KnowBe4Human Security Awareness
KnowBe4 is the world's largest integrated platform for security awareness training combined with simulated phishing attacks. Join our more than 37,000 customers to manage the continuing problem of social engineeringVisit
Take 5Human Security Awareness
Take Five is national awareness campaign led by the United Kingdom. The website provides information resources and training for companies and employees working in the payments industry, financial services firms, law enforcement agencies, telecommunication providers, commercial, public and third sector. Their videos and resources cover phone scams, text message scams, email scams, and more.
Phishing Test Google/JigsawHuman Security Awareness
Phishing test Google/Jigsaw is an educational resource that teaches staff and managers how to detect fraud and phishing scams.
Get Cyber SafeHuman Security Awareness
Get Cyber Safe is a webpage belonging to the Government of Canada. This online hub educated users about information security risks, how to protect your personal data, and how to protect the devices you use.
Free Cyber Security Awareness TrainingHuman Security Awareness
ESET provides free cyber security awareness training. Use this tool to educate your employees with online videos and certification of completion. ESET's online training videos cover threat detection, password policies, internet browsing protection, and email protection.
Digitally Safe QuizHuman Security Awareness
Digital Safe Quiz is an online quiz that identifies weaknesses in your security standing. Based on your quiz inputs, the tool suggests activities that can improve your business's security. Digital Safe Quiz also provides challenges to teach employees about fraud detection.
Business Owner TrainingHuman Security Awareness
Heimdal Security is a online learning resource for Small Business Owners to learn about cyber security. The website teaches owners how to safely manage and store client data, how threats target businesses, and how to become compliant with information security regulations (GDPR). This tool prepares administrators to discover and eliminate security holes in their business systems, as well as choose the right apps to grow their business.
Cyber AwareHuman Security Awareness
Cyber Aware is a free information security awareness resource by the United Kingdom Government. The tool teaches users how to protect their homes and businesses from cyber crime.
Zeek (formerly Bro)Intrusion Detection
Zeek is a network analysis framework that focuses on network security monitoring. Zeek provides a platform for general network traffic analysis while bridging the gap between academic opinions of security and operational security.
Security OnionIntrusion Detection
Security Onion is an open source platform used for intrusion detection, enterprise security monitoring, and log management. The tool features an easy-to-use setup wizard that quickly creates sensors for enterprises.
Suricata is an open source network for threat detection. Suricata is capable of detecting intrusions in real-time and offers functionality for inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata inspects network traffic using rules and signature language. Suricata’s development team focuses on security, usability and efficiency.
Snort is an open source network intrusion detection and prevention system.
OSSEC is a Intrusion Detection System. Use OSSEC to secure your business through configuration tools, custom alerts, rules, and writing scripts.
EasyIDS is an open source Intrusion Detection System with a beginner-friendly design.
w3af is web application audit framework that scans web-based applications for security issues. Along with the Vulnerability Scanner, w3af provides tools to exploit ill intentions of web applications. w3af's framework also includes 2 plugins that can be used to find vulnerabilities, audit, and analyze web applications.
Qualys Community EditionVulnerability Assessment
Qualys Community Edition is a free version of Qualys Vulnerability Scanner Tool. The tool automatically updates with knowledge of the latest vulnerabilities. It includes the ability to asses 16 internal assets and 3 external assets with the toll. Included in the version is 1 Virtual Network Scanner and 1 Web Application Scanner. The tool also provides an overview of scan results and can be assessed from anywhere.
Open Vulnerability Assessment System (OpenVAS) is a powerful vulnerability scanner that tests and scans all types of servers and networks for security issues. This product is an open source framework that includes several vulnerability scanning tools. Features included in OpenVAS include unauthenticated testing, authenticated testing, internet and industrial protocols, and performance tuning for larger scans.
Nikto is a scanning tool for web servers. It can test web servers for over six thousand malicious files or programs. It also reviews installed software to see which ones are out of date. Nikto also has the capability to review server configurations, scan index files, and identify installed web servers and software.
