- Infrastructure Management, Documentation, Change Management
- Automation, Provisioning, Deployment, Patching, Inventory
- Active Directory
- Information Gathering
- Network Tools
- Systems Performance Testing
- Antivirus & Malware
- Password Management & IAM
- Windows Server
- Windows System Troubleshooting
- Microsoft SQL
- Linux
- OSX
- Helpdesk Ticketing
- Diagrams
- Monitoring & Alerting
- Powershell
- Team Collaboration & File Sharing
- Video & Voice
- Project Managemenmt
- DNS
- Remoting
- Logging and Metrics
- Cloud Storage (Non-Enterprise)
- Cloud Storage (Business)
- Synchronization
- NAS & SAN
- Backup & Imaging
- Data Recovery
- Security
- Threat Hunting
- Elasticsearch
- VPN
- Web
- Web Dev & E-commerce
- No-Code Tools
- Rescue CDs
- Database
- SSL
- Cloud (Generic)
- Google Cloud
- Azure
- AWS
- O365
- Virtualization
- VPS
- IoT
- Containers
- Self-Hosted
- Other Tools
Infrastructure Management, Documentation, Change Management
Collins - Collins started as a system to manage all of the physical servers, switches, racks, etc in Tumblr production environments
i-doit - Documents your IT infrastructure. From cables to servers, from software to licences, any component with a plug or running software is worth being documented.
Netbox - NetBox is an open source web application designed to help manage and document computer networks. IP address mgmt, devices, circuits, etc.
Spiceworks Inventory
Quest Kace - Inventorying, patching
Netwrix Auditor
Desktop Central - Free for up to 25 devices
Snipe-IT - Open Source Asset Management
phpipam - phpipam is an open-source web IP address management application (IPAM). Its goal is to provide light, modern and useful IP address management.
Cachet - An open source status page system for everyone.
XIA Configuration - Network inventory tool and benchmark scanner. They provide a free workgroup license for 3 servers and 25 workstations.
IT Portal - Store all your IT Documentation. SaaS and on-premise.
DokuWiki - Open-source self-hosted wiki.
ivanti - Ivanti has a suite of products for Endpoint management, Asset management, and Security.
MkDocs - Project documentation in Markdown.
Automation, Provisioning, Deployment, Patching, Inventory
Ansible - Ansible is single run to deploy a system, no configuration drift checking or reporting in. Good for fast deployment and provisioning of servers.
Terraform - Using Terraform to manage your framework, or your infrastructure scaffolding, is its real strength. Not as capable in configuring the servers themselves. Terraform is an excellent tool to manage cloud services below the server.
Puppet - Puppet is a declarative desired state tool (configuration management tool). Though Puppet has docker integrations, its strength is not in managing container architecture and scheduling, like Kubernetes, and it can provision infrastructure through help in the community, but it is incomplete and more difficult than Terraform.
Chef -
Microsoft Deployment Toolkit - Deploy server and workstation images.
Microsoft Assessment and Planning Toolkit - Provides a powerful inventory, assessment, and reporting tool to simplify the migration planning process.
PDQ Deploy - Formerly Admin Arsenal - PDQ Deploy is a software deployment tool used to keep Windows PCs up-to-date without leaving your chair or bothering end users. Free and Enterprise version.
PDQ Inventory - PDQ Inventory is a systems management tool that scans Windows computers to collect hardware, software, and Windows configuration data. Free and Enterprise version.
LANSweeper - Network Inventory, IT Asset Management, Deployment, Help Desk and much more…
OSQuery - The osquery tool collects data from the system and makes them available as a database. By giving it database like queries you can extract data from the system.
Kolide Fleet - OSQuery manager. Track, manage, and monitor across your entire infrastructure.
opsi - opsi is an open source client management system to manage heterogeneous environments.
Active Directory
Active Directory Migration Tool Guide
Active Directory Health Check script - Daily report of AD Health
Bloodhound - BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.
Securing Domain Controllers - Guide from ADSecurity.org
Backup-GPO
and Restore-GPO
- PS cmdlets
Policy Analyzer - Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects
Carl Webster AD Health Inventory Script - Report on Users, Groups, passwords, etc.
ADFS Multi Factor Authentication - enables ADFS servers to provide multi-factor authentication (MFA) using a Time-Based One-Time Password
AD Schema Report - This script documents the history of schema updates. Now you can finally get some insight on the origins of your directory.
AD Snapshot - use ntdsutil to create and mount AD snapshots, or use Sysinternals AD Explorer to do the same. Gives you the ability to identify differences.
Pen Testing Active Directory series
Active Directory Domain Services Virtualization
AD Forest Recovery
Active Directory Replication Status Tool - A GUI version of REPADMIN /SHOWREPL * /CSV with a few enhancements.
