Open Source Linux Cybersecurity Tools - Page 2
Sort By:
Cybersecurity Tools for Linux
View 91 business solutions-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
Network Enumeration Tool
Network Enumeration Tool for Host Exploration and Recon
N-ETHER (Network Enumeration Tool for Host Exploration and Reconnaissance) is a robust and highly automated Python script designed to streamline the critical initial phases of network security auditing and penetration testing. It’s core purpose is to perform fast, comprehensive, and consistent host and port discovery across single targets or large lists of IP addresses. N-ETHER functions as an intelligent, opinionated wrapper around the powerful nmap tool, bundling best-practice scanning techniques—including service versioning, NSE scripting, and intelligent port selection—into a single, easy-to-use utility. This significantly reduces auditor workload and potential for human error compared to manually executing multiple complex nmap commands. Read the README!!! -
2
SENTINEL
Open-source behavioral intelligence platform for detecting child groom
SENTINEL is an open-source behavioral intelligence platform for detecting child grooming on digital platforms. Released by Sentinel Foundation in April 2026, it analyzes patterns of user behavior over time rather than scanning message content for keywords, identifying grooming sequences before direct harm occurs. Key capabilities: - Behavioral scoring across four signal types: linguistic register shifts, relationship graph evolution, temporal escalation patterns, and fairness gates - Tamper-evident audit logs (cryptographically chained, 7-year retention) for legal proceedings and regulatory compliance - Privacy-preserving federation: platforms share encrypted threat signatures without exposing raw messages or user identities - Demographic parity audits enforced as a deployment gate before any detection model goes live - Built-in compliance for EU Digital Services Act, UK Online Safety Act, COPPA, and GDPR Free for organizations under $100k annual revenue and all non-commerci -
3
A professional PE (Portable Executable) analysis and modification tool for Windows executables and DLLs.
-
4
hdom_access
receive an email when a file is accessed or modified on linux-unix
receive an email or done a command when a file is accessed or modified or renamed or erased on linux, watch your files access, secure your workstation against viruses and ransomware -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
In-Browser-File-Encrypter
The source code of the In-Browser-File-Encrypter web app
The In-Browser File Encrypter is a simple web application that enables you to securely encrypt your files directly in your browser using the AES-256 encryption algorithm in CBC mode. Check it out at: https://codepen.io/Northstrix/pen/xxvXvJL and https://northstrix.github.io/In-Browser-File-Encrypter/V1.0/web-app.html GitHub page: https://github.com/Northstrix/In-Browser-File-Encrypter The download shortcut: https://sourceforge.net/projects/in-browser-file-encrypter/files/V1.0%20%28Improved%20UI%29/V1.0%20%28Improved%20UI%29.zip/download Successfully tested in Google Chrome on Windows 11 and Fedora 40. -
6
BTS Pentesting Lab
BTS Pentesting Lab - a deliberately vulnerable Web application
BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities. Currently, the app contains the following types of vulnerabilities: *SQL Injection *XSS(includes Flash Based xss) *CSRF *Clickjacking *SSRF *File Inclusion * Code Execution *Insecure Direct Object Reference *Unrestricted File Upload vulnerability *Open URL Redirection *Server Side Includes(SSI) Injection and more... Java version of this application can be found here: https://sourceforge.net/p/javavulnerablelab/ -
7
BTS-SIO-SLAM-CYBER-INTERVENTION
Cybersecurity intervention for BTS SIO SLAM
You will find all the files to prepare a security intervention in a BTS SIO (SLAM - development part). This training aims to highlight the role of the developer in cybersecurity. Different software vulnerabilities are presented as well as the good practices that allow limiting them. To this goal, some aspects of a secure system design are addressed. Informations and documentation are here: https://sourceforge.net/p/bts-sio-slam-cyberintervention/wiki/Home/. -
8
Bootleg-Password-Vault
A password vault with client-side encryption and nice-looking UI
A password vault with client-side encryption and nice-looking UI built with React. The app is hosted at https://northstrix.github.io/Bootleg-Password-Vault/ The source code can also be found at: https://github.com/Northstrix/Bootleg-Password-Vault https://codeberg.org/Northstrix/Bootleg-Password-Vault The related article is available at: https://medium.com/@Northstrix/adbd8dad0442 -
9
BunkerWeb
Next-generation and open-source Web Application Firewall (WAF).
Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them "secure by default". BunkerWeb integrates seamlessly into your existing environments (Linux, Docker, Swarm, Kubernetes, …) and is fully configurable (don't panic, there is an awesome web UI if you don't like the CLI) to meet your own use-cases . In other words, cybersecurity is no more a hassle. -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
10
-
11
Cake Fuzzer
Security testing tool for CakePHP based web applications
Cake Fuzzer is an open-source project meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently, it is implemented to support the Cake PHP framework. Cake Fuzzer is based on the concept of Interactive Application Security Testing (IAST). The goals of the project are: - create an automated process of discovering vulnerabilities in applications based on the CakePHP Framework; - no application knowledge requirement or pre-configuration of the web application; - result with minimal or close to 0 amount of false positives; - require minimal security knowledge to run the scanner. -
12
CookieGuardAudit
A beginner-friendly Python CLI tool that audits website cookies.
CookieGuardAudit is a simple Python command-line security tool that checks a website's cookies for common security flag issues. It helps users quickly spot weak cookie settings such as missing Secure, missing HttpOnly, missing SameSite, and SameSite=None without Secure. This project is designed for beginners, defenders, students, and anyone learning basic web security auditing. -
13
Falcon_ArchLinux
Falcon ArchLinux pruple team tools cyber security
uses repo BlackArchlinux and ArchLinux -
14
FileSentinel
Simple Python file integrity checker for defensive security
FileSentinel is an open-source Python tool that helps users monitor folders for unexpected file changes. It creates a baseline using SHA-256 hashes and later compares the folder against that baseline to detect added, modified, and deleted files. It is designed as a beginner-friendly defensive security utility for students, small offices, and anyone learning basic file integrity monitoring. -
15
GUN
Cybersecurity protocol for syncing decentralized graph data
GUN is a small, easy, and fast data sync and storage system that runs everywhere JavaScript does. The aim of GUN is to let you focus on the data that needs to be stored, loaded, and shared in your app without worrying about servers, network calls, databases, or tracking offline changes or concurrency conflicts. This lets you build cool apps fast. When a browser peer asks for data, it'll merge the reply with its own data using a CRDT, then cache the result. GUN is fully decentralized (peer-to-peer or multi-master), meaning that changes are not controlled by a centralized server. A server can be just another peer in the network, one that may have more reliable resources than a browser. You save data on one machine, and it will sync it to other peers without needing a complex consensus protocol. It just works. GUN can be used in both browsers and servers. We have made it easy to install in many different environments. -
16
INVISIX
INVISIX.IO - Corporate-grade privacy solution, out of the box.
🚫 One tiny box. Infinite freedom. Network-wide AdBlocker and TrackerBlocker. 💼 Secure free VPN through your office or home network — remote traffic enjoys the same AdBlock protection. 🏆 Designed for corporations, freelancers, and small companies. Simple enough for home users due to its reduced price. -
17
Incident Response Automation
Incident Response Automation Tool
This tool simulates automated defensive actions, such as blocking an IP address on a firewall, in response to detected threats. Quick Start To use this tool, run the responder: # Block an IP address python lab_runner.py incident-response --ip 10.10.10.xxx --reason "Malicious Activity Detected" -
18
Lakhash
An experimental cloud storage service featuring client-side encryption
An experimental cloud storage service built with Next.js, featuring client-side file encryption, a dedicated password vault, advanced integrity verification functionality, and a convenient UI. Lakhash is also equipped with the password vault. Check it out at https://lakhash.netlify.app GitHub repository: https://github.com/Northstrix/Lakhash Codeberg repository: https://codeberg.org/Northstrix/Lakhash/ The related Medium article can be found at https://medium.com/@Northstrix/2be1c60ec6e8 -
19
Midbar ESP32 CYD Firebase Edition
A version of Midbar data vault adapted for the ESP32 CYD and WebFlash.