Microsoft Security Compliance Toolkit 1.0Vulnerability Assessment
Microsoft's Security Compliance Toolkit of SCT is a package of tools for the latest versions of Windows operating systems. The tools allow administrators to easily set Microsoft-recommended security configurations as a baseline for all Windows and Microsoft operating systems and programs. Using the toolkit, administrators can review their Group Policy Objects (GPOs) and compare them to Microsoft recommendations. They can also review other configurations, edits, and store GPO backup files.
NXLog Community EditionSIEM
NXLog is a log collection tool. When browsing websites or using online applications, messages are issued to a console log (errors, alerts, messages and event tracking items). NXLog collects these logged messages and tells users if anything suspicious happened during their visit.
LOGalyze is an open source log management and network monitoring platform. The tool collects event logs from Windows or Linux networks. LOGalyze classifies logs by source host, severity, and type. This makes analyzing logs for threats or vulnerabilities more efficient.
Graylog Open SourceSIEM
Graylog collects, enhances, stores, and analyzes log data from websites and web applications. This information is reviewed to check error log messages and event tracking messages for security issues.
Google Security CheckupSecurity Mis-Configuration
Security Checkup is a tool inside Google Account Manager. Security Checkup automatically reviews users' security settings and configuration. If there's anything concerning, Google will recommend changes and features to turn on. This will increase the security of your account.
Facebook Security CheckupSecurity Mis-Configuration
Facebook's Security Checkup tool automatically reviews users' current security settings. It reviews a user's current configuration and recommends changes to increase the security of your account.
HTTPS EverywhereSafe Browsing
HTTPS Everywhere is an internet browser extension that forces websites to use an HTTPS connection when possible. If an HTTPS connection is not available, the user will be notified of the risk associated with the non-HTTPS website.
Ghostery is an internet browser extension that controls ads and tracking codes. Using Ghostery, you can manage the types of ads and tracking technology that you would like to block or allow. Ghostery helps secure your browsing experience by blocking ads and tracking cookies that slow page loading times, clutter webpages, and track your personal information.
pfSense is an open source firewall software for Large Enterprises. The tool extends your applications and connectivity to authorized users everywhere.
IPFire is an open source firewall and Intrusion Detection System (IDS). The tool prevents cybercriminals from breaking into your organization's network.
Sophos stops malware and virus apps, as well as blocks unwanted web content.
ClamAV is an open source antivirus software used to detect viruses and malware threats. This includes scanning email links, websites, and prompts to download or install suspicious applications.
Next-generation malware protection with a real-world detection score of 99.6%, performance that won’t slow your system down, plus stunning simplicity and ease of use. It also repairs damaged files.
How Secure Is My Password?Password
Check the strength of your password with 'How Secure is My Password'. This tool will analyze the content of your password and tell you how long it would take to hack into your accounts.
The Password MeterPassword
The Password Meter gives users a detailed breakdown of their password's strengths and weaknesses. Use the insights from this tool to create a stronger password.
LastPass is an award-winning password manager that saves your passwords and gives you secure access from every computer and mobile device.
have i been pwned?Password
Have I Been Pwned tells users if their information has been stolen through a breach. The tool tells users which companies their information was acquired from and gives tips for how to be safer.Visit
Estimating Password Cracking TimesPassword
This Better Buys password tool tells users how long it would take to hack their password. 'Hack' time is measured in milliseconds, minutes, hours, years, and centuries.
Dashlane is a password management tool that generates, stores, and autofills your account passwords across the web.
BreachAlarm scans email addresses to identify whether or not they have been hacked. This tool will alert you if your email password has been compromised and the last known date of breach.
Some companies use email tracking software to tell if you've opened their emails or clicked their links. Ugly Email is a plug-in for Gmail that labels tracked emails with an icon. When interacting with these email, Ugly Email blocks the trackers from working correctly.
The Onion Router (TOR) is a network of servers that allow people to browse the internet anonymously. The software prevents website tracking tools from learning your physical location. It also allows you to browse websites that may be blocked in your region.
Privacy Badger is a browser plug-in that can be used to block tracking cookies by domain or website. It can be used to block these trackers from gathering your browsing information to ensure your privacy is kept secure when browsing.
HPI Identity LeakPrivacy
HPI Identity Leak Checker provides insight into historical data breaches. It will show users if any of their personal data has been publically exposed. Data points include: passwords, telephone numbers and email addresses.