Zentyal Server - First-ever native Microsoft Active Directory implementation on Linux that is easy to use.
PingCastle - Free AD Health check tool
AD ACL Scanner - Your number one script for ACL’s in Active Directory
Lingering Object Liquidator - Microft tool to automate the removal of lingering objects from Active Directory.
Information Gathering
Microsoft Assessment and Planning Toolkit
Dell Live Optics - Live Optics is a vendor, hardware, and platform agnostic standard for IT professionals to record and communicate their achieved benchmarks, workloads, or support concerns to others to accelerate decision time and reduce risk.
Network Tools
Advanced IP Scanner - Reliable and free network scanner to analyse LAN. Windows only.
Angry IP Scanner - Angry IP Scanner is an open-source and cross-platform network scanner designed to be fast and simple to use.
nmap - Network discovery tool and security scanner.
zmap - ZMap is a fast single packet network scanner designed for Internet-wide network surveys. The website lists other Z tools as well to manipulate that scan data.
netstat - Displays active TCP connections and ports on which the computer is listening.
ntop - A network traffic probe that monitors network usage.
Fiddler - A free web debugging proxy. Useful as a man-in-the-middle for web requests and TLS verification.
httpie - Modern command line HTTP client
iPerf3 - A TCP, UDP, and SCTP network bandwidth measurement tool
IPVoid - Various online tools. Blacklist check, Whois, Dig, DNS, etc…
GRASSMARLIN - A tool from NSA Cyber to passively map, and visually display, an ICS/SCADA network topology while safely conducting device discovery, accounting, and reporting on these critical cyber-physical systems.
NetworkMiner - NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.
Systems Performance Testing
Diskspd - Storage testing tool. Simulate different workloads (i.e. SQL)
Windows Performance Toolkit - Windows Performance Tools are designed for analysis of a wide range of performance problems including application start times, boot issues, system responsiveness issues, application resource usage, and interrupt storms.
Xperf - Command-line tool for performing ETW performance tests. Mostly replaced by the Windows Performance Analyzer.
Antivirus and Malware
Kaspersky Rescue Disk
AVG Rescue Disk
ESET SysRescue Live
ESET Online Scan
F-Secure System Tools
VirusTotal - run a file or URL through multiple scan engines
Veil-Evasion - generate payload executables that bypass common antivirus
Hybrid Analysis - Free malware analysis service
Windows AV Comparison Chart - and factsheet
urlscan.io - a service to scan a website URL for malicious content.
TrendMicro HouseCall Online Scan
JoeSandbox - Deep Malware Analysis.
NoMoreRansom - Educational Ransomeware site with a page dedicated to decryption tools.
Any Run - A commercial online sandbox for malware analysis.
Password Management and IAM
Secret Server
Microsoft Local Administrator Password Solution (LAPS)
HashiCorp Vault - Setup
Saaspass - SAASPASS provides two-factor authentication-as-a-service and secure single sign-on for your VPN, Active Directory, on-premise, hybrid, custom and cloud applications with numerous ready instant integrations and adapters that involve no coding. Freemium but not open-source.
Gluu - Enterprise ready, free open source software for identity & access management (IAM). Single sign-on, 2FA, access management.
Passbolt - The password manager your team was waiting for. Free, open source, self-hosted, extensible, OpenPGP based.
KeePass - a free, open source, light-weight and easy-to-use password manager.
KeeWeb - Free cross-platform password manager compatible with KeePass.
Pass - open source password management using GPG and Git. Clients for all OSes.
Bitwarden - Free cross-platform password vault.
TeamPass - TeamPass is an open-source Passwords Manager dedicated for managing passwords in a collaborative way by sharing them among team members.
Knox - An open source project from Pinterest for storing and rotation of secrets, keys, and passwords used by other services.
Conjur - Open Source application password vault from CyberArk. Give programs the access they need without hard coding the password.
Summon - Another open source tool from CyberArk, this one is a CLI tool that provides on-demand access to passwords for applications from a host of back-end vaults.
Windows Server
Documentation at MS Windows IT Pro Center
Windows System Troubleshooting
live.sysinternals.com - or run from powershell with \\live.sysinternals.com\tools\procexp.exe
PS Tools
AD Explorer - Active Directory viewer and editor
AutoRuns - view startup applications running in the background
Process Explorer - Task Manager replacement
Process Monitor - show real-time filesystem and registry activity
TCPView - view all TCP and UDP connections
SysMon - System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log.
Windows Crash Dump Analysis
Performance Monitor
Windows Performance Toolkit
OSR Instant Online Crash Analysis - An online service to upload a memory.dmp file and run “!Analyze -v”. I wouldn’t upload a dump from a sensitive source but would try with a non-sensitive machine.
