Open Source Windows Cybersecurity Tools
Sort By:
Cybersecurity Tools for Windows
View 162 business solutionsBrowse free open source Cybersecurity tools and projects for Windows below. Use the toggles on the left to filter open source Cybersecurity tools by OS, license, language, programming language, and project status.
-
Accounting Software Built for Owners, and Their ClientsBalancing your books, client relationships, and business isn’t easy. FreshBooks gives you the info and time you need to focus on your big picture—your business, team, and clients.
-
Connect with customers in one appDialpad Connect is an AI-powered unified communications platform that combines voice, video, and messaging to enhance team collaboration and customer interactions. It features real-time call transcription, automated call summaries, and AI-generated action items to help users stay focused during conversations. The platform integrates seamlessly with popular business apps like Salesforce, Zendesk, Microsoft Teams, and Google Workspace to streamline workflows. Designed for businesses of all sizes, Dialpad Connect delivers enterprise-grade reliability with 100% uptime SLA and robust disaster recovery. Security and privacy are core priorities, meeting standards like GDPR, HIPAA, and SOC 2 compliance. Dialpad Connect helps companies elevate customer experiences while boosting team productivity.
-
1
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
2
Maigret
Collect a dossier on a person by username from thousands of sites
Maigret is an open-source OSINT tool designed to collect a dossier on a person by username from thousands of sites. It automates the process of checking for a user's presence across various platforms, aiding in digital investigations. -
3
cyborghawk v1.1
Latest-v1.1 of The World's most advanced pen testing distribution ever
updated version of The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
4
Greenplum Database
Massive parallel data platform for analytics, machine learning and AI
Rapidly create and deploy models for complex applications in cybersecurity, predictive maintenance, risk management, fraud detection, and many other areas. With its unique cost-based query optimizer designed for large-scale data workloads, Greenplum scales interactive and batch-mode analytics to large datasets in the petabytes without degrading query performance and throughput. Based on PostgreSQL, Greenplum provides you with more control over the software you deploy, reducing vendor lock-in, and allowing open influence on product direction. Greenplum reduces data silos by providing you with a single, scale-out environment for converging analytic and operational workloads, like streaming ingestion. All major Greenplum contributions are part of the Greenplum Database project and share the same database core, including the MPP architecture, analytical interfaces, and security capabilities. -
Process Street | Compliance Operations PlatformBring compliance and operations under one roof with an AI agent that automates workflows, policies that enforce rules, and a platform that delivers results.
-
5
Watcher
Open Source Cybersecurity Threat Hunting Platform
Watcher is a file integrity monitoring tool that detects unauthorized changes to files, helping organizations maintain compliance and security. -
6
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application. -
7
pyWhat
Identify emails, IP addresses, and more
pyWhat is a Python-based identification tool designed to figure out “what” a piece of text or file content represents, especially in security and OSINT workflows. Given inputs such as hex strings, URLs, email addresses, IP addresses, credit card numbers, cryptocurrency wallets, or entire .pcap capture files, it scans for structured patterns and tells you what it finds. The tool is recursive: it can traverse files and directories to extract meaningful entities, which is useful when analyzing malware samples, network captures, or code repositories at scale. It offers powerful filters called “tags” and distributions that let you narrow results to specific categories like bug bounties, cryptocurrencies, or AWS-related artifacts. For automation and integration, pyWhat provides a CLI with options for rarity filtering, sorting, and JSON export, as well as an API that can be imported into other Python programs. -
8
DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES !!! ONLY FOR PENTESTING PURPOSES !!!
