Open Source Windows Cybersecurity Tools
Sort By:
Cybersecurity Tools for Windows
View 163 business solutionsBrowse free open source Cybersecurity tools and projects for Windows below. Use the toggles on the left to filter open source Cybersecurity tools by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
2
Maigret
Collect a dossier on a person by username from thousands of sites
Maigret is an open-source OSINT tool designed to collect a dossier on a person by username from thousands of sites. It automates the process of checking for a user's presence across various platforms, aiding in digital investigations. -
3
cyborghawk v1.1
Latest-v1.1 of The World's most advanced pen testing distribution ever
updated version of The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
4
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application. -
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
5
Greenplum Database
Massive parallel data platform for analytics, machine learning and AI
Rapidly create and deploy models for complex applications in cybersecurity, predictive maintenance, risk management, fraud detection, and many other areas. With its unique cost-based query optimizer designed for large-scale data workloads, Greenplum scales interactive and batch-mode analytics to large datasets in the petabytes without degrading query performance and throughput. Based on PostgreSQL, Greenplum provides you with more control over the software you deploy, reducing vendor lock-in, and allowing open influence on product direction. Greenplum reduces data silos by providing you with a single, scale-out environment for converging analytic and operational workloads, like streaming ingestion. All major Greenplum contributions are part of the Greenplum Database project and share the same database core, including the MPP architecture, analytical interfaces, and security capabilities. -
6
SCADA-LTS
A comprehensive Supervisory Control, Data Acquisition, and Execution
SCADA-LTS is an advanced FOSS, web-based, multi-platform environment designed to build your own Supervisory Control, Data Acquisition, and Execution ecosystem. Its architecture provides a robust foundation for complex industrial automation and monitoring. Optimized for Smart Infrastructure, it is highly capable of managing industrial PV/BESS, Smart buildings, municipal Water networks or Wastewater treatment, ANPR telemetry, City-wide lighting, and other diverse data administration workflows. Beyond standard use, SCADA-LTS serves as a secure "independent source of truth" in sandboxed or zero-trust environments. It enhances critical infrastructure with cyber-alarm functionality, emergency operation scenarios, and vital operational visibility. Developed since 2015 on behalf of Abil'I.T. and supported by a global community, the project focuses on stability, security, and modernizing the codebase to meet the evolving demands of industry, defense, and wide-area distributed networks. -
7
DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES !!! ONLY FOR PENTESTING PURPOSES !!!
-
8
usb-guard
Turn any USB flash drive into a master key for your PC
USB Guard is an advanced workstation security solution for Windows that turns USB drives into physical authentication keys using native Windows Kernel APIs. - Zero-Trust Security: Validates unique hardware serial numbers through direct Kernel API calls, ensuring only authorized USB drives can unlock your PC. - Brute-Force Protection: Exponential delay penalties after failed unlock attempts prevent automated attacks. - High-Fidelity Lock Screen: Glassmorphism aesthetics with GPU-accelerated blur effects that blend seamlessly with your desktop wallpaper. - System Integration: Auto-mutes volume when locked, persists via Windows Registry, and covers all connected monitors. - Master Recovery Key: Exportable backup codes ensure you never get permanently locked out. - Lightweight: Runs efficiently using direct native APIs instead of heavy middleware, keeping resource usage minimal. Built with .NET 10, WPF, and Fluent Design. Open source under MIT License. -
9
Discord Token & Message Spammer
best open source discord spammer (token-webhook&more)