Microsoft SQL
SQL Activity Monitor
SQL Server Extended Events
Database Tuning Advisor - The Database Engine Tuning Advisor is a tool that helps you figure out if additional indexes are helpful as well as partitioning.
SQL Server AV Exclusions
BPCheck - SQL Best Practices and Performance checks
Pssdiag/Sqldiag Manager - collect data for SQL Server using sqldiag collector engine
SQL Nexus - Loads and analyzes performance data collected by Pssdiag.
diskspd - Storage stress test tool
SQL Server Diagnostic Information Queries
SQL Server Backup, Integrity Check, and Index and Statistics Maintenance
Microsoft Kerberos Configuration Manager for SQL Server
Linux
LinuxFromScratch - Linux From Scratch (LFS) is a project that provides you with step-by-step instructions for building your own customized Linux system entirely from source.
Zentyal Server - First-ever native Microsoft Active Directory® implementation on Linux that is easy to use. Zentyal Server incorporates all the network services required in a small and medium business environment: Directory & Domain Server, Mail Server, Gateway and Infrastructure Server.
How to Secure a Linux Server - Github checklist for securing Linux.
DigitalOcean guide to securing Linux
OSX
Sloth - GUI showing open files and sockets. Basically a GUI for lsof
.
KnockKnock - See what’s persistently installed on your Mac.
TaskExplorer - See running tasks.
KextViewr - View all modules loaded in the kernel.
Spectacle - Window manager.
LuLu - a free macOS firewall.
Stronghold - a script to securely configure your Mac.
Helpdesk Ticketing
ServiceNow
Jira Service Desk
Groove
Spiceworks
Diagrams
DrawtheNet
yEd Graph Editor
draw.io - Free online software for creating flowcharts. Create, save, and edit - all free with no registration.
RackTables - Datacenter and server room asset management. Document hardware assets, server racks, network configs and more.
Monitoring and Alerting
Zabbix - Monitor anything. Linux server required, various agents available.
Quest Foglight - Windows-based Enterprise software for server and Infrastructure monitoring.
Monit - Open-source process supervision tool for Unix and Linux. With Monit, system status can be viewed directly from the command line, or via the native HTTP web server.
linux-dash - A beautiful system status web dashboard for Linux
netdata - netdata is a system for distributed real-time performance and health monitoring. It provides unparalleled insights, in real-time, of everything happening on the system it runs (including applications such as web and database servers), using modern interactive web dashboards.
Observium - Observium is a low-maintenance auto-discovering network monitoring platform. It runs on a Linux server and relies on SNMP traps.
Prometheus is an open-source systems monitoring and alerting toolkit. It pulls metrics from exposed endoints and stores them in a time-series database. Either code in endpoints in yor apps or run exporters to expose them. Through tight integration with Docker it is popular for monitoring Docker services and Kubernetes.
Grafana - setup - Visualize time-series data
Spiceworks Network Monitor
Scout - Application Monitoring
Zenoss - Zenoss is a hybrid IT monitoring platform that allows enterprise companies to monitor everything, including compute, storage, network, converged infrastructure, applications and unified communications systems. Zenoss core is free. Many ZenPacks are available for various platforms including Windows.
Bosun, scollector - Bosun is a monitoring and alerting system by Stack Exchange
Sensu - Consider this to be a more modern Nagios, compatible with Nagios plugins. Core is open-source and free to use and can be installed on Linux or Windows.
100+ Top Server Monitoring & Application Monitoring Tools
PandoraFMS - Pandora FMS is a complete suite of applications for monitoring your company’s technology.
UptimeRobot - Ping your server every 5 minutes, get notified it it’s down. Free for the first 50 monitors.
Site24x7 - $10/mo site and server monitoring with SMS alerting.
netdata - Real-time performance monitoring, with dashboards. For Linux and MacOS.
checkup - Distributed, lock-free, self-hosted health checks and status pages.
Powershell
Test-ComputerSecureChannel
Avoid having to disjoin the Domain and re-add a machine because it has been off for more than 30 days. Run with -Repair
to reset the AD machine password.
Draw Nested AD Security Groups by MemberOf or Member Attributes
Script to Create a Report of Members of Privileged Groups
Finding Orphaned Group Policy Objects
Using PowerShell to Find Stale and Duplicate Active Directory Groups
Powershell Script to export Active Directory users to CSV
Password Expiry Email Notification
Powersploit - A PowerShell Post-Exploitation Framework
Windows 10 and Server 2016 Cmdlets
Get-BpaModel
and Invoke-BpaModel
- Best Practice Analyzer
POSHGUI - create GUIs for your Powershell scripts.