-
9
Stegcore
A cross-platform crypto-steganography toolkit
Stegcore combines cryptography and steganography to hide encrypted data inside ordinary files. It encrypts your payload before embedding it, so the hidden content is unreadable even if someone extracts it, and invisible to anyone who doesn't know it's there. Unlike basic steganography tools that hide data without encrypting it, Stegcore ensures the payload is cryptographically protected at rest. Unlike pure encryption tools, the payload isn't even visible. Designed for journalists, security researchers, red teamers, digital forensics professionals, and CTF participants. -
Run your private office with the ONLYOFFICEA Comprehensive Alternative to Office 365 for Business
-
10
Discord Token & Message Spammer
best open source discord spammer (token-webhook&more)
easy to use, set the tokens & channels and have fun, don't use it in a bad way if you catch my drift, if you want to use it you better use a vpn so discord won't ban you're ip smh. DMS version 0.5 https://github.com/SStorm21 https://6-g.itch.io/ ill keep updating this tool for sure tags: discord token spammer, discord raid tool, discord , discord tool discord tokens, chat spammer license By downloading this, you agree to the Commons Clause license and that you're not allowed to sell this repository or any code from this repository. For more info see https://commonsclause.com/. -
11
Scalytics Open Intelligence - OSINT
Open OSINT stack for monitoring, analysis, and risk detection
EUOSINT is the open-source edition of the OSINT pipeline built by Scalytics for real-world intelligence monitoring, situation analysis, and risk detection. It is not a toy dashboard or a loose script bundle. It is a packaged operational stack with a web interface, a Go-based collector runtime, configurable ingestion and refresh cadence, Docker-first deployment, and local or server installation options. The public release removes non-public and protected integrations while preserving the pipeline structure and deployment model that make the system usable in practice. EUOSINT is built for teams that need continuous monitoring, reproducible installs, and a base they can extend for their own intelligence and security workflows. -
12
cyborg hawk v 1.0
The World's most advanced penetration testing distribution ever
The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
13
usb-guard
Turn any USB flash drive into a master key for your PC
USB Guard is an advanced workstation security solution for Windows that turns USB drives into physical authentication keys using native Windows Kernel APIs. - Zero-Trust Security: Validates unique hardware serial numbers through direct Kernel API calls, ensuring only authorized USB drives can unlock your PC. - Brute-Force Protection: Exponential delay penalties after failed unlock attempts prevent automated attacks. - High-Fidelity Lock Screen: Glassmorphism aesthetics with GPU-accelerated blur effects that blend seamlessly with your desktop wallpaper. - System Integration: Auto-mutes volume when locked, persists via Windows Registry, and covers all connected monitors. - Master Recovery Key: Exportable backup codes ensure you never get permanently locked out. - Lightweight: Runs efficiently using direct native APIs instead of heavy middleware, keeping resource usage minimal. Built with .NET 10, WPF, and Fluent Design. Open source under MIT License. -
14
Full Stack Computer Scanner
Scans the entire computer device stack (hardware, software, comms)
The Full Stack Computer Scanner is a read-only Windows freeware security diagnostics app for computer platform awareness. No ads. No accounts. No data collection. Fully offline. Complements AVs by scanning for hardware, software, network integrity, and dangerous malware signatures. Only binaries from this official SourceForge project page are legitimate. Other hosting, web, cloud, virtualization, or “run online” instances are unauthorized. Trust your vendors but verify with the Full Stack Computer Scanner. Keith Johnson | KCJ Tech Solutions | 30 Years of IT Experience Not sure whether your computer is secure? Contact: computerscannerapp@gmail.com. Optional 20-Minute Computer Health Check: $40 USD. Optional 40-Minute Computer Health Check: $80 USD. Practical next steps. No remote access. Chat/conversation only. For Individuals 21+. Project donations welcome. Thank you in advance. bc1qz259yr4q89r0669zm9mrvs2trkyw0z4kazzx0n -
15
Thunderbird Free Scanner
Thunderbird Anti Virus Online Free Scanner
What is Thunder Anti-Virus Free Scanner? Experience the scanning capabilities of Thunder Anti-Virus Free Scanner through this fully free portable scanner. Designed for user convenience, this software requires no installation; simply download the file, extract it, and run it on any Windows PC to safeguard your system against potential threats. Included Scan Options Thunder Anti-Virus Free Scanner includes a comprehensive system scan. This option allows you to thoroughly scan your entire system, checking memory, hard drives, and connected devices for a wide range of threats, including malware, viruses, and trojans. You can also opt for a targeted folder scan, ideal when you need a faster analysis. You can select a specific folder or directory for a focused scan. This feature is ideal for users who want to check specific locations without scanning the entire system. -
16
Phish Alert Button for Outlook
Free Outlook plugin to report phishing emails with one click