Google Authenticator is an app for people who use 2-step verification codes. Connect your app accounts to Google Authenicator to store and display all generated codes in one place.
PIPEDA Self-Assessment ToolPrivacy
The PIPEDA Self-Assessment Tool helps medium and large sized enterprises create and implement privacy governance and management. This tool was created by the Office of the Privacy Commissioner of Canada.
GDPR.eu is an online library of resources to help organizations achieve and maintain GDPR compliance. The General Data Protection Regulation (GDPR) is a regulation introduced and enforced through the European Union.
DuckDuckGo is an internet website browser built with privacy first. Browse the internet free from cookie collection and user profiling. DuckDuckGo will not use your browsing history for advertising purposes.
Data Protection (GDPR) Self-AssessmentPrivacy
This GDPR self-assessment tool provides a set of checklists to help businesses assess their compliance with GDPR. The tool also features a simple report builder that suggests practical steps and resources to improve your data protection compliance.
Brave is a web browser that prioritizes data security. Brave blocks website tracking codes and removes ads automatically. This reduces the need to download multiple extensions in order to block ads, tracking codes, and ensure a secure internet browsing experience.
Nagios is an open source application that provides monitoring tools to assess networks, traffic, and applications. The application looks for problems caused by overloaded data links, network connections, routers, and switches.
Aircrack-ng is a set of network tools that include a scanner, packet sniffer, wireless security cracker, and analysis tools for WEP and WPA/WPA2-PSK protocols. All tools included based within a command-line and focus on Linux.
Wireshark is a network protocol analyzer and packet sniffer. Wireshark is used to see all information that is moving across your network. This is useful for network troubleshooting and network analysis. Wireshark includes filters that show particular types of data and protocols as it passes across your network; giving you control and insight into what's happening at all levels of your company's network.
Nmap or "Network Mapper" is an open source tool for network mapping, asset discovery and security auditing. Using IP packets, Nmap reviews your entire network to determine what devices are on your network, what services are running, and what operating systems are running. Originally created to map and scan large networks, this tool can be used on networks of any size.
Telerik FiddlerNetwork Monitoring
Fiddler logs all HTTP and HTTPS traffic between a user and the internet. Users can review this information to debug traffic from virtually any application that supports a proxy.
OpenNMS is an open source network service management platform for enterprises. Their tool alerts staff of security issues and gives admins the ability to add and removes devices from their network.
ROCK NSMNetwork Monitoring
RockNSM is a platform for security monitoring and incident response. The tool identifies if a network passively collects data and it gives administrators the tools to monitor and analyze security issues. RockNSM is a scalable platform that meets the operational needs of security administrators.
Real Intelligence Threat Analytics (RITA)Network Monitoring
RITA is an open source framework for network traffic analysis. The framework supports beacon detection, DNS tunneling, and blacklist checking.
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. It detects operating systems, hostnames and open ports that a network hosts through packet sniffing. NetworkMiner also extracts transmitted files from network traffic.
NetMon FreemiumNetwork Monitoring
NetMon is a network monitoring tool that is used to detect threats in real-time. This helps administrators discover operational anomalies, find hidden security threats, and expose harmful apps.Visit
Advanced IP ScannerNetwork Monitoring
Advanced IP Scanner is a network scanning tool that's used to analyze your Local Area Network (LAN). The scan will reveal all connected networked devices and shared folders. This tool is currently only supported on Windows 10 devices.Visit
Parrot LinuxPenetration Testing
Parrot Linux is a platform used for security testing, software development and privacy defense. The platform includes tools for security and forensics analysis, and resources to help you securely build and launch software online.Visit
Kali LinuxPenetration Testing
Kali Linux is a penetration testing platform. The tool was built for many popular hardware platforms and stays up to date with the newest versions of penetration tests without needing to re-download the software. Kali Linux provides documentation and resources to help users create custom complex images with ease.Visit
Fedora Security SpinPenetration Testing
Fedora Security Spin provides a suite of online tools for safe test-environments, security auditing, forensics, and penetration testing. Fedora Security Spin acts as a stable platform for teaching security and running proper security tests.Visit
BlackArch LinuxPenetration Testing
BlackArch Linux is a penetration testing platform with many tools to help penetration testers.Visit