Pester - A testing and mock framework for Powershell.
Team Collaboration and File Sharing
Riseup Etherpad - collaborative notepad
floobits - plug-in for collaborative text editing and terminal sharing
tmate - terminal sharing
WhiteboardFox - collaborative whiteboard
AWWboard - another collaborative whiteboard
Checkvist - online checklist
Discord - chat app
Slack - team communications and alerting
Mattermost - Open-source Slack alternative
Zulip Chat - Free self-hosted Slack competitior with an email threading model. Also available as a Cloud service, free with 5GB and 10,000 message history.
reep.io - peer-to-peer instant file transfer up to 5GB. Must keep browser tab open since it’s peer-to-peer.
uploadfiles.io - Simple file sharing up to 5GB. Server based with configurable lifetime.
ShareDrop - ShareDrop allows you to send files to other devices in the same local network without any configuration - simply open https://www.sharedrop.io on all devices and they will see each other.
Zget - Command line local peer to peer file transfer.
transfer.sh - Upload file from the command line and receive a download URL. Files stored for 14 days.
StandardNotes - Note taking app. Text only
WigWam - online mind-mapping
Mozilla Send - Send files through private encrypted links that automatically expire.
Dropbox Paper - A collaborative document that a team can enrich with embedded content.
Slite - Where teams share knowledge. Create your company wiki. Collaborate on projects. Take meeting notes.
Quip - Quip combines documents, spreadsheets, chat, and slides into a powerful collaboration platform that integrates with Salesforce.
Video and Voice
Zoom - meetings and video webinars, free to 100 participants
appear.in - video group conversations and screen sharing
join.me - free screen sharing and online meetings
jitsi - video chat
Riot - Group chat, voice, video, file transfer
Mumble - open source voice chat software, primarily used for gaming.
VoIP.ms -
8x8 - Small business to Enterprise VoIP
Teamspeak - The number one choice VoIP communication system for Online Gaming (and other purposes). Free to setup your own hosted server.
Davinci Resolve - Video and audio editor with strong color correction and visual effects. Free with most features enabled.
Jive - A Cloud hosted VoIP option.
Project Managemenmt
taiga
Joplin - Open-source Evernote replacement. Clients for Windows, OSX, Linux, iOS, Android.
trello -
DNS
DuckDNS - Free dynamic DNS
DNSLint - A Microsoft utility for diagnosing DNS issues
nslookup
Resolve-DNSName
Pi-Hole - setup
Nxfilter - Another option for DNS filtering. Includes Active Directory integration. Runs on Windows and Linux.
Namebench - namebench runs a fair and thorough benchmark of DNS requests using your web browser history, tcpdump output, or standardized datasets in order to provide an individualized recommendation.
OpenNIC - OpenNIC is a user-owned and -controlled top-level Network Information Center that offers a non-national alternative to traditional Top-Level Domain registries such as ICANN.
opennic-query - A Python program I wrote to query OpenNIC DNS servers and run the result through Namebench.
EasyDNS - Reliable external DNS hosting.
DNSsy - DNS health check.
Remoting
Winscp - WinSCP is a popular SFTP client and FTP client for Microsoft Windows
Putty - PuTTY is a Windows SSH and telnet client
Remote Desktop Connection Manager - manage multiple RDP connections
RDCManager also has undocumented plugin support. For example you can extend RDCMan to launch Enter-PsSession.
Jump Desktop - Cross-platform RDP and VNC client
MobaXterm - Enhanced terminal for Windows with X11 server, tabbed SSH client, network tools and much more.
RoyalTS - RDP, VNC, SSH, S/FTP and web-based interfaces
mRemoteNG - an open source, tabbed, multi-protocol, remote connections manager for Windows.
Guacamole - Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
Connectwise Control - Remote support, remote access, remote meetings. The free version provides 3 agents and 1 user access. This gives you access to Screen Connect, top software for remote screen sharing.
TeamViewer - Software for remote screen sharing. Free for personal use.
LogMeIn Rescue - Remote support for technicians. Over $100/month.
UltraVNC - VNC remote control.
NoMachine - Free remote access from any device.
AnyDesk - Software for remote screen sharing.
Logging and Metrics
DataDog
Elasticsearch, Logstash, & Kibana
graylog
logsene - managed ELK stack with alerting. Free for 500MB/day
logz.io - ELK as a Service. Free up to 3GB/day, 3 day retention
nxlog - Community Edition can be used both as a log collector agent and as a log server
NSA guidance on Windows log collection
Centralizing Windows Logs
Windows Event Forwarding
Azure Log Analytics - Log Analytics monitors cloud and on-premises environments to maintain availability and performance.
