security-oriented open source operating system. Use Xen to compartmentalized functions on different virtual machines or qubes. This allows you to isolate different activities in different qubes. You can, for example, do everything related to online banking in one qube, and everything else in another. Or even, going further, you could create a disposable qube for each email attachment you opened, helping to prevent a malicious attachment from taking control of the entire machine. It is available as a free download, but a 64-bit Intel or AMD machine with at least 4 GB of RAM and 32 GB of disk space is required. Info Qubes OS
Signal
We finish this list of free security tools with Signal, a messaging and voice and video calling app that offers end-to-end encryption. It offers functions such as disappearing messages (the sender can choose how long the message will be destroyed after it has been read), encrypted group chats and sending images. Signal is recommended by the Electronic Frontier Foundation as part of its “Surveillance Self Defense” guide, an advanced guide to protecting online espionage. It is a free app and can be used on Android, iOS, macOS, Linux and Windows. Info Signal