McAfee Free Tools

McAfee is committed to your security and provides an assortment of free McAfee tools to help in your software development. Simply select a tool and download it for free. For more details, read the McAfee Software Free Tools End User License Agreement.

Anti-Malware Tools

GetSusp (English)

McAfee GetSusp is intended for users who suspect undetected malware on their computer.

Mac Stinger (English)

Mac Stinger is a standalone utility used to detect and remove specific viruses on Mac OS X. Currently Mac Stinger can detect and remove OSX/Flashfake variants.

RootkitRemover (English)

McAfee Rootkit Remover is a stand-alone utility used to detect and remove complex rootkits and associated malware.

Stinger (English)

McAfee Stinger detects and removes prevalent Fake Alert malware and threats identified in the "List Viruses" section of the Stinger application.

Assessment Utilities

Clipcaptcha (English)

Foundstone's clipcaptcha is an extensible and signature based CAPTCHA Provider impersonation tool.

CredDigger v2.1 (English)

Foundstone CredDigger™ is a tool that attempts to gather data to assist with penetration testing on a corporate network.

CredDigger v2.1 (English)

Foundstone CredDigger™ is a tool that attempts to gather data to assist with penetration testing on a corporate network.

Fpipe v2.1 (English)

FPipe v2.1 - Port redirector.

FSCrack v1.0.1 (English)

GUI for John the Ripper.

Night Dragon Vulnerability Detection Tool (English)

Free utility that helps identify systems affected by the "Night Dragon" malware.

Proxbrute v0.3 (English)

ProxBrute is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 465) to support brute force attacks against proximity card access control systems.

ShareScan v1.0.0.2 (English)

ShareScan is a free utility that enables IT security personnel to identify open Windows file shares available on the internal network.

TesserCap v1.0 (English)

Foundstone’s TesserCap is a GUI based, highly flexible, interactive, point and shoot CAPTCHA analysis tool.

VIDigger v1.0 (English)

Check the configuration of ESX server and the virtual machines hosted on ESX server against the VMware Infrastructure Hardening guide and other best practices.

Forensic Tools

BinText 3.03 (English)

Finds Ascii, Unicode and Resource strings in a file.

DumpAutoComplete v0.7 (English)

Dump Firefox AutoComplete files into XML.

Forensic Toolkit v2.0 (English)

Tools to help examine NTFS for unauthorized activity.

Galleta v1.0 (English)

A Internet Explorer Cookie Forensic Analysis Tool.

NTLast v3.0 (English)

Security audit tool for Windows NT.

Pasco v1.0 (English)

An Internet Explorer activity forensic analysis tool.

PatchIt v2.0 (English)

A binary file byte-patching program.

Rifiuti v1.0 (English)

A Recycle Bin Forensic Analysis Tool.

ShoWin v2.0 (English)

Show information about Windows, reveal passwords, and more.

Vision v1.0 (English)

Reports all open TCP and UDP ports and maps them to the owning process or application.

Foundstone SASS Tools

.NET Security Toolkit v1.0 (English)

The Foundstone SASS (Software Application Security Services) .NET Security Toolkit is designed to help application developers and architects to build secure and reliable .NET software applications.

.NETMon v1.0 (English)

The .NETMon tool monitors the .NET common language runtime enabling developers to conduct detailed analysis.

CodeScout v1.0 (English)

Foundstone CodeScout™ is a free tool developed by Foundstone to help application developers and code reviewers validate adherence to coding best practices and determine the complexity and scope of a code base.

HackPack v1.0 (English)

Foundstone HackPack™ is a tool designed to aid security professionals in keeping up with changes and updates to security software. The tool offers a simple interface to a large variety of security tools.

Hacme Bank - Android v1.0 (English)

Hacme Bank™ Android is designed to teach mobile application developers, programmers, architects and security professionals how to create secure software and evaluate their own software to identify vulnerabilities.

Hacme Bank v2.0 (English)

Hacme Bank™ is designed to teach application developers, programmers, architects and security professionals how to create secure software.

Hacme Books (English)

Foundstone Hacme Books is a learning platform for secure software development.

Hacme Casino v1.0 (English)

Foundstone Hacme Casino™ is a learning platform for secure software development.

Hacme Shipping (English)

Hacme Shipping is a web-based shipping application developed to demonstrate common web application hacking techniques.

Hacme Travel (English)

Hacme Travel is designed to create secure software.

Hash Calculator v1.0 (English)

Foundstone Hash Calculator is a Fiddler Extension that allows you to calculate hashes for input strings.

Oyedata v1.0 (English)

Foundstone's Oyedata is an intuitive GUI based tool to analyze and perform black-box security testing on OData implementations.

SecureUML Template v1.0 (English)

The SecureUML Visio template defines a custom Unified Modeling Language (UML).

SiteDigger v3.0 (English)

SiteDigger 3.0 searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on websites.

SiteScope v1.0 (English)

Foundstone’s SiteScope creates a site map and gathers metrics for a given web-based application.

Socket Security Auditor v1.0 (English)

Foundstone Socket Security Auditor identifies the insecurely bound sockets on the local system preventing hackers from stealing valuable information.

SSLDigger v1.02 (English)

SSLDigger v1.02 is a tool to assess the strength of SSL servers by testing the ciphers supported.

SSLSmart (English)

SSLSmart is a highly flexible and interactive tool aimed at improving efficiency and reducing false positives during SSL testing.

Validator.NET v1.0 (English)

Validator.NET helps eliminate common vulnerabilities such as SQL Injection and Cross-Site Scripting.

WSDigger (English)

WSDigger v1.0 - Web services testing framework.

Intrusion Detection Tools

Attacker v3.0 (English)

Attacker v3.0 - A TCP/UDP port listener.

Carbonite (English)

Carbonite v1.0 - A Linux Kernel Module to aid in RootKit detection.

FileWatch (English)

FileWatch v1.0 - A file change monitor. Used with BlackICE Defender.

FPort (English)

FPort v2.0 - Identify unknown open ports and their associated applications.

IPv4Trace (English)

IPv4Trace v1.0 - A Win32 C++ programming library port of the OpenBSD 2.8 kernel-land IPv4 fragment reassembly implementation.

Scanning Tools

BOPing (English)

A scanner for the infamous Back Orifice program.

CIScan (English)

Cisco IOS IPv4 Remote Denial of Service Vulnerability Detection Utility.

DIRE (English)

DIRE (Detecting Insecurely Registered Executables)

DSScan (English)

LSASS scanner.

FileInsight (English)

A handy integrated tool environment for website and file analysis.

McAfee Security Scan Plus (English)

Actively check your computer for anti-virus software, firewall protection, and web security, and find threats in your open applications.

MessengerScan v1.05 (English)

Quickly and accurately identify Microsoft operating systems that are vulnerable to the messenger service buffer overflow released in the MS03-043 bulletin.