×

Irish Information Security Forum

Reducing the Likelihood of a Damaging Cyber Incident (90 +)

Free Services / Tools to reduce the Likelihood of a Damaging Cyber Incident (90 +)

 

ServiceSkill LevelOwnerDescriptionLink
FortifyData Basic FortifyData Quarterly vulnerability assessments that include automated attack surface assessments with asset classification, risk-based vulnerability management and security rating. The FortifyData all-in-one cyber risk management platform also offers third party cyber risk management.

  Free Plan - FortifyData                  
OpenVAS Basic Greenbone This is a vulnerability scanner and capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

Open Vulnerability Assessment Scanner
Network Reporting Basic ShadowServer A subscription service that sends custom remediation reports to inform organizations about the state of its networks and security exposures.

Network Reporting | The Shadowserver Foundation
Vulcan Cyber Basic Remedy Cloud A searchable database of remedies and fixes for thousands of known vulnerabilities. It also provides highlight trend analytics such as “most-searched CVEs” and “most-visited vulnerability remedies.”

https://vulcan.io/remedy-cloud/
Ransomware Risk Assessment Basic Zscaler This service assesses an organization’s ability to counteract a ransomware infection and its spread, but also to resume operations in case of an infection. This tool scans defenses against ransomware-specific intrusion, lateral movement, and exfiltration methods. It is safe to use and runs within the browser.

testmydefenses.com
Internet Threat Exposure Analysis Basic Zscaler This tool analyzes an organization's environment to cyber risk posture. It scans security stack to find common intrusion and data exfiltration methods left exposed. It is safe to use and runs within the browser. It won’t introduce malware, and doesn’t access data or change settings.

Free, Instant Security Scan - It's 100% Safe | Zscaler
CISA Cybersecurity Publications Basic CISA CISA provides automatic updates to subscribers via email, RSS feeds, and social media. Subscribe to be notified of CISA publications upon release.

https://www.cisa.gov/subscribe-updates-cisa
CISA Vulnerability Scanning Basic CISA This service evaluates external network presence by executing continuous scans of public, static IPs for accessible services and vulnerabilities. It provides weekly vulnerability reports and ad-hoc alerts. See https://www.cisa.gov/cyber-resource-hub for details.

Email: vulnerability@cisa.dhs.gov
Immunet Antivirus Basic Cisco Immunet is a malware and antivirus protection system for Microsoft Windows that utilizes cloud computing to provide enhanced community-based security.

https://www.immunet.com/
Cloudflare Unmetered Distributed Denial of Service Protection Basic Cloudflare Cloudflare DDoS protection secures websites, applications, and entire networks while ensuring the performance of legitimate traffic is not compromised.

https://www.cloudflare.com/plans/free/
Cloudflare Universal Secure Socket Layer Certificate Basic Cloudflare SSL (Secure Socket Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. Cloudflare allows any internet property to use SSL with the click of a button.

https://www.cloudflare.com/plans/free/
Microsoft Defender Application Guard Basic Microsoft This capability offers isolated browsing by opening Microsoft Edge in an isolated browsing environment to better protect the device and data from malware.

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview
Controlled folder access/Ransomware protection in Windows Basic Microsoft Controlled folder access in Windows helps protect against threats like ransomware by protecting folders, files, and memory areas on the device from unauthorized changes by unfriendly applications.

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/controlled-folders
Microsoft Defender Antivirus Basic Microsoft This tool is used to protect and detect endpoint threats including file-based and fileless malware. Built into Windows 10 and 11 and in versions of Windows Server.

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
Cybersecurity Evaluation Tool (CSET) and On-Site Cybersecurity Consulting Basic CISA This tool assists organizations in protecting their key national cyber assets. The tool provides users with a systematic and repeatable approach to assessing the security posture of their cyber systems and networks. It includes both high-level and detailed questions related to all industrial control and IT systems.

https://github.com/cisagov/cset
CIS Hardware and Software Asset Tracker Basic Center for Internet Security This tool is designed to help identify devices and applications. The spreadsheet can be used to track hardware, software, and sensitive information.

https://www.cisecurity.org/white-papers/cis-hardware-and-software-asset-tracking-spreadsheet/
PGP Basic Open Source This tool encrypts emails with public key cryptography.

https://www.openpgp.org/
BitLocker for Microsoft Windows Basic Microsoft This tool encrypts Microsoft Windows systems. https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server
AdBlock Basic Open Source This tool blocks pop-up ads, videos and other unwanted content whilst browsing.

https://gcatoolkit.org/tool/adblock/
Quad9 for Android Basic Open Source This tool for Android devices is designed to help block users from accessing known sites that have viruses or other malware.

https://www.quad9.net/news/blog/quad9-connect-now-available-on-google-play/
Quad9 Basic Open Source This tool is designed to prevent computers and devices from connecting to malware or phishing sites.

