Open Source Linux Cybersecurity Tools
Sort By:
Cybersecurity Tools for Linux
View 90 business solutionsBrowse free open source Cybersecurity tools and projects for Linux below. Use the toggles on the left to filter open source Cybersecurity tools by OS, license, language, programming language, and project status.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Dun and Bradstreet Risk Analytics - Supplier IntelligenceRisk, procurement, and compliance teams across the globe are under pressure to deal with geopolitical and business risks. Third-party risk exposure is impacted by rapidly scaling complexity in domestic and cross-border businesses, along with complicated and diverse regulations. It is extremely important for companies to proactively manage their third-party relationships. An AI-powered solution to mitigate and monitor counterparty risks on a continuous basis, this cutting-edge platform is powered by D&B’s Data Cloud with 520M+ Global Business Records and 2B+ yearly updates for third-party risk insights. With high-risk procurement alerts and multibillion match points, D&B Risk Analytics leverages best-in-class risk data to help drive informed decisions. Perform quick and comprehensive screening, using intelligent workflows. Receive ongoing alerts of key business indicators and disruptions.
-
1
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
2
Greenplum Database
Massive parallel data platform for analytics, machine learning and AI
Rapidly create and deploy models for complex applications in cybersecurity, predictive maintenance, risk management, fraud detection, and many other areas. With its unique cost-based query optimizer designed for large-scale data workloads, Greenplum scales interactive and batch-mode analytics to large datasets in the petabytes without degrading query performance and throughput. Based on PostgreSQL, Greenplum provides you with more control over the software you deploy, reducing vendor lock-in, and allowing open influence on product direction. Greenplum reduces data silos by providing you with a single, scale-out environment for converging analytic and operational workloads, like streaming ingestion. All major Greenplum contributions are part of the Greenplum Database project and share the same database core, including the MPP architecture, analytical interfaces, and security capabilities. -
3
cyborghawk v1.1
Latest-v1.1 of The World's most advanced pen testing distribution ever
updated version of The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
4
HydraPWK GNU/Linux
HydraPWK GNU/Linux Official SourceForge Pages.
-
Rent Manager SoftwareRent Manager is award-winning property management software built for residential, commercial, and short-term-stay portfolios of any size. The program’s fully customizable features include a double-entry accounting system, maintenance management/scheduling, marketing integration, mobile applications, more than 450 insightful reports, and an API that integrates with the best PropTech providers on the market.
-
5
Burp Suite Professional
Burp Suite Professional for Linux - AppImage Edition
Burp Suite Professional (Cracked) and wrapped into a Universal Package Format (AppImage) with Java openjdk-21. Only for Linux. -
6
Watcher
Open Source Cybersecurity Threat Hunting Platform
Watcher is a file integrity monitoring tool that detects unauthorized changes to files, helping organizations maintain compliance and security. -
7
pyWhat
Identify emails, IP addresses, and more
pyWhat is a Python-based identification tool designed to figure out “what” a piece of text or file content represents, especially in security and OSINT workflows. Given inputs such as hex strings, URLs, email addresses, IP addresses, credit card numbers, cryptocurrency wallets, or entire .pcap capture files, it scans for structured patterns and tells you what it finds. The tool is recursive: it can traverse files and directories to extract meaningful entities, which is useful when analyzing malware samples, network captures, or code repositories at scale. It offers powerful filters called “tags” and distributions that let you narrow results to specific categories like bug bounties, cryptocurrencies, or AWS-related artifacts. For automation and integration, pyWhat provides a CLI with options for rarity filtering, sorting, and JSON export, as well as an API that can be imported into other Python programs. -
8
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6. Security-ninjas 7. WordPress We are adding more labs in few days
-
9
BerserkArch
A bleeding-edge, security-centric Arch-based Linux distribution.
BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). As an Arch-based distribution, it benefits from the rolling release model, providing users with the latest software versions and kernel updates. BerserkArch is a dist "designed to make you powerful" for specific use cases like reverse-engineering binaries and automating exploits, rather than being an easy-to-use distribution for general beginners. -
The Most Powerful Software Platform for EHSQ and ESG ManagementChoose from a complete set of software solutions across EHSQ that address all aspects of top performing Environmental, Health and Safety, and Quality management programs.
-
10
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application. -
11
BunkerWeb
Next-generation and open-source Web Application Firewall (WAF).
Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them "secure by default". BunkerWeb integrates seamlessly into your existing environments (Linux, Docker, Swarm, Kubernetes, …) and is fully configurable (don't panic, there is an awesome web UI if you don't like the CLI) to meet your own use-cases . In other words, cybersecurity is no more a hassle. -
12
Burp Suite Community Edition
Burp Suite Community with java wrapped in a single file
A Universal Package Format (AppImage) for Burp Suite Community Edition with Java (openjdk-18) wrapped in a single file. It can be easily executed by a single click! -
13
Java Vulnerable Lab - Pentesting Lab
a deliberately vulnerable Web application
This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download Credentials for the VM: ------------------------ Username: root Password: cspf Stand-alone file: (Run the Jar file directly) -------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download -
14
justniffer is a TCP sniffer. It reassembles and reorders packets and displays the tcp flow in a customizable way. It can log network traffic in web server log format. It can also log network services performances (e.g. web server response times) and extract http content (images, html, scripts, etc)
-
15
cyborg hawk v 1.0
The World's most advanced penetration testing distribution ever
The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
16
MalbianLinux
GNU/Linux Distribution for Malware Analysis and Reverse Engineering.
Malbian is a Light-weight Debian Based GNU/Linux Distribution for Malware Analysis and Reverse Engineering designed to aid the user in both Static and Dynamic analysis of malware samples. 100% Free to use and distribute. About: https://github.com/MalbianLinux Installation Guide in: https://github.com/MalbianLinux/Malbian-ISOs/ -
17
BypassHash
This tool downloads an executable and bypasses hash-based virus checks
This tool downloads an executable, ELF (Linux) and PE (Windows), modify metadata to bypasses hash-based virus checks and protect against identification with metadata (like rich headers, timestamps, ...). -
18
S2OPC - Safe & Secure OPC UA
An Open Source Safe & Secure OPC UA stack
## S2OPC OPC UA Toolkit - Safe: IEC61508 and EN50128 integration ready, - Secure: CSPN certification, IEC62443 targeted, - Open-source: Apache 2.0 (non contaminating, no copy-left, no paid version), - Embedded: multiplatform (Linux, Windows, FreeRTOS, Zephyr), optimized footprint, real-time capable, - Industrial support by Systerel: support, training, specific integration and developments, certification support. For more information about support pricing, please contact us at `s2opc@systerel.fr` Its demo server is certified by the OPC Foundation (see Certification). ### About Systerel Systerel has been creating, designing, and implementing innovative solutions for over 20 years in the area of real-time and safety-critical systems. -
19
tirreno
Open Security Analytics
tirreno is open security analytics. tirreno [tir.ˈrɛ.no] helps understand, monitor, and protect your applications from cyber threats, account takeovers, bots, and abuse. While classic cybersecurity focuses on infrastructure and network perimeter, most breaches occur through compromised accounts and application logic abuse that bypasses firewalls, SIEM, WAFs, and other defenses. tirreno detects threats where they actually happen: inside your product. It adds a security layer to internal or external applications to identify malicious activity by analyzing user behavior, account activity, field changes history, and business logic abuse that infrastructure tools are unable to detect. -
20
HardenLinux
Shell Script to Harden Default Values in Linux Distributions
HardenLinux is a shell script designed to harden default values in Linux distributions and assist with malware removal. With root permissions, it can perform many tasks listed in a menu. As a script, HardenLinux is highly documented and easy to comprehend. -
21
cardionet
A beautiful, modern Terminal User Interface (TUI) for nmap
CardioNet simplifies network scanning by providing an intuitive graphical interface for nmap, making it accessible to both beginners and advanced users. Build complex scanning commands visually, execute them in real-time, and export results in multiple formats. -
22
BrowserBox
Remote browser isolation for all
BrowserBox is an embeddable, multiplayer browser that facilitates RBI (remote browser isolation) and zero trust protection. We've just integrated support for Tor. -
23
hdom_access
receive an email when a file is accessed or modified on linux-unix
receive an email or done a command when a file is accessed or modified or renamed or erased on linux, watch your files access, secure your workstation against viruses and ransomware -
24
In-Browser-File-Encrypter
The source code of the In-Browser-File-Encrypter web app
The In-Browser File Encrypter is a simple web application that enables you to securely encrypt your files directly in your browser using the AES-256 encryption algorithm in CBC mode. Check it out at: https://codepen.io/Northstrix/pen/xxvXvJL and https://northstrix.github.io/In-Browser-File-Encrypter/V1.0/web-app.html GitHub page: https://github.com/Northstrix/In-Browser-File-Encrypter The download shortcut: https://sourceforge.net/projects/in-browser-file-encrypter/files/V1.0%20%28Improved%20UI%29/V1.0%20%28Improved%20UI%29.zip/download Successfully tested in Google Chrome on Windows 11 and Fedora 40. -
25
AsyncPortScanner
Cross-platform asynchronous port scanner written in Nim.
Fast cross-platform asynchronous port scanner written in Nim.
