Kernel of Truth

Free Cyber Security Tools

    1. Kali Linux

    What it is: A Debian-based Linux distribution built for digital forensics and penetration testing.

    Why it’s used: Packed with hundreds of security tools out-of-the-box, it’s the go-to OS for ethical hackers.

    Where to get it: https://www.kali.org

    How to install: Download the ISO and install it on bare metal, virtual machines (e.g., VirtualBox), or boot it live from USB.

    2. Wireshark

    What it is: A powerful packet analyser for network troubleshooting and analysis.

    Why it’s used: Lets you capture and inspect data from your network in real-time, helping detect suspicious activity.

    Where to get it: https://www.wireshark.org

    How to install: Download the installer for Windows/macOS or use apt install wireshark on Linux.

    3. Nmap

    What it is: A network scanning tool for discovering hosts and services.

    Why it’s used: Commonly used in reconnaissance to find open ports and identify services during a pentest.

    Where to get it: https://nmap.org

    How to install: Use a package manager (apt, brew, or download the executable).

    4. Burp Suite

    What it is: An integrated platform for testing web application security.

    Why it’s used: Intercepts traffic, scans for vulnerabilities, and helps exploit common web flaws.

    Where to get it: https://portswigger.net/burp

    How to install: Free Community Edition available. Download and run the JAR or native installer.

    5. Metasploit Framework

    What it is: A framework for developing and executing exploit code against targets.

    Why it’s used: Ideal for security testing and demonstrating known vulnerabilities.

    Where to get it: https://www.metasploit.com

    How to install: Use the official installer script or apt install metasploit-framework.

    6. Hack The Box

    What it is: A cybersecurity training platform offering realistic virtual machines.

    Why it’s used: Great for practicing offensive security in a legal environment.

    Where to get it: https://www.hackthebox.com

    How to install: No install needed—just register and use via web interface.

    7. Zed Attack Proxy (ZAP)

    What it is: An open-source web application security scanner maintained by OWASP.

    Why it’s used: Automates the discovery of web application vulnerabilities.

    Where to get it: https://www.zaproxy.org

    How to install: Download the installer for your OS or use Docker.

    8. SQLMap

    What it is: A tool that automates the process of detecting and exploiting SQL injection flaws.

    Why it’s used: Streamlines a complex task often found in web app penetration tests.

    Where to get it: https://sqlmap.org

    How to install: Clone from GitHub and run via Python.

    9. CyberChef

    What it is: A web app for data manipulation and encoding/decoding.

    Why it’s used: Great for reversing encodings, hashing, and parsing binary data.

    Where to get it: https://gchq.github.io/CyberChef

    How to install: Use online or host the single HTML file locally.

    10. OpenVAS

    What it is: A full-featured vulnerability scanner.

    Why it’s used: Detects known vulnerabilities in systems and applications.

    Where to get it: https://www.greenbone.net

    How to install: Available in Kali Linux; install via Docker or package managers.

    11. Snort

    What it is: An open-source intrusion detection/prevention system.

    Why it’s used: Monitors network traffic and alerts or blocks based on signatures.

    Where to get it: https://www.snort.org

    How to install: Download from Snort site or use apt install snort.

    12. pfSense

    What it is: A firewall/router distribution based on FreeBSD.

    Why it’s used: Enterprise-grade firewall with advanced routing, VPN, and IDS support.

    Where to get it: https://www.pfsense.org

    How to install: Download the ISO and install it on a physical machine or VM.

    13. Aircrack-ng

    What it is: A suite for auditing wireless networks.

    Why it’s used: Captures packets and cracks WEP/WPA keys.

    Where to get it: https://www.aircrack-ng.org

    How to install: Use package manager or compile from source.

    14. Ghidra

    What it is: A reverse engineering suite developed by the NSA.

    Why it’s used: Disassembles binaries for malware analysis and debugging.

    Where to get it: https://ghidra-sre.org

    How to install: Download the ZIP and run the launch script.

    15. REMnux

    What it is: A Linux distro for malware analysis.

    Why it’s used: Pre-loaded with tools for reverse engineering, static/dynamic analysis.

    Where to get it: https://remnux.org

    How to install: Install as a standalone system or in a VM.

    16. OSSEC

    What it is: Host-based intrusion detection and prevention.

    Why it’s used: Monitors logs, file integrity, and active responses.

    Where to get it: https://www.ossec.net

    How to install: Install via packages or from source.

    17. Nikto

    What it is: A web server vulnerability scanner.

    Why it’s used: Checks for outdated software, config issues, and dangerous files.

    Where to get it: https://cirt.net/Nikto2

    How to install: Download the Perl script and run it.

    18. Gophish

    What it is: A phishing campaign framework.

    Why it’s used: Simulates phishing attacks for security awareness training.

    Where to get it: https://getgophish.com

    How to install: Download release binary or compile from source.

    19. Have I Been Pwned

    What it is: A data breach search site.

    Why it’s used: Checks if your email/password has appeared in breaches.

    Where to get it: https://haveibeenpwned.com

    How to install: No install needed—use the web service.

    20. DeHashed

    What it is: A breach search engine.

    Why it’s used: Offers deeper breach info including usernames and IPs.

    Where to get it: https://www.dehashed.com

    How to install: Web-based service—register for an account to use.