Windows Event Forwarding @ Palantir
Beats by Elastic
Fluentd - is an open source data collector for unified logging. Often used as a replacement for Logstash in ELK stack due to lower memory overhead.
Telegraf - Telegraf is the agent for collecting and reporting metrics by the makers of InfluxDB
Gathering Metrics from Your Infrastructure and Applications - Guide from Digital Ocean
SumoLogic - Free up to 500MB/Day
Humio - Free up to 2GB/Day
OKLog
Event-o-Pedia - a free encyclopedia of events that show up in all sorts of audit logs found on the planet!
Logging Cheatsheets - Cheatsheets provided by Malware Archaeology for logging of various components: Event log, Registry, Powershell, Sysmon, etc. Also provides sheets mapping MITRE ATT&CK to Windows evelt logs.
Cloud Storage (Non-Enterprise)
Look for a provider that does delta sync instead of full file uploads. Most of these services work well with RClone.
Wikipedia Comparison of Providers
Mega - 50GB free, encryption done client-side
pCloud - $3.99/mo for 500GB, delta sync
SpiderOak - more expensive, known for it’s security
Google Drive - $1.99/mo for 100GB, $2.99/mo for 200GB
Amazon - $11.99/yr for 100GB
Dropbox - $99/yr for 1TB, many integrations, delta sync
Cloud Storage (Business)
Backblaze B2 -
B2 is only $0.005/GB per month for data storage and $0.01/GB to download data. See price comparison and partner integrations.
Amazon Glacier - 90 day minimum retention time.
Hertzner Storage Box - SFTP, SCP, rsync, and more
Synchronization
SyncThing - Syncthing is a free, open-source peer-to-peer file synchronization application available for Windows, Mac, Linux, Android, Solaris, Darwin, and BSD. It can sync files between devices on a local network, or between remote devices over the Internet.
GoodSync - Free version is limited to 3 jobs and 100 files.
Unison - Unison is a file-synchronization tool for OSX, Unix, and Windows.
rsync
FreeFileSync - open-source folder comparison and synchronization software
Duplicati
Syncplicity - 10GB free.
Seafile - Seafile is an open source, self-hosted file sync and share solution with high performance and reliability. Sync, access, and collaborate on files on your own server or private cloud.
Resilio Sync - Formerly bittorrent sync. P2P selective synchronization.
NAS & SAN
Synology
QNAP
Drobo
IX Systems - Hardware to run your FreeNAS.
FreeNAS - FreeNAS is an operating system that can be installed on virtually any hardware platform to share data over a network. Pairs well with hardware from IXSystems or commodity hardware.
Rockstor - Build and manage your own Linux & BTRFS powered advanced NAS and Cloud storage with ease.
Gluster - Free and open source software scalable network filesystem.
unRAID - unRAIDhas the ability to boot on nearly any x86 64-bit capable system and manage an array of disks that vary in size, speed, brand, and protocol.
Microsoft Storage Spaces Direct
Backup and Imaging
Quest Rapid Recovery - Enterprise grade image based backups
Veeam - Top Enterprise choice for VM backup
ShadowProtect
rsync
Rclone - rsync for cloud storage. Optional encryption.
Clonezilla - Open-source partitioning, disk imaging, and cloning
Macrium Reflect - Free backup, disk imaging and cloning solution for personal and commercial use.
Restic
FOG Project - A free open-source network computer cloning and management solution
Windows Server Backup - Bult-in Windows Feature
Acronis - Image based backup suite
Cloudberry - Cloud Backup. Pairs well with Backblaze B2 for a cheap Cloud backup solution.
UrBackup - Multi-platform open-source backup server software.
Unitrends - Backup appliances.
Duplicacy is a cross-platform backup tool that offers a number of functionalities — including incremental backups, concurrent backup, and client-side encryption — which aim to streamline the process of backing up data to the cloud.
Duplicati - Free backup software to store encrypted backups online
Borg Backup - Deduplicating archiver with compression and encryption. No Windows client.
Restic
Tarsnap - Online backups for the truly paranoid.
Very Hungry Pi - Turn your Raspberry Pi into a network backup appliance.
Data Recovery
$300 Data Recovery - Data recovery service.
DriveSavers - Data recovery service.
Gillware - Data recovery service.
Ontrack - Data recovery service and software.
Advanced Data Solutions - Data recovery service.
EaseUS - Data recovery software for Windows, Mac, iOS, & Android.
Disk Drill - Data recovery software for Mac.
Ddrescue - Open source data recovery software.
TestDisk - TestDisk is powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software: certain types of viruses or human error (such as accidentally deleting a Partition Table).
PhotoRec - PhotoRec is file data recovery software designed to recover lost files including video, documents and archives from hard disks, CD-ROMs, and lost pictures (thus the Photo Recovery name) from digital camera memory.
