Open Source Linux Anti-Malware Software
Sort By:
Anti-Malware Software for Linux
View 7 business solutionsBrowse free open source Anti-Malware software and projects for Linux below. Use the toggles on the left to filter open source Anti-Malware software by OS, license, language, programming language, and project status.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
1
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks. -
2
Cuckoo Sandbox
Cuckoo Sandbox is for automated analysis of malware
Cuckoo Sandbox uses components to monitor the behavior of malware in a Sandbox environment; isolated from the rest of the system. It offers automated analysis of any malicious file on Windows, Linux, macOS, and Android. -
3
Robolinux
Announcing Robolinux Cinnamon 14.1
Announcing The New Robolinux Series 14 Mate LTS - 2034 Robolinux is very pleased to announce a completely new 14.1 Mate privacy centered 1inux operating system you can download freely while also offering our users an optional 14+ advanced upgrade which comes with our Untracker and FAAST Boot along with one click popular privacy software installers like Tor and I2p, Wireshark and Bleachbit plus many more for a fair and reasonable price. Robolinux14.1-Mate is ideal for beginners and advanced users. We are proud that it comes with Enoch AI which is TOTALLY 100% PRIVATE, FREE, HONEST & UNCENSORED built into Robolinux Cinnamon 14.1 The Robolinux 14.1 version with rock solid Long Term Support through 2034! requires users to set secure boot in their BIOS. It is currently available in the Cinnamon desktop flavor. we will release series 14 Xfce version in the next two months.For more information please see Readme file. Warmest regards John Martinson Robolinux.org -
4
theZoo
A repository of LIVE malwares for malware analysis and security
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev. theZoo’s purpose is to allow the study of malware and enable people who are interested in malware analysis (or maybe even as a part of their job) to have access to live malware, analyse the ways they operate, and maybe even enable advanced and savvy people to block specific malware within their own environment. Please remember that these are live and dangerous malware! They come encrypted and locked for a reason! Do NOT run them unless you are absolutely sure of what you are doing! They are to be used only for educational purposes. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
ClamTk is a graphical interface for Clam Antivirus. It is designed to be an easy-to-use, lightweight, on-demand desktop virus scanner for Linux.
-
6
HoneyDrive
Honeypots in a box! HoneyDrive is the premier honeypot bundle distro.
HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution. -
7
readpe
The PE file analysis toolkit
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones. -
8
AdwCleaner is a free tool that will scan your computer and efficiently removes Adware (ads softwares), PUP/LPI (Potentially Undesirable Program), Toolbars, Hijacker (Hijack of the browser's homepage). It also features anti adware host that will help to prevent advertising software from installing on your machine. It works with a Search and Delete mode. It can be easily uninstalled using the mode "Uninstall". AdwCleaner is now part of the Malwarebytes family. We at Malwarebytes are big fans too. That's why we've asked Jerome Boursier, Corentin Chepeau, and the rest of the AdwCleaner team to join us. We're now working together to make a malware-free existence a reality for everyone. Don't worry--we will maintain, support, and keep AdwCleaner free for everyone. We believe in its mission, and will be integrating its technology into Malwarebytes products in the future. Learn more about the acquisition.
-
9
LSG - Linux SecureGuard
Professional antivirus solution developed for Linux systems.
Professional antivirus solution developed for Linux systems. Protects your Linux servers and desktop systems with real-time protection, network security and advanced threat detection features. -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, etc. The package also contains cron, logrotate, and man files.
-
11
phpMussel
PHP-based anti-virus anti-trojan anti-malware solution.