easy to use, set the tokens & channels and have fun, don't use it in a bad way if you catch my drift, if you want to use it you better use a vpn so discord won't ban you're ip smh. DMS version 0.5 u can get the src files via : https://sourceforge.net/projects/discord-message-spammer/files/ https://github.com/p3hv https://6-g.itch.io/ ill keep updating this tool for sure tags: discord token spammer, discord raid tool, discord , discord tool discord tokens, chat spammer license By downloading this, you agree to the Commons Clause license and that you're not allowed to sell this repository or any code from this repository. For more info see https://commonsclause.com/. -
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
10
cyborg hawk v 1.0
The World's most advanced penetration testing distribution ever
The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
11
Full Stack Computer Scanner
Scans for Windows computer system integrity
The Full Stack Computer Scanner is a read-only Windows security diagnostics tool for system awareness. No ads. No accounts. No data collection. Fully offline. Scans for computer system integrity. Complements antivirus. Only official binaries from this SourceForge project are legitimate. Online cloud versions are unauthorized. Keith | KCJ Tech Solutions | 30+ yrs IT Hacked? Unsure your system is secure? Contact: fullstackcomputerscanner@gmail.com Windows Computer Security Check (chat only, no remote access): 20 min $40 | 40 min $80 | 21+ Free version limited. Unlock full developer build (100 scans) with support donation ($20 USD). Email receipt number (text only) to fullstackcomputerscanner@gmail.com. Receive latest build and user guide within 24 hours. Send To: Cash App $computersafety Venmo @computersafety BTC bc1qz259yr4q89r0669zm9mrvs2trkyw0z4kazzx0n Thank you in advance. -
12
A professional PE (Portable Executable) analysis and modification tool for Windows executables and DLLs.
-
13
SecurityInfinity Cybersecurity
Secure your website in 10 minutes in one click.
Secure your website in 10 minutes in one click. AI enabled cybersecurity suite for vulnerability assessment and realtime analytics. Assess your website, cloud platform and identify vulnerabilities now. -
14
RSA消息非对称加密器
A message encrypt app on Windows, use RSA 512-10240 bit.
A message encrypt app on Windows, use RSA 512-10240 bit to ensure communication security. -
15
IP Availability Scanner
Fast IP and Port Scanner
This utility efficiently scans IP addresses and gathers host names and MAC addresses. It offers the capability to export scan results and includes features for port scanning of selected hosts. Enhanced with a multithreaded framework, the tool delivers increased speed, supporting functionalities like trigger actions and banner grabbing during port scans. For more advanced options, right-click on the displayed grids. This context menu includes options for port scanning, copying results, and network diagnostics tools like ping and traceroute. Additionally, it allows for easy access to ports using standard protocols such as SSH. A convenient feature is the ability to quickly identify the manufacturer of a MAC address with a simple mouse click. Moreover, the interface is user-friendly, enabling sorting of information by simply clicking on the column headers in the display grid. For more information, visit https://vonwallace.com Video Overview: https://rumble.com/v51z6o3-fas -
16
Naeon
The safest way to store private data in untrusted (cloud) environments
Naeon secures data in untrusted off-site storage through a layered approach: files are compressed, then AES-256 encrypted with a randomly generated 128-character passphrase yielding approximately 762 bits of entropy — far beyond the reach of both classical and quantum brute-force attacks. The ciphertext is obfuscated by prepending and appending random byte blocks, making the result unidentifiable as an encrypted file. The payload is then sharded into one private chunk — holding the encryption key and part of the data — and multiple equal-sized public chunks, each renamed to its SHA-512 hash and given a uniform timestamp to prevent metadata inference. A private filename conversion table preserves the concatenation order needed for restoration. Together these measures guarantee confidentiality, integrity, and availability regardless of storage provider trustworthiness. Threshold Key Sharing extends this further by splitting the private key, eliminating the single point of failure. -
17
PC of Death is a Windows vulnerability scanner. It's meant for Windows 10 & 11.
