# Cybersecurity Tools #### Seach More - [10 Top Open Source Penetration Testing Tools](https://www.esecurityplanet.com/applications/open-source-penetration-testing-tools/) - [OSV-Scanner](https://osv.dev/) - [5 Tools to Scan a Linux Server for Malware and Rootkits (tecmint.com)](https://www.tecmint.com/scan-linux-for-malware-and-rootkits/) - [Hottest cybersecurity open-source tools of the month: May 2025 - Help Net Security](https://www.helpnetsecurity.com/2025/05/28/hottest-cybersecurity-open-source-tools-of-the-month-may-2025/) #### Online Tools
網站功能描述
shodan.io搜索互聯網連接設備的搜索引擎。
censys.io提供互聯網設備和網絡資產信息的搜索平台。
hunter.io查找與特定域名相關的電子郵件地址的工具。
fullhunt.io自動化攻擊面管理和漏洞發現平台。
onyphe.io網絡資產搜索和網絡安全信息收集引擎。
socradar.io提供實時網絡威脅情報和數字風險保護服務。
binaryedge.io互聯網範圍掃描和網絡風險評估平台。
ivre.rocks開源網絡偵察框架。
crt.sh搜索和查詢SSL/TLS證書的數據庫。
vulners.com綜合性漏洞數據庫和安全內容存儲庫。
publicwww.com源代碼搜索引擎,用於在網頁源碼中查找特定代碼片段。
pulsedive.com威脅情報和網絡安全數據聚合平台。
intelx.io多源開放源情報(OSINT)搜索和分析工具。
wigle.net無線網絡數據庫和地圖服務。
viz.greynoise.io分析和可視化互聯網噪聲和惡意活動的平台。
#### Vulnerability Scanner - [OpenVAS](https://osslab.tw/books/cybersecurity/page/openvas "OpenVAS") - [Nessus](https://osslab.tw/books/cybersecurity/page/nessus "Nessus") - [RustScan : The Modern Port Scanner](https://github.com/RustScan/RustScan) - [Vuls](https://vuls.io/) : Agentless Vulnerability Scanner for Linux/FreeBSD - GitHub: [https://github.com/future-architect/vuls](https://github.com/future-architect/vuls) - [Vuls: A Free, Open Source Vulnerability Scanner for Linux - The New Stack](https://thenewstack.io/vuls-a-free-open-source-vulnerability-scanner-for-linux/) - [Vuls: Open-source agentless vulnerability scanner - Help Net Security](https://www.helpnetsecurity.com/2025/05/05/vuls-open-source-agentless-vulnerability-scanner/) #### Tools ##### -Wazuh The Open Source Security Platform - [https://wazuh.com/](https://wazuh.com/) - YT: [this Cybersecurity Platform is FREE](https://www.youtube.com/watch?v=i68atPbB8uQ) - YT: [you need this FREE CyberSecurity tool](https://www.youtube.com/watch?v=3CaG2GI1kn0) - YT: [Wazuh Open Source SIEM Tutorial - YouTube](https://www.youtube.com/watch?v=u4tMvUCUXqY) - YT: [Wazuh! Powerful, Open Source Endpoint Security Monitoring!](https://www.youtube.com/watch?v=dwr-4CXtOso) ##### -Web Check All-in-one OSINT tool for analysing any website - [Web Check (web-check.xyz)](https://web-check.xyz/) - GitHub: [https://github.com/Lissy93/web-check](https://github.com/Lissy93/web-check) ##### -OWASP: Nettacker Automated Penetration Testing Framework (自動滲透測試框架) - [OWASP/Nettacker: Automated Penetration Testing Framework](https://github.com/OWASP/Nettacker) ##### -WAF: Web Application Firewall - [GoTestWAF](https://github.com/wallarm/gotestwaf) - [Test and evaluate your WAF before hackers](https://lab.wallarm.com/test-your-waf-before-hackers/) - [SafeLine](https://waf.chaitin.com/) - A self-hosted WAF(Web Application Firewall) - YT: [SafeLine: A Feature-Rich WAF with a Catch (or Two)](https://www.youtube.com/watch?v=AwfNqWvMVTI) - [waf-checker](https://github.com/PAPAMICA/waf-checker) ##### -Pi-Alert: WiFi/LAN 連網裝置偵測 - [Pi.Alert](https://github.com/pucherot/Pi.Alert) - \[Video\] [Pi Alert - Open Source, Self Hosted, Network Device Change Notification and Intrusion Detection](https://www.youtube.com/watch?v=oKl3WFQloE4) ##### -WatchYourLAN - GitHub: [https://github.com/aceberg/WatchYourLAN](https://github.com/aceberg/WatchYourLAN) ##### -ntopng Network traffic monitor - [ntopng – ntop](https://www.ntop.org/products/traffic-analysis/ntop/) - YT: [NTopNG - A Free, Open Source, Self Hosted, Network Monitoring and Analysis Tool. - YouTube](https://www.youtube.com/watch?v=sJkLmjaj02E&list=PLjLkaXQ35322Of0hhUfhlMuGEl-feXZQB) ##### -ImHex: Hex Editor A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM - GitHub: [https://github.com/WerWolv/ImHex/](https://github.com/WerWolv/ImHex/) ##### -OSSIEM Open Source SIEM Stack, Wazuh + Graylog + Velociraptor + Copilot - GitHub: [https://github.com/socfortress/OSSIEM](https://github.com/socfortress/OSSIEM) ##### -Fishing Test - [pfish](https://github.com/pow1e/pfish) - 轻量级的无害化钓鱼 ##### -CISO Assistant CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management - GitHub: [https://github.com/intuitem/ciso-assistant-community](https://github.com/intuitem/ciso-assistant-community) ##### -Cybersecurity OS platforms - [TOP VIRTUAL MACHINES FOR CYBERSECURITY PROFESSIONALS | by Flavio Queiroz | CTI Flash Insights | Medium](https://medium.com/cti-insights/top-virtual-machines-for-cybersecurity-professionals-b111930c2ba2) - [Kali Linux](https://www.kali.org/) - [ParrotOS](https://www.parrotsec.org/) ##### -MISP MISP (Malware Information Sharing Platform) - [https://www.misp-project.org/](https://www.misp-project.org/)