Free Blue Team Resources

The following lists are free services, open-source software and software lists, and other free resources available to any organization, tailored to the “Blue Team”, the defenders.

We provide these “As-Is” and without official endorsement or warranty.

Free CISA Services

• CISA’s CyberHygine Service: free vulnerability scanning of any publicly available systems
• CISA’s Free Services webpage
• CISA’s Public Learning Portal: Free virtual cybersecurity training for the public. Register using a login.gov account.
  • If you used FedVTE in the past, this is its replacement.
• ICS/OT Training Portal: Free virtual training on ICT/Operational Technology ran by Idaho National Laboratory. Open to the public, register using a login.gov account

Free Software Lists

These are community-maintained lists of free or open-source software organized by usecase and function:

• Sysadmin Tools
• Self-Hosted Network Services and Web Apps
• Endpoint Detection and Response
• Security Tooling
• Incident Response
• HoneyPots
• All things Bash
• Bare Metal Provisioning
• Docker Compose Samples
• Tunneling and Hosting
• SNMP Configuration
• Ansible Hardening
• FossHub: large aggregator site of free and open-source software

Free Software and Guides

Here are some open-source and free software as well as administration guides that would benefit small and underfunded IT teams at the state and local government levels.

• Open-AudIT: self hosted network auditing tool
• ssh-audit: tool for auditing SSH servers and clients
• SELinux beginner’s guide
• Windows KMS Setup Guide
• PowerShell DBA Tools
• Ninite Bulk App Installer
• A guide to IPv6
• Online Network Tools
• Wazuh: Open Source SIEM tooling
• Security Onion: Open Source SIEM, Network Monitor, Log Management, and more
• AWS in Plain English: explanation of AWS services

Free Security Sites

A collection of sites and services that will help with your security and cyber hygiene.

• haveibeenpwned: breach monitoring for personal and professional email domains
• AWS Security Tooling
• DFIR Report: analyses of recent intrusions, ransomware attacks, and similar cybersecurity events

AI Guides

Generative AI like ChatGPT, Claude, Gemini, etc are game-changing tools for everyone, and have special value in accelerating the ability of IT and cybersecurity professionals. The following are some guides and information to help you use them effectively.

• Prompt Engineering Guide
• Prompt Engineering Tips and Tricks