-
18
Java Vulnerable Lab - Pentesting Lab
a deliberately vulnerable Web application
This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download Credentials for the VM: ------------------------ Username: root Password: cspf Stand-alone file: (Run the Jar file directly) -------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download -
19
Network Enumeration Tool
Network Enumeration Tool for Host Exploration and Recon
N-ETHER (Network Enumeration Tool for Host Exploration and Reconnaissance) is a robust and highly automated Python script designed to streamline the critical initial phases of network security auditing and penetration testing. It’s core purpose is to perform fast, comprehensive, and consistent host and port discovery across single targets or large lists of IP addresses. N-ETHER functions as an intelligent, opinionated wrapper around the powerful nmap tool, bundling best-practice scanning techniques—including service versioning, NSE scripting, and intelligent port selection—into a single, easy-to-use utility. This significantly reduces auditor workload and potential for human error compared to manually executing multiple complex nmap commands. Read the README!!! -
20
Stegcore
A cross-platform crypto-steganography toolkit
Stegcore combines cryptography and steganography to hide encrypted data inside ordinary files. It encrypts your payload before embedding it, so the hidden content is unreadable even if someone extracts it, and invisible to anyone who doesn't know it's there. Unlike basic steganography tools that hide data without encrypting it, Stegcore ensures the payload is cryptographically protected at rest. Unlike pure encryption tools, the payload isn't even visible. Designed for journalists, security researchers, red teamers, digital forensics professionals, and CTF participants. -
21
BypassHash
This tool downloads an executable and bypasses hash-based virus checks
This tool downloads an executable, ELF (Linux) and PE (Windows), modify metadata to bypasses hash-based virus checks and protect against identification with metadata (like rich headers, timestamps, ...). -
22
openWrt-snort
Image of OpenWrt OS, with snort community featured in.
Image of OpenWrt OS, with snort community featured in, for Raspberry Pi 4/ 4B+ and 400, basically for Processor BCM2711. Installed Snort Community Model to Intrusion Detection system. Prevention system not installed. eth0 used as output/ LAN socket, to run internet and access router. eth1, which can be USB -> Ethernet port, is used as WAN port, to connect Pi board to Internet IP. to flash img file, you can restore in SD card, or use Balena Etcher to flash. or you can use DD commend of UNIX. **USERNAME** - root **PASSWORD** - bing.google12 -
23
Phish Alert Button for Outlook
Free Outlook plugin to report phishing emails with one click
The Phish Alert Button for Outlook is a free add-in that allows users to report suspected phishing emails directly from their inbox with a single click. Once installed, it adds a button to the Outlook ribbon, enabling employees to forward suspicious messages to a predefined mailbox such as your SOC or IT security team. This lightweight plugin helps organizations improve phishing detection by encouraging user participation in threat reporting. It integrates smoothly with Outlook 2013 and newer versions, requires minimal setup and works in both on-premise and Microsoft 365 environments. Features: – One-click phishing email reporting – Compatible with Outlook 2013 and later – Simple configuration and fast deployment – Sends reports to a custom email address – Fully customizable: customize button name, ribbon and other details. Empower your users to become part of your phishing defense strategy with the free Phish Alert Button for Outlook. -
24
AsyncPortScanner
Cross-platform asynchronous port scanner written in Nim.
Fast cross-platform asynchronous port scanner written in Nim. -
25
Midbar Firebase Edition
Midbar Firebase Edition stores data in the cloud, keeps keys on device
Midbar Firebase Edition - is the edition of Midbar that stores the encrypted data in the cloud while keeping the cryptographic keys on the device! It comes with the firmware for the hardware IoT data vault and the desktop app that's synced with the vault via the Google Firebase. A vault and an app can be used without one another. The GitHub repository is available at github.com/Northstrix/Midbar-Firebase-Edition Tutorial for V1 https://www.instructables.com/DIY-IoT-Data-Vault-With-Google-Firebase/ Tutorial for V2 https://medium.com/@Northstrix/syncing-mcu-password-vault-with-desktop-app-using-google-firebase-28963e060444 Tutorial for V3 https://www.instructables.com/DIY-Advanced-IoT-Password-Vault-Synced-With-Deskto/ GitHub Repository: https://github.com/Northstrix/Midbar-Firebase-Edition