https://quad9.net/
Google Safe Browsing Basic Google This toolset identifies known phishing and malware across the web and helps notify users and website owners of potential harm. It is integrated into many major products and provides tools to webmasters.

https://safebrowsing.google.com
Project Shield Basic Google Jigsaw Project Shield is a free service that defends news, human rights, and election monitoring sites from DDoS attacks

https://projectshield.withgoogle.com/landing
Google reCAPTCHA Basic Google reCAPTCHA uses an advanced risk analysis engine and adaptive challenges to keep malicious software from engaging in abusive activities on a user's website.

https://www.google.com/recaptcha/about/
Web Risk Basic Google Web Risk API is a User Protection Service from Google Cloud designed to reduce the risk of threats targeting user generated content. Web Risk API lets organizations compare URLs in their environment against a repository of over 1 million unsafe URLs.

https://cloud.google.com/web-risk
Google Security Command Center Basic Google This tool helps users strengthen their security posture by evaluating their security and data attack surface; providing asset inventory and discovery; identifying misconfigurations, vulnerabilities and threats; and helping them mitigate and remediate risks.

https://cloud.google.com/security-command-center
Google OSS-Fuzz Basic Google OSS-Fuzz aims to make common open source software more secure and stable by combining modern fuzzing techniques with scalable, distributed execution.

https://google.github.io/oss-fuzz/
Santa Basic Open Source Santa is a binary authorization system for macOS.

https://santa.dev/
Go Safe Web Basic Open Source Go Safe Web is a collection of libraries for writing secure-by-default HTTP servers in Go.

https://github.com/google/go-safeweb
Open Source Vulnerabilities (OSV) Basic Open Source OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source maintainers and consumers of open source.

https://osv.dev/
Open Source Insights Basic Open Source Open Source Insights is a searchable dependency graph with vulnerability information.

https://deps.dev/
AllStar Basic Open Source AllStar is a GitHub application for enforcing security policies and permissions.

https://github.com/ossf/allstar
Security Scorecards Basic Open Source Security Scorecards is a collection of security health metrics for open source, allowing users to evaluate the security practices of an open source package before use. Results available publicly as a Google Cloud Big Query Dataset.

https://github.com/ossf/scorecard
Tink Basic Open Source Tink is a multi-language, cross-platform, open-source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

https://github.com/google/tink
Google Cybersecurity Action Team Basic Google This service provides a number of security resources including security blueprints, whitepapers, threat reports, and information regarding recent vulnerabilities.

https://cloud.google.com/security/gcat
Tsunami Security Scanner Basic Open Source Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

https://github.com/google/tsunami-security-scanner

OpenDNS Home

Basic Cisco OpenDNS blocks phishing websites that try to steal your identity and login information by pretending to be a legitimate website.

https://signup.opendns.com/homefree/

Continuous Monitoring & Security Ratings

Basic SecurityScorecard Security ratings provide an objective, data-driven view of your company's cybersecurity risk exposure and cybersecurity hygiene, which are quantified and scored in an easy-to-understand A-F (0-100) cyber security rating.

Free Security Rating | SecurityScorecard
Binary Edge Basic Binary Edge This tool continuously collects and correlates data from internet accessible devices, allowing organizations to see what is their attack surface and what they are exposing to attackers. No-cost offering is limited to one user and limited monthly scans.

BinaryEdge Portal
Atomic Red Team Basic Open Source Atomic Red Team™ is a PowerShell-based execution framework and provides a library of simple tests that every security team can execute to test their defenses. Tests are focused, have few dependencies, and are defined in a structured format that can be used by automation frameworks. Note: Use of this tool could make it more difficult for some organizations to identify malicious PowerShell usage.

Meet the Atomic Family | Atomic Red Team
CrowdStrike CRT Advanced CrowdStrike CRT is a free community tool designed to help organizations quickly and easily review excessive permissions in their Azure AD environments. CRT helps determine configuration weaknesses and provides advice to mitigate this risk.

https://www.crowdstrike.com/resources/community-tools/crt-crowdstrike-reporting-tool-for-azure/
Tenable Nessus Essentials Advanced Tenable This free version of a vulnerability assessment solution includes remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding existing ones. Limited by default to 16 hosts.

https://www.tenable.com/products/nessus/nessus-essentials
Alien Labs Open Threat Exchange (OTX) Endpoint Security Advanced AT&T Cybersecurity This tool leverages data from Alien Labs OTX to help identify if endpoints have been compromised in major cyberattacks. Provides quick visibility into threats on all endpoints by scanning IOCs using OTX.

https://cybersecurity.att.com/open-threat-exchange
Alien Labs Open Threat Exchange (OTX) Advanced AT&T Cybersecurity OTX provides open access to a global community of threat researchers and security professionals. It delivers community-generated threat data, enables collaborative research, and automates the process of updating security infrastructure with threat data from any source. OTX enables anyone in the security community to actively discuss, research, validate, and share the latest threat data, trends, and techniques.