The Phish Alert Button for Outlook is a free add-in that allows users to report suspected phishing emails directly from their inbox with a single click. Once installed, it adds a button to the Outlook ribbon, enabling employees to forward suspicious messages to a predefined mailbox such as your SOC or IT security team. This lightweight plugin helps organizations improve phishing detection by encouraging user participation in threat reporting. It integrates smoothly with Outlook 2013 and newer versions, requires minimal setup and works in both on-premise and Microsoft 365 environments. Features: – One-click phishing email reporting – Compatible with Outlook 2013 and later – Simple configuration and fast deployment – Sends reports to a custom email address – Fully customizable: customize button name, ribbon and other details. Empower your users to become part of your phishing defense strategy with the free Phish Alert Button for Outlook. -
17
ODS3 Virtual Machine Challenge
Virtual Machine Image To Test Penetration Skills
The ODS3 Virtual Machine Challenge are downloadable images that can be run as VMWare or VirtualBox instances. The Idea behind the challenge is to test and exercise web application penetration testing in a controlled environment. These images are great for cyber security students, penetration testers and hobbyist. Care should be taken if installed on an Internet access host as the application are purposely vulnerable to attack and exploitation. -
18
tirreno
Open-source security framework for devs and product teams
tirreno is an open-source security framework. tirreno [tir.ˈrɛ.no] helps understand, monitor, and protect your product from threats, fraud, and abuse. While classic cybersecurity focuses on infrastructure and network perimeter, most breaches occur through compromised accounts and application logic abuse that bypasses firewalls, SIEM, WAFs, and other defenses. tirreno detects threats where they actually happen: inside your product. tirreno is a few-dependency, "low-tech" PHP/PostgreSQL application. After a straightforward five-minute installation, you can ingest events through API calls and immediately access a real-time threat dashboard. -
19
Java Vulnerable Lab - Pentesting Lab
a deliberately vulnerable Web application
This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download Credentials for the VM: ------------------------ Username: root Password: cspf Stand-alone file: (Run the Jar file directly) -------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download -
20
Midbar ESP32 CYD Firebase Edition
A version of Midbar data vault adapted for the ESP32 CYD and WebFlash.
A version of Midbar data vault adapted for the ESP32 CYD and WebFlash. It keeps the cryptographic keys in the ESP32 RAM and stores the ciphertexts (encrypted data) in the Google Firebase. The tutorial is available at: https://www.instructables.com/How-to-Turn-ESP32-CYD-Into-a-Secure-IoT-Data-Vault/ WebFlash for ESP32-CYD: https://northstrix.github.io/Midbar-ESP32-CYD-Firebase-Edition/flash WebFlash for ESP32-CYD2USB: https://northstrix.github.io/Midbar-ESP32-CYD2USB-Firebase-Edition/flash -
21
Naeon
The safest way to store private data in untrusted (cloud) environments
Naeon is a data encryption and sharding method designed to secure data in potentially untrusted off-site storage locations. It uses AES-256 encryption with a randomly generated passphrase, followed by obfuscation techniques to make the encrypted file unidentifiable. The data is then sharded into one private chunk containing the encryption key and part of the data, and multiple public chunks. Each chunk is renamed using its SHA-512 hash, and all chunks are timestamped equally. A filename conversion table is created to restore the concatenation order during a restore. The method aims to guarantee confidentiality, integrity, and availability of data, regardless of the trustworthiness of the chosen storage environment, while protecting against data breaches and unauthorized access. Threshold Key Sharing further enhances security and resilience by splitting the private key into parts requiring cooperation from multiple parties for reconstruction, thereby minimizing single points of failure. -
22
IP Availability Scanner
Fast IP and Port Scanner
This utility efficiently scans IP addresses and gathers host names and MAC addresses. It offers the capability to export scan results and includes features for port scanning of selected hosts. Enhanced with a multithreaded framework, the tool delivers increased speed, supporting functionalities like trigger actions and banner grabbing during port scans. For more advanced options, right-click on the displayed grids. This context menu includes options for port scanning, copying results, and network diagnostics tools like ping and traceroute. Additionally, it allows for easy access to ports using standard protocols such as SSH. A convenient feature is the ability to quickly identify the manufacturer of a MAC address with a simple mouse click. Moreover, the interface is user-friendly, enabling sorting of information by simply clicking on the column headers in the display grid. For more information, visit https://vonwallace.com Video Overview: https://rumble.com/v51z6o3-fas -
23
CookieGuardAudit
A beginner-friendly Python CLI tool that audits website cookies.
CookieGuardAudit is a simple Python command-line security tool that checks a website's cookies for common security flag issues. It helps users quickly spot weak cookie settings such as missing Secure, missing HttpOnly, missing SameSite, and SameSite=None without Secure. This project is designed for beginners, defenders, students, and anyone learning basic web security auditing. -
24
Falcon_ArchLinux
Falcon ArchLinux pruple team tools cyber security
uses repo BlackArchlinux and ArchLinux -
25
A professional PE (Portable Executable) analysis and modification tool for Windows executables and DLLs.