A version of Midbar data vault adapted for the ESP32 CYD and WebFlash. It keeps the cryptographic keys in the ESP32 RAM and stores the ciphertexts (encrypted data) in the Google Firebase. The tutorial is available at: https://www.instructables.com/How-to-Turn-ESP32-CYD-Into-a-Secure-IoT-Data-Vault/ WebFlash for ESP32-CYD: https://northstrix.github.io/Midbar-ESP32-CYD-Firebase-Edition/flash WebFlash for ESP32-CYD2USB: https://northstrix.github.io/Midbar-ESP32-CYD2USB-Firebase-Edition/flash -
20
Midbar Firebase Edition
Midbar Firebase Edition stores data in the cloud, keeps keys on device
Midbar Firebase Edition - is the edition of Midbar that stores the encrypted data in the cloud while keeping the cryptographic keys on the device! It comes with the firmware for the hardware IoT data vault and the desktop app that's synced with the vault via the Google Firebase. A vault and an app can be used without one another. The GitHub repository is available at github.com/Northstrix/Midbar-Firebase-Edition Tutorial for V1 https://www.instructables.com/DIY-IoT-Data-Vault-With-Google-Firebase/ Tutorial for V2 https://medium.com/@Northstrix/syncing-mcu-password-vault-with-desktop-app-using-google-firebase-28963e060444 Tutorial for V3 https://www.instructables.com/DIY-Advanced-IoT-Password-Vault-Synced-With-Deskto/ GitHub Repository: https://github.com/Northstrix/Midbar-Firebase-Edition -
21
The PCS Security Technology Evaluation Tool (P-STET) is a tool funded by the I3P which allows maintainers of Critical Infrastructure systems to evaluate and compare the costs and benefits of implementing cyber security technology.
-
22
Passive-Network-Scan-L2/3
Passive network discovery tool focused on Layer 2 and Layer 3 packets
Passive-Network-Scan-L2/3 is a lightweight, passive network discovery tool that listens on a network interface in promiscuous mode and collects Layer 2 and Layer 3 signalling (ARP, STP, DHCP, mDNS, SSDP). It aggregates discovered hosts by MAC address, attempts to measure passive RTTs for request/response protocols, maintains per-protocol RTT histories and simple service hints, and can emit structured events and a final table in JSON or CSV formats. -
23
Plum Harbor Deutsch
German version of the "Plum Harbor" file sharing app.
Eine experimentelle Dateifreigabe App, die mit Next.js und Perplexity entwickelt wurde und es den Nutzern ermöglicht, Dateien einfach zu teilen, zu empfangen, zu senden und erneut zu senden. Die App verwendet ML-KEM-1024, ChaCha20, Serpent-256 und HMAC-SHA512, um die Vertraulichkeit und Integrität der Daten zu gewährleisten. Außerdem ist die App mit einem speziellen Passwortspeicher ausgestattet. Schau es dir an unter: https://plum-harbor-deutsch.netlify.app/ GitHub: https://github.com/Northstrix/plum-harbor-deutsch Codeberg: https://codeberg.org/Northstrix/plum-harbor-deutsch English Version: Deployed app: https://plum-harbor.netlify.app/ SourceForge: https://sourceforge.net/projects/plum-harbor/ GitHub page: https://github.com/Northstrix/plum-harbor Codeberg page: https://codeberg.org/Northstrix/plum-harbor -
24
Rock the Flag network (RTFn), is a set of services that allow you to better collaborate. The intended use is for information/cyber-security related capture the flag or war games. The main driver behind RTFn is a modified Etherpad installation. Now located on github! https://github.com/theopolis/RTFn-lite
-
25
Remme PKI (d) Protocol
Blockchain-based distributed PKI protocol
Remme Protocol is a blockchain-based protocol focused on digital key and identity lifecycle management to resolve issues related to cybersecurity, IoT connectivity, data integrity, digital copyright protection, transparency etc. Some of the groundbreaking features include: - Free Rate Limited Transactions - Low Latency Block confirmation (0.5 seconds) - Attribute-based identity and access control - Designed for Sparse Header Light Client Validation - Time Delay Security - Hierarchical Role Based Permissions - Support for Biometric Hardware Secured Keys (e.g. Apple Secure Enclave) - Designed for Parallel Execution of Context Free Validation Logic - Designed for Inter Blockchain Communication Read the Tech paper here: https://github.com/Remmeauth/Documentation/blob/master/RemmeProtocolTechPaper.md
