CISA’s 150+ List of Free Services and Tools
CISA has a MASSIVE list of free services and tools you can and should take advantage of.
Free Tools
Last Pass – How secure is your password?
Website: https://lastpass.com/howsecure.php This tool is similar to the other password checkers I have listed, such as How Secure is my Password? and Password Monster. This one is fine and gets…
EICAR anti-malware test file
Website: https://www.eicar.org/?page_id=3950 The EICAR anti-malware test file is a harmless file that is used to test the effectiveness of anti-malware software. It was created by the European Institute for Computer…
CISA KEVC: Known Exploited Vulnerabilities Catalog
The Known Exploited Vulnerabilities Catalog (KEVC) is a publicly available catalog of common vulnerabilities and exposures (CVEs) that have been actively exploited by cyber attackers. It is maintained by the…
How Secure is my Password?
Website: https://www.security.org/how-secure-is-my-password/ Security.org’s “How Secure Is My Password?” is a free online tool that allows users to check the strength and security of their passwords. Here’s a summary of the…
Password Monster
Website: https://www.passwordmonster.com/ Similar to “How Secure is my Password”, this tool is offered by My1Login. Plug in your password (or a similar proxy) and get this info: 1. Password strength…
GitLab’s Open Source IR Playbooks
Website: https://gitlab.com/syntax-ir/playbooks/-/tree/main GitLab open sourced their playbooks for Incident Response as a way to give back to the community. It gives us procedural documentation, flowcharts, and activities you can adopt,…
CVE List/Search
Website: http:///cve.mitre.org This is the list of common vulnerabilities and exposures (CVE) that everyone knows and loves. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities…
CWE: Common Weakness Enumeration
Website: http://cwe.mitre.org CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for…
CAPEC: Common Attack Pattern Enumeration and Classification
Website: https://capec.mitre.org/index.html CAPEC is the way an attacker can exploit a CVE or generally target a CWE. From the site:The Common Attack Pattern Enumeration and Classification (CAPEC™) effort provides a…