Security
DBAN - Securely wipe hard drives
CISecurity Benchmarks
Microsoft Security Compliance Toolkit - This set of tools allows enterprise security administrators to download, analyze, test, edit and store Microsoft recommended security configuration baselines for Windows and other Microsoft products, while comparing them against other security configurations.
Alienvault OSSIM - The World’s Most Widely Used Open Source SIEM
Australian Signals Directorate Information Security Manual
mimikatz - Retrieve Windows credentials
EncFS - Folder and file encryption. Good for Cloud uploads.
Tomb - Block level encryption using LUKS on Linux.
pfSense - The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality.
Endian Firewall - Community edition of a powerful Linux based firewall. Pairs well with hardware from Protectli.
Security Onion - Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools.
Moloch - Open-source packet capturing, indexing and database system. Save all traffic as PCAP files for analysis later.
Suricata - Suricata is a free and open source network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing.
OwlH - Manage Suricata and Zeek at scale.
Wazuh - Wazuh is a security detection, visibility, and compliance open source project. It was born as a fork of OSSEC HIDS, and later was integrated with Elastic Stack and OpenSCAP.
SELKS - Network Security Management ISO with Suricata IDS/IPS and ELK stack.
OSSEC - OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.
Sigma - Generic Signature Format for SIEM Systems. Export rules into ELK, Splunk. etc.
Uncoder - online converter for Sigma rules.
Dark Crystal - Split a secret into encrypted shards that can be distributed to others. Only when the shards are combined can the secret be revealed.
Hacksplaining - See common exploit techniques in action.
OpenVAS - OpenVAS is a full-featured vulnerability scanner.
Nikto2 - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers.
vuls - Agentless vulnerability scanner for Linux.
TheHive - Open source SIRP for data enrichment and case management.
StackStorm - An Operations automation engine for performing automated tasks.
Canary Tokens - Generate canary URLs and files that notify you if accessed.
GCHQ CyberChef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression, and data analysis.
MISP - Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing.
YETI - A platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository.
LogonTracer - LogonTracer is a tool to investigate malicious logon by visualizing and analyzing Windows Active Directory event logs.
NSS Labs - View test results of various top security products by category.
Threat Hunting (and incident Response)
Kansa - A Powershell incident response framework
Elasticsearch
Elastic - The company behind Elasticsearch.
ElastAlert - Open-Source. Easy & Flexible Alerting With ElasticSearch from Yelp.
411 - An open-source Alert Management Web Application from Etsy. Configure Searches to periodically run against a variety of data sources and send alerts.
Search-Guard - Search Guard is an Open Source Elasticsearch plugin that offers encryption, authentication, and authorisation.
ReadonlyREST - Another security, encryption, and authentication plug-in for ES and Kibana.
Elastiflow - Network flow Monitoring (Netflow, sFlow and IPFIX) with the Elastic Stack.
Logtrail - A plugin for Kibana to view and tail log events.
VulnWhisperer - Ingest vulnerability scan data.
Cerebro - Another web front-end for Elasticsearch.
Sematext Logs - Managed ELK stack on-premise or in the Cloud.
Elasticdump - Tool for moving and saving indices.
Key Issues Scaling ELK Stack - Guide from Sumologic on the evolution of a typical ELK stack.
Skedler - Easily create reports from Elasticsearch. Commercial product.
VPN
OpenVPN
ZeroTier delivers the capabilities of VPNs, SDN, and SD-WAN with a single system. Manage all your connected resources across both local and wide area networks as if the whole world is a single data center.
Wireguard is an extremely simple yet fast and modern VPN. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Now with OSX command line version!
Streisand - Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, and a Tor bridge.
sshuttle - Transparent proxy server that works as a poor man’s VPN. Forwards over ssh. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling.
Web
HAProxy - Software based load Balancing, SSL offloading and performance optimization, compression, and general web routing.
Varnish - HTTP based web application accelerator focusing on optimizing caching and compression.
Matomo - Formerly Piwik. Web and mobile analytics.
SimpleAnalytics - Simple, clean website analytics as a service. $9/month.
Fathom - Simple, trustworthy website analytics. Self-hosted or Cloud hosted.
Caddy - Caddy is a web server that makes it easy to publish a site securely. Easily implement HTTP/2 and SSL with Let’s Encrypt. Start with this guide.
Nikto2 - An open source web server scanner which performs comprehensive tests against web servers. nmap -p80,443 192.168.1.1/24 -oG - | nikto.pl -h -
E2Guardian - Open source web content filter.
Cachet - The open source status page.
Web Dev and E-commerce
webflow - build and launch responsive websites visually.
Typeform - data collection tool and form submission.
