Open Source Linux Anti-Malware Software
Sort By:
Anti-Malware Software for Linux
View 7 business solutionsBrowse free open source Anti-Malware software and projects for Linux below. Use the toggles on the left to filter open source Anti-Malware software by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks. -
2
Cuckoo Sandbox
Cuckoo Sandbox is for automated analysis of malware
Cuckoo Sandbox uses components to monitor the behavior of malware in a Sandbox environment; isolated from the rest of the system. It offers automated analysis of any malicious file on Windows, Linux, macOS, and Android. -
3
Robolinux
Announcing Robolinux Cinnamon 14.1
Announcing The New Robolinux Series 14 Mate LTS - 2034 Robolinux is very pleased to announce a completely new 14.1 Mate privacy centered 1inux operating system you can download freely while also offering our users an optional 14+ advanced upgrade which comes with our Untracker and FAAST Boot along with one click popular privacy software installers like Tor and I2p, Wireshark and Bleachbit plus many more for a fair and reasonable price. Robolinux14.1-Mate is ideal for beginners and advanced users. We are proud that it comes with Enoch AI which is TOTALLY 100% PRIVATE, FREE, HONEST & UNCENSORED built into Robolinux Cinnamon 14.1 The Robolinux 14.1 version with rock solid Long Term Support through 2034! requires users to set secure boot in their BIOS. It is currently available in the Cinnamon desktop flavor. we will release series 14 Xfce version in the next two months.For more information please see Readme file. Warmest regards John Martinson Robolinux.org -
4
theZoo
A repository of LIVE malwares for malware analysis and security
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev. theZoo’s purpose is to allow the study of malware and enable people who are interested in malware analysis (or maybe even as a part of their job) to have access to live malware, analyse the ways they operate, and maybe even enable advanced and savvy people to block specific malware within their own environment. Please remember that these are live and dangerous malware! They come encrypted and locked for a reason! Do NOT run them unless you are absolutely sure of what you are doing! They are to be used only for educational purposes. -
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
5
ClamTk is a graphical interface for Clam Antivirus. It is designed to be an easy-to-use, lightweight, on-demand desktop virus scanner for Linux.
-
6
HoneyDrive
Honeypots in a box! HoneyDrive is the premier honeypot bundle distro.
HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution. -
7
The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, etc. The package also contains cron, logrotate, and man files.
-
8
readpe
The PE file analysis toolkit
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones. -
9
AdwCleaner is a free tool that will scan your computer and efficiently removes Adware (ads softwares), PUP/LPI (Potentially Undesirable Program), Toolbars, Hijacker (Hijack of the browser's homepage). It also features anti adware host that will help to prevent advertising software from installing on your machine. It works with a Search and Delete mode. It can be easily uninstalled using the mode "Uninstall". AdwCleaner is now part of the Malwarebytes family. We at Malwarebytes are big fans too. That's why we've asked Jerome Boursier, Corentin Chepeau, and the rest of the AdwCleaner team to join us. We're now working together to make a malware-free existence a reality for everyone. Don't worry--we will maintain, support, and keep AdwCleaner free for everyone. We believe in its mission, and will be integrating its technology into Malwarebytes products in the future. Learn more about the acquisition.
-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
10
sktrap (script kiddies trap) is a tiny intrusion detection system. Installed on the monitor server, it runs tests via ssh on its clients. Cracks very visible (files,open ports). Built in reply to and very succesful in finding real-world break-ins.
-
11
LSG - Linux SecureGuard
Professional antivirus solution developed for Linux systems.
Professional antivirus solution developed for Linux systems. Protects your Linux servers and desktop systems with real-time protection, network security and advanced threat detection features. -
12
phpMussel
PHP-based anti-virus anti-trojan anti-malware solution.
