# Cybersecurity Tools
#### Seach More
- [10 Top Open Source Penetration Testing Tools](https://www.esecurityplanet.com/applications/open-source-penetration-testing-tools/)
- [OSV-Scanner](https://osv.dev/)
- [5 Tools to Scan a Linux Server for Malware and Rootkits (tecmint.com)](https://www.tecmint.com/scan-linux-for-malware-and-rootkits/)
- [Hottest cybersecurity open-source tools of the month: May 2025 - Help Net Security](https://www.helpnetsecurity.com/2025/05/28/hottest-cybersecurity-open-source-tools-of-the-month-may-2025/)
#### Online Tools
網站 | 功能描述 |
---|
shodan.io | 搜索互聯網連接設備的搜索引擎。 |
censys.io | 提供互聯網設備和網絡資產信息的搜索平台。 |
hunter.io | 查找與特定域名相關的電子郵件地址的工具。 |
fullhunt.io | 自動化攻擊面管理和漏洞發現平台。 |
onyphe.io | 網絡資產搜索和網絡安全信息收集引擎。 |
socradar.io | 提供實時網絡威脅情報和數字風險保護服務。 |
binaryedge.io | 互聯網範圍掃描和網絡風險評估平台。 |
ivre.rocks | 開源網絡偵察框架。 |
crt.sh | 搜索和查詢SSL/TLS證書的數據庫。 |
vulners.com | 綜合性漏洞數據庫和安全內容存儲庫。 |
publicwww.com | 源代碼搜索引擎,用於在網頁源碼中查找特定代碼片段。 |
pulsedive.com | 威脅情報和網絡安全數據聚合平台。 |
intelx.io | 多源開放源情報(OSINT)搜索和分析工具。 |
wigle.net | 無線網絡數據庫和地圖服務。 |
viz.greynoise.io | 分析和可視化互聯網噪聲和惡意活動的平台。 |
#### Vulnerability Scanner
- [OpenVAS](https://osslab.tw/books/cybersecurity/page/openvas "OpenVAS")
- [Nessus](https://osslab.tw/books/cybersecurity/page/nessus "Nessus")
- [RustScan : The Modern Port Scanner](https://github.com/RustScan/RustScan)
- [Vuls](https://vuls.io/) : Agentless Vulnerability Scanner for Linux/FreeBSD
- GitHub: [https://github.com/future-architect/vuls](https://github.com/future-architect/vuls)
- [Vuls: A Free, Open Source Vulnerability Scanner for Linux - The New Stack](https://thenewstack.io/vuls-a-free-open-source-vulnerability-scanner-for-linux/)
- [Vuls: Open-source agentless vulnerability scanner - Help Net Security](https://www.helpnetsecurity.com/2025/05/05/vuls-open-source-agentless-vulnerability-scanner/)
#### Tools
##### -Wazuh
The Open Source Security Platform
- [https://wazuh.com/](https://wazuh.com/)
- YT: [this Cybersecurity Platform is FREE](https://www.youtube.com/watch?v=i68atPbB8uQ)
- YT: [you need this FREE CyberSecurity tool](https://www.youtube.com/watch?v=3CaG2GI1kn0)
- YT: [Wazuh Open Source SIEM Tutorial - YouTube](https://www.youtube.com/watch?v=u4tMvUCUXqY)
- YT: [Wazuh! Powerful, Open Source Endpoint Security Monitoring!](https://www.youtube.com/watch?v=dwr-4CXtOso)
##### -Web Check
All-in-one OSINT tool for analysing any website
- [Web Check (web-check.xyz)](https://web-check.xyz/)
- GitHub: [https://github.com/Lissy93/web-check](https://github.com/Lissy93/web-check)
##### -OWASP: Nettacker
Automated Penetration Testing Framework (自動滲透測試框架)
- [OWASP/Nettacker: Automated Penetration Testing Framework](https://github.com/OWASP/Nettacker)
##### -WAF: Web Application Firewall
- [GoTestWAF](https://github.com/wallarm/gotestwaf)
- [Test and evaluate your WAF before hackers](https://lab.wallarm.com/test-your-waf-before-hackers/)
- [SafeLine](https://waf.chaitin.com/) - A self-hosted WAF(Web Application Firewall)
- YT: [SafeLine: A Feature-Rich WAF with a Catch (or Two)](https://www.youtube.com/watch?v=AwfNqWvMVTI)
##### -Pi-Alert: WiFi/LAN 連網裝置偵測
- [Pi.Alert](https://github.com/pucherot/Pi.Alert)
- \[Video\] [Pi Alert - Open Source, Self Hosted, Network Device Change Notification and Intrusion Detection](https://www.youtube.com/watch?v=oKl3WFQloE4)
##### -WatchYourLAN
- GitHub: [https://github.com/aceberg/WatchYourLAN](https://github.com/aceberg/WatchYourLAN)
##### -ntopng
Network traffic monitor
- [ntopng – ntop](https://www.ntop.org/products/traffic-analysis/ntop/)
- YT: [NTopNG - A Free, Open Source, Self Hosted, Network Monitoring and Analysis Tool. - YouTube](https://www.youtube.com/watch?v=sJkLmjaj02E&list=PLjLkaXQ35322Of0hhUfhlMuGEl-feXZQB)
##### -ImHex: Hex Editor
A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM
- GitHub: [https://github.com/WerWolv/ImHex/](https://github.com/WerWolv/ImHex/)
##### -OSSIEM
Open Source SIEM Stack, Wazuh + Graylog + Velociraptor + Copilot
- GitHub: [https://github.com/socfortress/OSSIEM](https://github.com/socfortress/OSSIEM)
##### -Fishing Test
- [pfish](https://github.com/pow1e/pfish) - 轻量级的无害化钓鱼
##### -CISO Assistant
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management
- GitHub: [https://github.com/intuitem/ciso-assistant-community](https://github.com/intuitem/ciso-assistant-community)
##### -Cybersecurity OS platforms
- [TOP VIRTUAL MACHINES FOR CYBERSECURITY PROFESSIONALS | by Flavio Queiroz | CTI Flash Insights | Medium](https://medium.com/cti-insights/top-virtual-machines-for-cybersecurity-professionals-b111930c2ba2)
- [Kali Linux](https://www.kali.org/)
- [ParrotOS](https://www.parrotsec.org/)
##### -MISP
MISP (Malware Information Sharing Platform)
- [https://www.misp-project.org/](https://www.misp-project.org/)