Free Tools

Free DFIR Tools

Six free cybersecurity tools built for analysts, responders, and defenders. Check IOCs against threat intel, investigate phishing, scan for exposure, look up domains, analyse suspicious files, and audit your browser privacy — no account, no paywall.

Built by DFIR Lab. Privacy-first by design — your data is never stored or shared.

IOC Reputation Checker

IP · domain · hash · URL

Check any IP, domain, hash, or URL against 14+ threat intelligence sources. Get instant reputation scoring, verdict, and shareable results. No signup, no limits beyond 10/hour.

IPDomainHashURLTI Aggregation

Try it free

Phishing Email Checker

Analyse suspicious emails

Paste raw email headers to check for phishing indicators, spoofing attempts, and SPF / DKIM / DMARC authentication failures. Instant results, no account needed.

SPFDKIMDMARCHeader Analysis

Try it free

Exposure Scanner

Map your attack surface

Scan any domain or IP for open ports, SSL/TLS misconfigurations, exposed services, and attack surface indicators. Understand what attackers see before they do.

Port ScanSSL CheckDNSAttack Surface

Try it free

Domain Lookup

Investigate any domain

Full WHOIS records, DNS enumeration, email security posture (SPF/DKIM/DMARC), and reputation scoring — all in a single query. Essential for phishing and fraud investigations.

WHOISDNS RecordsReputationEmail Security

Try it free

File Analyzer

Static analysis for suspicious files

Upload scripts, documents, or executables for static analysis. Detects obfuscation, suspicious patterns, embedded URLs, and indicators of compromise without executing the file.

Static AnalysisObfuscationIOC DetectionSafe Sandbox

Try it free

Browser Privacy Check

Audit your browser fingerprint

See what your browser reveals to websites: IP address, WebRTC leaks, canvas fingerprint, installed fonts, and more. Understand your digital footprint in seconds.

FingerprintWebRTCIP LeakPrivacy

Try it free

API Playground

Try every endpoint in your browser

Interactive playground for the full DFIR Platform API. 10 free calls per week — no signup. Test IOC enrichment, phishing analysis, exposure scans, and more against real endpoints.

APIInteractiveNo Signup10 calls/week

Open playground

Privacy-first by design.

Every tool on this page is built and operated by DFIR Lab — an independent security research project. We don't require accounts, we don't log queries, and we don't sell your data.

Need higher rate limits, API access, or team features? The DFIR Platform extends these tools with a free tier and pay-as-you-go API.

Try DFIR Platform Free Browse the DFIR Wiki