https://cybersecurity.att.com/open-threat-exchange
ClamAV Advanced Cisco ClamAV is an open-source (general public license [GPL]) antivirus engine used in a variety of situations, including email and web scanning, and endpoint security. It provides many utilities for users, including a flexible and scalable multi-threaded daemon, a command-line scanner, and an advanced tool for automatic database updates.

http://www.clamav.net/
Kali Linux Penetration Testing Platform Advanced Kali Linux Project Kali Linux contains several hundred tools targeted toward various information security tasks, such as penetration testing, security research, computer forensics, and reverse engineering.

https://www.kali.org/
Cloudflare Zero Trust Services Advanced Cloudflare Cloudflare Zero Trust Services are essential security controls to keep employees and apps protected online across 3 network locations and up to 50 users. Services include: Zero Trust Network Access; Secure Web Gateway, Private Routing to IP/Hosts; HTTP/S Inspection and Filters; Network Firewall as a Service; DNS Resolution and Filters; and Cloud Access Security Broker.

https://www.cloudflare.com/plans/free/
Microsoft Sysinternals Security Utilities Advanced Microsoft Sysinternals Security Utilities are free, downloadable tools for diagnosing, troubleshooting, and deeply understanding the Windows platform.

https://docs.microsoft.com/en-us/sysinternals/downloads/security-utilities
Memory integrity Advanced Microsoft Memory integrity in Windows—also known as Hypervisor-protected code integrity (HVCI)—is a Windows security feature that makes it difficult for malicious programs to use low-level drivers to hijack computers.

https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity
RiskIQ Community Advanced Microsoft The RiskIQ community offers free access to internet intelligence, including thousands of OSINT articles and artifacts. Community users can investigate threats by pivoting through attacker infrastructure data, understand what digital assets are internet-exposed, and map and monitor their external attack surface.

https://community.riskiq.com/home
IBM X-Force Exchange Advanced IBM IBM X-Force Exchange is a cloud-based threat intelligence platform that allows users to consume, share, and act on threat intelligence. It enables users to conduct rapid research of the latest global security threats, aggregate actionable intelligence, consult with experts, and collaborate with peers.

https://www.ibm.com/products/xforce-exchange
Mandiant Attack Surface Management Advanced Mandiant This early warning system for information security allows you to: create comprehensive visibility through graph-based mapping; know when assets change to stay ahead of the threat; and empower security operations to mitigate real-world threats.

https://www.mandiant.com/advantage/attack-surface-management/get-started
Mandiant Threat Intelligence Advanced Mandiant Free access to the Mandiant Threat Intelligence Portal helps users understand recent security trends, proactively hunt threat actors, and prioritize response activities.

https://www.mandiant.com/advantage/threat-intelligence/free-version
Splunk Synthetic Adversarial Log Objects (SALO) Advanced Splunk SALO is a framework for generating synthetic log events without the need for infrastructure or actions to initiate the event that causes a log event.

https://github.com/splunk/salo
Splunk Attack Detection Collector (ADC) Advanced Splunk This tool simplifies the process of collecting MITRE ATT&CK® techniques from blogs or PDFs and mapping ATT&CK TTPs to Splunk detection content.

https://github.com/splunk/attack-detections-collector
Splunk Attack Range Advanced Splunk This tool enables simulated attacks in a repeatable cloud-enabled (or on-premises) lab with a focus on Atomic Red Team integration.

https://github.com/splunk/attack_range
Splunk Training Advanced Splunk Splunk Training is a free, hosted platform for on-demand training with hands-on practice addressing specific attacks and realistic scenarios.

https://bots.splunk.com
VMware Carbon Black User Exchange Advanced VMware Carbon Black User Exchange provides access to real-time threat research data shared by a global community of security professionals.

https://community.carbonblack.com/
Carbon Black TAU Excel 4 Macro Analysis Advanced VMware This tool tests endpoint security solutions against Excel 4.0 macro techniques.

https://github.com/carbonblack/excel4-tests
Paros Proxy Advanced Open Source This Java-based tool is used to find vulnerabilities in web applications. It includes a web traffic recorder, web spider, hash calculator, and a scanner for testing common web application attacks, such as SQL injection and cross-site scripting.

https://www.parosproxy.org/
Cyber Security Tools by SANS Instructors Advanced SANS This website includes links to an array of open-source tools built by cybersecurity instructors.

https://www.sans.org/tools/
Windows Management Instrumentation Command-line Advanced Microsoft The WMI command-line (WMIC) utility provides a command-line interface for Windows Management Instrumentation (WMI). WMIC is compatible with existing shells and utility commands. 