A PHP script designed to detect trojans, viruses, malware and other threats within files uploaded to your system wherever the script is hooked, based on the signatures of ClamAV and others. Un PHP script pour la détection de virus, logiciels malveillants et autres menaces dans les fichiers téléchargés sur votre système partout où le script est accroché, basé sur les signatures de ClamAV et autres. Einem PHP-Script, um Trojaner, Viren, Malware und andere Bedrohungen in Dateien zu entdecken, die auf Ihr System hochgeladen werden könnten, welches die Signaturen von ClamAV und weitere nutzt. Uno PHP script progettato per la rilevazione di trojan, virus, malware e altre minacce all'interno di file caricati nel sistema ovunque lo script è collegato, basato su firme di ClamAV e altri. -
12
sktrap (script kiddies trap) is a tiny intrusion detection system. Installed on the monitor server, it runs tests via ssh on its clients. Cracks very visible (files,open ports). Built in reply to and very succesful in finding real-world break-ins.
-
13
USB Paranoiac
USB Security Scanner on Linux
This program allows you to examine suspicious USB storage devices before plugging them into your Windows computer. This is not an antivirus; it does not have heuristic or automatic detection-cleanup features. Just so you know, executable files are worth your attention. You decide whether they're dangerous or not. https://github.com/shampuan/USB-Paranoiac -
14
Androick
Forensic analysis helper tool for android
Project now on Github : https://github.com/Flo354/Androick -
15
BypassHash
This tool downloads an executable and bypasses hash-based virus checks
This tool downloads an executable, ELF (Linux) and PE (Windows), modify metadata to bypasses hash-based virus checks and protect against identification with metadata (like rich headers, timestamps, ...). -
16
Edit the Windows Registry from a Live CD to Remove Malware and fix problems that keeps your system from booting.
-
17
Common network dump analyzer tool to extract application data and pretty show. It reassembles and shows HTTP/SMTP/POP3/IMAP etc files. Please donate if you want this to be a candy.
-
18
Compensato is full suite of diagnostic and troubleshooting tools (focused on troubleshooting Windows environments at the moment) that runs from an Ubuntu based Linux live environment. Once booted a browser winow will launch and the program will automatically look for a Windows installation to work with. You should be able to have this Windows installation visible to the system either internally or externally.
-
19
Technician's Virus Cleanup Script, aka TeViCS, is a batch script that is customizable and automates many of the necessary and recommended steps when removing a virus. It can reset registry entries, remove temporary files, run anti-virus scans, etc.
-
20
hdom_access
receive an email when a file is accessed or modified on linux-unix
receive an email or done a command when a file is accessed or modified or renamed or erased on linux, watch your files access, secure your workstation against viruses and ransomware -
21
messor-opencart
Messor Security - IPS/WAF anti DDOS/bot and more for OpenCart3
Messor Free open source extension for OpenCart to protect your store. Each network member collects intruders and attacks data and then sends it to central servers, as well as distributes the current database to the rest network participants. The current concept provides real-time protection of your store from the network attacks. -
22
Air Raid Siren is multi-platform software designed to keep users safe on wireless networks when they log onto the Internet. This easy to use software protects against common attacks, like man-in-the-middle and packet sniffing.
-
23
Anoubis is a Security Suite which implements a secured environment for applications. The core of the suite is an Application Firewall alongside with a Sandbox. Mechanisms to assure the authenticity of files, directories and applications are provided.
-
24
Bifrozt
High interaction honeypot solution for Linux based systems
NOTICE: The format of this project has been changed from ISO to using ansible and has been moved to GitHub. Github link: https://github.com/Bifrozt/bifrozt-ansible -
25
Botnet Detectors Comparer
Compares botnet detection methods
Compares botnet detection methods by computing the error metrics by reading the labels on a NetFlow file. The original NetFlow should have a new column for the ground-truth label, and a new column with the prediction label for each botnet detection method. This program computes all the error metrics (TPR, TNR, FPR, FNR, Precision, Accuracy, ErrorRate, FMeasure1, FMeasure2, FMeasure0.5) and output the comparison results. It also ouputs a png plot. The program can compare in a flow-by-flow basis, or it can apply our new botnet detection error metrics, that is time-based, detects IP addresses instead of flows and it is weighted to favor sooner detections. See the paper for more details.