Zapier - Automate workflows between webapps.
Sentry - open-source error tracking.
Firebase - Build apps without managing infrastructure.
Local by Flywheel - Local Wordpress development made simple.
Heroku - Platform for deploying web apps.
LetsMonitor - Get alerted when your certs need renewing or aren’t working.
No-Code Tools
Airtable - Airtable is a spreadsheet-database hybrid, with the features of a database but applied to a spreadsheet. Link images and documents in cells, build a form, or collaborate with others.
Coda - Design a document and interact with it like an app.
Rescue CDs
System Rescue CD - Windows and Linux
Trinity Rescue Kit is a free live Linux distribution that aims specifically at recovery and repair operations on Windows machines, but is equally usable for Linux recovery issues.
Ultimate Boot CD -
Knoppix -
Hiren’s BootCD PE - Windows 10 WinPE-based emergency boot disk. Recently updated in June 2018.
Database
InfluxDB - Open source distributed time series database with no external dependencies. Good for logging metrics.
ElasticSearch - Elasticsearch is a search engine based on Lucene. Written in Java, it is used to search, modify, analyze, and visualize data.
Airtable - Airtable is a spreadsheet-database hybrid, with the features of a database but applied to a spreadsheet. Link images and documents in cells, build a form, or collaborate with others.
SSL
SSL Labs Server Test
DigiCert SSL Tools
SSL Labs Browser Test
How’s My SSL Client Test
Centrify the Web - A free utility to install, manage, and auto-renew Let’s Encrypt certs for Windows/IIS
IISCrypto - enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2008, 2012 and 2016
SSLs.com - Cheap SSL certificates backed by Comodo.
SSL2BUY - More cheap SSL certs. Buy a wildcard cert for $40/yr.
SSL Store - More cheap SSL certs.
New-SelfSignedCertificate
- PS command to create a self-signed certificate.
mkcert - create and install a local cert with any name you want.
Let’s Encrypt - Free SSL certificates.
Certificates for localhost - Advice from Let’s Encrypt on local certificates for development.
testssl.sh - Script to test SSL from the command line.
htrace - A simple Swiss Army knife for http/https troubleshooting and profiling. Based on the dependencies I recommend running the Docker container.
Cloud (Generic)
Openstack - Opensource IaaS software for creating Public and Private clouds. OpenStack software controls large pools of compute, storage, and networking resources throughout a datacenter.
Rclone - rsync for cloud storage
Unitrends VMware migration tool - Free VMware Migration to AWS or Azure
DownDetector - Real-time status overview of service issues and outages.
Outage Report - Status overview of outages.
DivvyCloud - Manage multi-Cloud platorm security, visibility, and IAM from one location.
Google Cloud
Google Cloud Solutions Architecture Reference - Google Cloud infrastructure architecting examples.
Azure
Invoke-ADSyncDiagnostics
Lock down the Azure AD Connect Account
Azure AD Pricing
PerfInsights - diagnostics tool that collects & analyzes the diagnostic data, and provides a report to help troubleshoot Windows virtual machine performance problems in Azure.
Azure Active Directory Connect Health Agent
Azure Storage explorer - Browse storage and manage files and blobs.
Nerdio - Easily provision an Azure Cloud environment
shell.azure.com
AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2016 including Nano Server and various products like AD, Exchange, PKI, IIS, etc.
Azure Module for Logstash - The Microsoft Azure module in Logstash helps you easily integrate your Azure activity logs and SQL diagnostic logs with the Elastic Stack.
Azure VM Price Comparison - Compare Azure VM pricing on one page.
AWS
Cloudwatch - Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS.
Localstack - LocalStack provides an easy-to-use test/mocking framework for developing Cloud applications. It spins up a testing environment on your local machine that provides the same functionality and APIs as the real AWS cloud environment.
Cloudforecast.io - Cloudforecast is a daily email report that keeps an eye on your AWS cost.
EC2Instances.info - Compare EC2 Instance pricing on one page.
FlAWS - Online tutorial showing some of the most common AWS misconfigurations.
O365
Magic Unicorn Tool - script designed to read Microsoft Office 365 Activities API data in csv format and produce a set of reports. Based on secret API.
O365 User and Groups enumeration - PS scripts
Skykick Migration Suite - The SkyKick Migration Suite helps IT Partners automate entire Office 365 migration projects from pre-sales to project completion.
Mimecast - Cloud based email protection with 0365 failover capability in case of an outage.
Virtualization
Packer - Packer automates the creation of any type of machine image. Out of the box Packer comes with support to build images for Amazon EC2, CloudStack, DigitalOcean, Docker, Google Compute Engine, Microsoft Azure, QEMU, VirtualBox, VMware, and more.
