McAfee is committed to your security and provides an assortment of free McAfee tools to help in your software development. Simply select a tool and download it for free. For more details, read the McAfee Software Free Tools End User License Agreement.
The following tools are often used for penetration testing and digital forensics. As such, they may be categorized as hack tools, unwanted programs, or even malware by certain security programs. Please note that these tools do not perform any function other than what is detailed in their descriptions and do not contain malware.
McAfee GetSusp is intended for users who suspect undetected malware on their computer.
Interceptor is an Anti-Ransomware tool. Interceptor is an early detection tool that prevents file encryption attempts by ransomware malware. This tool leverages heuristics and machine learning to identify such malware.
Thanks for participating in the Real Protect beta program. This technology is now available as part of our consumer and enterprise anti-malware products. Stay tuned for an upcoming beta program that will provide additional deep-learning enhancements to the Real Protect technology.
McAfee Rootkit Remover is a stand-alone utility used to detect and remove complex rootkits and associated malware.
This tool can decrypt user files, applications, databases, applets, and other objects infected by the Shade ransomware.
McAfee Stinger detects and removes prevalent Fake Alert malware and threats identified in the "List Viruses" section of the Stinger application.
Tesladecrypt will decrypt TeslaCrypt encrypted files with the following extensions: .mp3, .micro, .xxx, and .ttt.
This tool can decrypt user files, applications, databases, applets, and other objects infected by the WildFire ransomware.
Foundstone CredDigger™ is a tool that attempts to gather data to assist with penetration testing on a corporate network.
FPipe is a source port forwarder/redirector. It can create a TCP or UDP stream with a source port of your choice.
FSCrack is a front end for John the Ripper (JtR) that provides a graphical user interface (GUI) for access to most of JtR’s functions.
Free utility that helps identify systems affected by the "Night Dragon" malware.
ProxBrute is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 465) to support brute force attacks against proximity card access control systems.
ShareScan is a free utility that enables IT security personnel to identify open Windows file shares available on the internal network.
Foundstone’s TesserCap is a GUI based, highly flexible, interactive, point and shoot CAPTCHA analysis tool.
Check the configuration of ESX server and the virtual machines hosted on ESX server against the VMware Infrastructure Hardening guide and other best practices.
Finds Ascii, Unicode and Resource strings in a file.
Dump Firefox AutoComplete files into XML.
Tools to help examine NTFS for unauthorized activity.
A Internet Explorer Cookie Forensic Analysis Tool.
Security audit tool for Windows NT.
An Internet Explorer activity forensic analysis tool.
A binary file byte-patching program.
A Recycle Bin Forensic Analysis Tool.
Show information about Windows, reveal passwords, and more.
Reports all open TCP and UDP ports and maps them to the owning process or application.
The .NETMon tool monitors the .NET common language runtime enabling developers to conduct detailed analysis.
The Foundstone SASS (Software Application Security Services) .NET Security Toolkit is designed to help application developers and architects to build secure and reliable .NET software applications.
Foundstone CodeScout™ is a free tool developed by Foundstone to help application developers and code reviewers validate adherence to coding best practices and determine the complexity and scope of a code base.
CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications.
Foundstone HackPack™ is a tool designed to aid security professionals in keeping up with changes and updates to security software. The tool offers a simple interface to a large variety of security tools.
Hacme Bank™ Android is designed to teach mobile application developers, programmers, architects and security professionals how to create secure software and evaluate their own software to identify vulnerabilities.
Hacme Bank™ is designed to teach application developers, programmers, architects and security professionals how to create secure software.
Foundstone Hacme Books is a learning platform for secure software development.
Foundstone Hacme Casino™ is a learning platform for secure software development.
Hacme Shipping is a web-based shipping application developed to demonstrate common web application hacking techniques.
Hacme Travel is designed to create secure software.
Foundstone Hash Calculator is a Fiddler Extension that allows you to calculate hashes for input strings.
JMSDigger is an open source and GUI based tool from Foundstone used for penetration testing ActiveMQ based JMS Applications
Foundstone's Oyedata is an intuitive GUI based tool to analyze and perform black-box security testing on OData implementations.
The SecureUML Visio template defines a custom Unified Modeling Language (UML).
SiteDigger 3.0 searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on websites.
Foundstone’s SiteScope creates a site map and gathers metrics for a given web-based application.
Foundstone Socket Security Auditor identifies the insecurely bound sockets on the local system preventing hackers from stealing valuable information.
SSLDigger v1.02 is a tool to assess the strength of SSL servers by testing the ciphers supported.
SSLSmart is a highly flexible and interactive tool aimed at improving efficiency and reducing false positives during SSL testing.
Validator.NET helps eliminate common vulnerabilities such as SQL Injection and Cross-Site Scripting.
WSDigger v1.0 - Web services testing framework.
Attacker v3.0 - A TCP/UDP port listener.
FileWatch v1.0 - A file change monitor. Used with BlackICE Defender.
FPort v2.0 - Identify unknown open ports and their associated applications.
IPv4Trace v1.0 - A Win32 C++ programming library port of the OpenBSD 2.8 kernel-land IPv4 fragment reassembly implementation.
A scanner for the infamous Back Orifice program.
Cisco IOS IPv4 Remote Denial of Service Vulnerability Detection Utility.
Scan your infrastructure to discover if you have unencrypted Perforce passwords which could be stolen and used to penetrate your source code library.
A network admin utility for remotely detecting the most common DDoS programs.
DIRE (Detecting Insecurely Registered Executables)
A handy integrated tool environment for website and file analysis.
Quickly and accurately identify Microsoft operating systems that are vulnerable to the messenger service buffer overflow released in the MS03-043 bulletin.
Microsoft UPnP MS05-039 Vulnerability Detection Utility.
Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution.
MydoomScanner is a Windows GUI scanner tailored specifically to finding Microsoft Windows systems infected with the Mydoom worm.
Remote Task Scheduler scanner.
Automate the search for Microsoft SharePoint servers running on your network.
Microsoft RPC(MS03-026) and RPCSS(MS03-039) Vulnerability Detection Utility.
Command line port scanner.
SNMP Detection Utility.
Powerful TCP port scanner, pinger, resolver.
Powerful TCP port scanner, pinger, resolver.
Traceroute and Whois program.
Quickly and easily submit missed spam samples and misidentified spam to McAfee Labs.