Free Tools

KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

More than ever, your users are the weak link in your network security. They need to be trained by an expert like Kevin Mitnick, and after the training stay on their toes, keeping security top of mind.

With world-class, user-friendly new-school Security Awareness Training, KnowBe4 gives you self-service enrollment, and both pre-and post-training phishing security tests that show you the percentage of end-users that are Phish-prone.

Gartner has positioned KnowBe4 highest and furthest overall in the Leaders’ Quadrant for its ability to execute and its completeness of vision in the 2019 Magic Quadrant for the Security Awareness Computer-Based Training (CBT) market. This is the third consecutive year KnowBe4 has been recognized as a Leader in this report.

Phising tools

Phishing Security Test

Did you know that 91% of successful data breaches started with a spear phishing attack?
Find out what percentage of your users are Phish-prone™ with your free Phishing Security Test. Why? If you don’t do it yourself, the bad guys will. Plus, see how you stack up against your peers with phishing Industry Benchmarks. Start phishing your users now. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

» Go Phishing!

Phishing Reply Test

How many of your users will take the bait and reply to a spoofed email? Highly targeted phishing attacks, known as Business Email Compromise or CEO fraud scams have exceeded $12.5 billion in total known losses worldwide.The bad guys use these social engineering attacks to impersonate your CEO and convince your users, often in Accounting, HR, or even IT into sharing sensitive information. KnowBe4’s new Phishing Reply Test makes it easy for you to check to see if key users in your organization will reply to a highly targeted phishing attack.

» Test Your Users

Social Media Phishing Test

Do you know which of your users are vulnerable to a social media phishing attack? Phishing is still the #1 threat action used in social engineering attacks and is used to take advantage of our socially networked lives. Attackers use social media to target both your brand and your users by distributing malware or spear phishing for credentials. KnowBe4’s new Social Media Phishing Test makes it easy for you to identify which users in your organization are vulnerable to these types of phishing attacks that could put your users and organization at risk.

» Go Phishing!

Phish Alert Button

Do your users know what to do when they receive a suspicious email? Should they call the help desk, or forward it? Should they forward to IT including all headers? Delete and not report it? Get the Phish Alert Add-in Button and give your users a safe and easy way to forward email threats to the security team for analysis, all with a single click.

» Get Your Phish Alert Button

Second Chance

Wish your users could “roll back time” when they click a bad link? Now they can! Second Chance enables your user to make a smarter security decision by giving them a way to back out of that click. This tool takes an intelligent look at the clicked URL in an email, and asks your user if they are sure they want to do this, in case they clicked on a potentially unsafe or an unknown website.

» Get Your Second Chance

Security Awareness Training Tools

Automated Security Awareness Program (ASAP)

Get your customized security awareness training program. Many IT pros don’t exactly know where to start when it comes to creating a security awareness program that will work for their organization. ASAP allows you to build a customized Security Awareness Program for your organization that will help you to implement all the steps needed to create a fully mature training program in just a few minutes.

» Get Started ASAP!

Training Preview

The world’s largest library of security awareness training content is now just a click away! In your fight against phishing and ransomware you can now deploy the best-in-class phishing platform combined with the world’s largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters. Get access to the full library now!

» Start Your Preview

Security Awareness Training Tools

Weak Password Test

Did you know 81% of hacking-related breaches used either stolen and/or weak password? Are your user’s passwords…P@ssw0rd? Employees are the weakest link in network security, using weak passwords and falling for phishing and social engineering attacks. Our Weak Password Test checks your Active Directory for 10 types of weak password related threats, get your report in 5 minutes!!

» Find Weak Passwords

Browser Password Inspector

Do users put your organization at risk with browser-saved passwords? Cybercriminals are always looking for easy ways to hack into your network. And, they are increasingly successful using a combo of phishing and malware to steal your users’ passwords stored in web browsers. KnowBe4’s Browser Password Inspector makes it easy for you to identify which users are putting your organization at risk by saving weak, reused, or old passwords in Chrome, Firefox, and Edge.

» Find Browser-Saved Passwords

Password Exposure Test

Are your users putting a big target on your organization’s back? The bad guys are constantly coming out with new ways to hack into your network and steal your organization’s confidential information. KnowBe4’s new Password Exposure Test allows you to run an in-depth analysis of your organization’s hidden exposure risk associated with your users.

» Download Now

Breached Password Test

How vulnerable is your network to hacked user passwords? A whopping 25% of employees are using the same password for all logins. What if that password is available on the dark web? A massive amount of passwords are compromised due to data breaches and used by the bad guys for attacks. Find out if hacked passwords are being used within your organization.

» Check Your Passwords

Email Security Tools

Email Exposure Check Pro

Have your users made you an easy target for spear phishing? Many of the email addresses and identities of your organization are exposed on the internet and easy to find for cybercriminals. With that email attack surface, they can launch social engineering, spear phishing and ransomware attacks on your users. Our Email Exposure Check identifies the at-risk users in your organization.

» Get Your Report

Domain Spoof Test

Can hackers spoof an email address of your own domain? Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit “CEO Fraud”, penetrating your network is like taking candy from a baby. Find out now if your domain can be spoofed.

» Try To Spoof Me!

Mailserver Assessment (MSA)

With email still the #1 attack vector, do you know if hackers can get through your mail filters? KnowBe4’s MSA tool tests your mailserver configuration by sending 40 different types of email message tests that check the effectiveness of your mail filtering rules. Get insight at how your mailserver handles different message types including email with attachments that contain password-protected, macro zipped, and .exe files or have spoofed domains.

» Test Your Mailserver

Domain Doppelgänger

Discover dangerous look-alike domains that could be used against you! Since look-alike domains are a dangerous vector for phishing attacks, it’s top priority that you monitor for potentially harmful domains that can spoof your domain. This tool makes it easy for you to identify your potential “evil domain twins” and combines the search, discovery, reporting, risk indicators, and end-user assessment with training so you can take action now.

» Find Your Look-Alike Domains

Malware Tools

Ransomware Simulator Tool

Find out how vulnerable your network is against ransomware and cryptomining attacks. Bad guys are constantly coming out with new versions of ransomware strains to evade detection. Is your network effective in blocking ransomware when employees fall for social engineering attacks? RanSim will simulate 18 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

» Get RanSim!

USB Security Test

Did you know, on average 45% of your users will plug in unknown USBs… Download our special, “beaconized” file onto any USB drive, then label the drive with something enticing and drop at an on-site high traffic area. If a user picks it up, plugs it in their workstation and opens the file, it will “call home” and report the “fail” to your KnowBe4 console. Also get reporting on opens and if macros were enabled. Find out now how your users will react!

» Test Your Users