VMWare Standalone Converter
vCheck Report - vCenter Health Check
vSphere 6.5 Update 1 Security Configuration Guide
Proxmox VE - Proxmox VE is a complete open source virtualization management solution for servers. It is based on KVM virtualization and container-based virtualization and manages virtual machines, storage, virtualized networks, and HA Clustering.
XCP-ng - A fully open-source replacement for XenServer.
VPS
VPSBenchmarks - Compare VPS plans and performance.
LowEndBox - List of deals on low end dedicated servers.
LowEndTalk - Forum dedicated to VPS deals.
ServerHunter - Find and sort VPS plans from various providers.
DigitalOcean - VPS provider.
RamNode - VPS provider.
Hetzner - VPS provider.
IoT
PlatformIO - This is a cross platform code builder and library manager. They took care of toolchains, debuggers, and frameworks. It supports more than 200 development boards along with more than 15 development platforms and 10 frameworks.
The Things Network - an open LoRaWAN network.
Blynk - IoT platform allowing for the easy creation of dashboards based on widgets.
MicroPython - a small implementation of Python that is optimized to run on microcontrollers.
ThingSpeak - an IoT analytics platform. Good for people who want to analyze their data with MATLAB.
Particle - an end-to-end IoT management platform. To be able to communicate with Particle Cloud you must be running their Device OS
Porter App - Automatic UI building for Particle devices and Cloud.
Bosch IoT Suite - an IoT platform consisting of various cloud services, based mostly on open-source software.
ThingWorx - A platform for Industrial IoT.
Azure IoT - It’s Microsoft.
MachineQ - End-to-end Emterprise IoT platform.
Microshare - Microshare is a data leverage platform for the IoT era, providing a solution to sharing, privacy, security, audit, confidentiality, data monetization and cost savings.
Sparkfun Education - IoT learning site.
Adafruit IO - IoT dashboard for all devices.
Balena - Manage fleets of devices.
Proxmox Mail Gateway - Proxmox Mail Gateway is a comprehensive open source email security platform helping you protect your mail server from email threats, and ensuring data integrity with its enterprise-class feature-set.
EveryCloud Mail Flow Monitor - Our system sends a test email every few minutes to a monitoring mailbox on your server. You set up a forward to send the emails back to us and we do the rest! Free plan available.
GMVault - GMail backup
BitTitan MigrationWiz - 100% SaaS migration solution that can be accessed at any time from anywhere. Sign up, configure, and initiate mailbox, document, personal archives, Public Folders, and cloud storage migration projects from a single, centralized user-interface.
Swaks - Swiss Army Knife for SMTP. A command line tool to run a series of SMTP tests.
MailScanner - Open source Email filter.
OrangeAssassin - Drop-in replacement for SpamAssassin. Open source antispam framework.
Containers
Kubernetes - Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. Learn by example
Gravity - Gravity is an open-source tookit for creating “images” of K8 clusters and their applications. The resulting tar files can be used to reproduce the cluster for compliance or to move it.
Play with Docker - An interactive playground to learn Docker.
MiniKube - Run Kubernetes locally
Rancher - Rancher is enterprise management for Kubernetes. Rancher offers an intuitive UI, enabling users to run containers without learning all Kubernetes concepts up-front.
Portainer - Portainer is an open-source lightweight management UI which allows you to easily manage your Docker hosts or Swarm clusters.
CoreOS - CoreOS is an open-source lightweight operating system based on the Linux kernel and designed for providing infrastructure to clustered deployments.
DigitalOcean Dokku Droplet - One-click deployment of an Ubuntu 18.04 VPS with Docker and Dokku.
OpenShift - RedHat’s customized Kubernetes offering.
Self-Hosted
grocy - self-hosted, web-based groceries and household management (chores, tasks, recipes, etc.) software.
Mailcow - Dockerized Postfix, Dovecot, and Nginx for a self-hosted email solution.
Firefly III - Open-source personal finance manager.
Owncloud -
Nextcloud -
Cloudron - A platform to easily run and maintain web apps on your server. Essentially a wrapper application for running repackaged Docker containers of common open-source projects (Nextcloud, Wordpress, DokuWiki). Install the apps from a centralized marketplace. Free for 2 apps or $15/mo for unlimited apps.
Mattermost - Open-source Slack alternative
Wallabag - Save articles to read later.
FreshRSS - RSS aggregator.
Monica - Open source personal CRM.
Other Tools
Zapier - Connect Apps and automate workflows
Huginn - Huginn is a system for building agents that perform automated tasks for you online. They can read the web, watch for events, and take actions on your behalf. Huginn’s Agents create and consume events, propagating them along a directed graph. Think of it as a hackable version of IFTTT or Zapier on your own server.