A PHP script designed to detect trojans, viruses, malware and other threats within files uploaded to your system wherever the script is hooked, based on the signatures of ClamAV and others. Un PHP script pour la détection de virus, logiciels malveillants et autres menaces dans les fichiers téléchargés sur votre système partout où le script est accroché, basé sur les signatures de ClamAV et autres. Einem PHP-Script, um Trojaner, Viren, Malware und andere Bedrohungen in Dateien zu entdecken, die auf Ihr System hochgeladen werden könnten, welches die Signaturen von ClamAV und weitere nutzt. Uno PHP script progettato per la rilevazione di trojan, virus, malware e altre minacce all'interno di file caricati nel sistema ovunque lo script è collegato, basato su firme di ClamAV e altri. -
13
USB Paranoiac
USB Security Scanner on Linux
This program allows you to examine suspicious USB storage devices before plugging them into your Windows computer. This is not an antivirus; it does not have heuristic or automatic detection-cleanup features. Just so you know, executable files are worth your attention. You decide whether they're dangerous or not. https://github.com/shampuan/USB-Paranoiac -
14
BypassHash
This tool downloads an executable and bypasses hash-based virus checks
This tool downloads an executable, ELF (Linux) and PE (Windows), modify metadata to bypasses hash-based virus checks and protect against identification with metadata (like rich headers, timestamps, ...). -
15
Edit the Windows Registry from a Live CD to Remove Malware and fix problems that keeps your system from booting.
-
16
Common network dump analyzer tool to extract application data and pretty show. It reassembles and shows HTTP/SMTP/POP3/IMAP etc files. Please donate if you want this to be a candy.
-
17
Compensato is full suite of diagnostic and troubleshooting tools (focused on troubleshooting Windows environments at the moment) that runs from an Ubuntu based Linux live environment. Once booted a browser winow will launch and the program will automatically look for a Windows installation to work with. You should be able to have this Windows installation visible to the system either internally or externally.
-
18
Stratagem - A honeypot distribution
A Linux based honeypot distribution
Stratagem is a Linux distro for honeypots, network forensics, malware analysis and other supporting tools. Stratagem is based on Linux Mint 14 XFCE. The following honeypots are setup and ready to go. Dionaea Kippo Glastopf HoneyD Amun labrea Tinyhoneypot Thug Conpot (See the wiki for more details on the contents) -
19
Trusted Path Execution LKM
A Linux Kernel Module that implements Trusted Path Execution
tpe-lkm is a Linux kernel module implementing Trusted Path Execution, a security feature that denies users from executing programs that are not owned by root, or are writable. This closes the door on a whole category of exploits where a malicious user tries to execute his or her own code to hack the system. Since the module doesn't use any kind of ACLs, it works out of the box with no configuration. It isn't complicated to test or deploy to current production systems. The module also has a few other grsecurity-inspired features implemented as "extras". -
20
hdom_access
receive an email when a file is accessed or modified on linux-unix
receive an email or done a command when a file is accessed or modified or renamed or erased on linux, watch your files access, secure your workstation against viruses and ransomware -
21
messor-opencart
Messor Security - IPS/WAF anti DDOS/bot and more for OpenCart3
Messor Free open source extension for OpenCart to protect your store. Each network member collects intruders and attacks data and then sends it to central servers, as well as distributes the current database to the rest network participants. The current concept provides real-time protection of your store from the network attacks. -
22
mod_detect
Detects changes to your Website, finds malware
I have several websites and some time ago I found code in one of my websites that I did not create. One of those scripts was able to send spam and the other one had some malware code in it. Now you can argue that my website was just not safe enough because who ever placed this code had been able to get in. That is true and the ideal situation is to have such a safe website that nobody can break in. But sometimes this is hard to achieve. mod_detect was developed to at least find code that someone else placed into the scripts of your website and eventually eliminate it. -
23
Air Raid Siren is multi-platform software designed to keep users safe on wireless networks when they log onto the Internet. This easy to use software protects against common attacks, like man-in-the-middle and packet sniffing.
-
24
Androick
Forensic analysis helper tool for android
Project now on Github : https://github.com/Flo354/Androick -
25
Anoubis is a Security Suite which implements a secured environment for applications. The core of the suite is an Application Firewall alongside with a Sandbox. Mechanisms to assure the authenticity of files, directories and applications are provided.