https://docs.microsoft.com/en-us/windows/win32/wmisdk/wmic
Let's Encrypt Advanced Open Source This tool provides a free digital certificate to enable HTTPS (SSL/TLS) for websites.

https://letsencrypt.org/getting-started/
Hping Advanced Open Source This tool assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It can be useful for performing security assessments.

http://www.hping.org/
Aircrack Advanced Open Source Aircrack is a suite of tools for testing the strength of passwords used for wireless networks.

https://www.aircrack-ng.org/
Nikto Advanced Open Source Nikto is an open source (GPL) web server scanner that performs vulnerability scanning against web servers for multiple items, including dangerous files and programs. Nitko checks for outdated versions of web server software. It also checks for server configuration errors and any possible vulnerabilities they might have introduced.

https://cirt.net/nikto2
w3af Advanced Open Source W3af is a flexible framework for finding and exploiting web application vulnerabilities, featuring dozens of web assessment and exploitation plugins.

http://w3af.org/
VMware Fusion Player Advanced VMware This tool allows Mac users to run Windows, Linux, containers, Kubernetes, and more in virtual machines without rebooting.

https://customerconnect.vmware.com/web/vmware/evalcenter?p=fusion-player-personal
Secureworks PhishInSuits Advanced Secureworks The PhishInSuits (pis.py) tool conducts security assessments and tests control frameworks against scenarios, such as BEC attacks. It combines this variation of illicit consent attacks with SMS-based phishing to emulate BEC campaigns and includes automated data-exfiltration capabilities.

https://github.com/secureworks/PhishInSuits
Secureworks WhiskeySAML Advanced Secureworks The WhiskeySAML tool automates the remote extraction of an ADFS signing certificate. WhiskeySAML then uses this signing certificate to launch a Golden SAML attack and impersonate any user within the target organization.

https://github.com/secureworks/whiskeysamlandfriends
Collabfiltrator Advanced Secureworks This tool is designed to exfiltrate blind remote code execution output over DNS via Burp Collaborator.

https://github.com/0xC01DF00D/Collabfiltrator
O365Spray Advanced Secureworks This tool is a username enumeration and password spraying tool aimed at Microsoft Office 365.

https://github.com/0xZDH/o365spray
Tachyon Advanced Secureworks Tachyon is a rapid web application security reconnaissance tool. It is designed to crawl a web application and look for leftover or non-indexed files with the addition of reporting pages or scripts leaking internal data (a.k.a "blind" crawling). It is used from the command line and targeted at a specific domain. Tachyon uses an internal database to construct these blind queries swiftly.

https://github.com/delvelabs/tachyon
Vane2 Advanced Secureworks Vane2 is a WordPress site vulnerability scanner. It is meant to be targeted at WordPress websites and identifies the corresponding WordPress version as well as its installed plugins in order to report known vulnerabilities on each.

https://github.com/delvelabs/vane2
Batea Advanced Secureworks Batea is a practical application of machine learning for pentesting and network reconnaissance. It consumes map reports and uses a context-driven network device ranking framework based on the anomaly detection family of machine learning algorithms. The goal of Batea is to allow security teams to automatically filter interesting network assets in large networks using nmap scan reports.

https://github.com/delvelabs/batea
Checkov Advanced Palo Alto Networks This tool scans Infrastructure as Code (IaC), container images, open-source packages, and pipeline configuration for security errors. With hundreds of built-in policies, Checkov surfaces misconfigurations and vulnerabilities in code across developer tools (CLI, IDE) and workflows (CI/CD pipelines).

https://github.com/bridgecrewio/checkov
Palo Alto Networks Unit 42- Actionable Threat Objects and Mitigations (ATOMs) Advanced Palo Alto Networks ATOMs is a free repository of observed behaviors of several common threat adversaries, mapped to the MITRE ATT&CK framework. ATOMs can be filtered by targeted sector, region, or malware used for ease of information sharing and deployment of recommended security mitigations.

https://unit42.paloaltonetworks.com/atoms/ ;
Google ClusterFuzz Advanced Google ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. It is also the fuzzing backend for Google OSS-Fuzz. ClusterFuzz Lite is simple CI-integrated fuzzing based on ClusterFuzz.

https://google.github.io/clusterfuzz/
Brutespray Advanced Open Source Brutespray is a port scanning and automated brute-force python script that operates on a Kali Linux OS. The tool utilizes Nmap Scanner outputs to brute-force services with default credentials, which can be used to mitigate adversarial brute-force attacks if cracked default credentials are remediated.

GitHub - x90skysn3k/brutespray

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


FORUM SPONSORS

We would like to thank these generous sponsors for their support. 

crowdstrike logo

zscaler logo

 

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy Statement  - Sponsorship  - Cybersecurity News Topics  - Cybersecurity Resources  - Produced by
LinkedIn Twitter