Open Source Linux Security Software - Page 8
Sort By:
Security Software for Linux
View 618 business solutions-
Simplify safety management and get everyone involved with your EHSQ goals! SafetyAmp is easy, cloud-based, mobile-friendly software to increase engagement, reduce risk, connect your workforce, and improve EHSQ workflows. Trusted across industries by today's workforce - SafetyAmp is the modern, configurable EHSQ solution you've been looking for.
-
Reduce your overall freight spend with a global, modular, cloud-based transportation management solution (TMS). Enable collaboration across the end-to-end process of transporting goods by connecting shippers with their carriers, suppliers and customers.
-
1
htmLawed
PHP code to purify & filter HTML
The htmLawed PHP script makes HTML more secure and standards- & policy-compliant. The customizable HTML filter/purifier can balance tags, ensure proper nestings, neutralize XSS, restrict HTML, beautify code like Tidy, implement anti-spam measures, etc. -
2
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails app
Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Brakeman now uses the parallel gem to read and parse files in parallel. By default, parallel will split the reading/parsing into a number of separate processes based on number of CPUs. In testing, this has dramatically improved speed for large code bases, around 35% reduction in overall scan time. Brakeman will now track and return very simple literal values (e.g. strings, hashes of literals, arrays of literals) from very simple class methods (e.g. single line). Since ActiveRecord enums essentially generate some class (and instance) methods that return fixed literal values, the above class method return values is also used to support enum. -
3
Cryptomator
Multi-platform transparent client-side encryption for your cloud files
Cryptomator is a free and open source project that offers multi-platform, transparent client side encryption of your files in the cloud. It works with just about any cloud storage service; is totally transparent so you can work with your files how you normally would; and secure with a 256-bit key length AES encryption. It’s also simple and easy to use with no need for different accounts, key management, cloud access grants or cipher configurations. -
4
FingerprintJS
Browser fingerprinting library
FingerprintJS is a source-available, client-side, browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them. Unlike cookies and local storage, a fingerprint stays the same in incognito/private mode and even when browser data is purged. Since FingerprintJS processes and generates the fingerprints from within the browser itself, the accuracy is limited (40% - 60%). For example, when 2 different users send requests using identical (i.e. same version, same vendor, same platform), browsers, FingerprintJS will not be able to tell these two browsers apart, primarily because the attribitutes from these browsers will be identical. Fingerprint Identification is a closed-source, commercial device identification product designed for fraud detection, device identification, marketing attribution, and analytics. -
ConnectWise Sell offers a wide range of tools that enables IT solution providers to save time, quote more, and win big. Top features include professional quote or proposal templates, product catalog and sourcing, workflow automation, sales reporting, and integrations with best-in-breed solutions like Cisco, Dell, HP, and Salesforce.
-
5
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration) oauth2-proxy can be configured via command line options, environment variables or config file (in decreasing order of precedence, i.e. command line options will overwrite environment variables and environment variables will overwrite configuration file settings). -
6
Osquery
SQL operating system instrumentation and monitoring framework
Osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive. Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process. -
7
Personal Management System
Your web application for managing personal data
It's easier to understand this web application when you think about a CMS (WordPress) or CRM (SugarCRM); the logic behind this system is very similar to those two. My PMS may offer fewer possibilities than those systems above, but it just does what I want it to do. Additionally, writing extensions is not too hard, depending on the logic required. Anyone with development knowledge can pretty much write their own extensions for personal needs. Keep a track of your personal goals. You can use tools to keep track of your goals progress or use the payments submodule to keep an eye of the money amount that you want to collect for something. Add any personal note to the desired category. Here, you can keep any small information that you need; it can be either quick notes from phone calls, a bunch of information collected all around different pages, or some links to things that you want to check somewhere later in the future. -
8
A network access control (NAC) system featuring a captive-portal for registration and remediation, wired and wireless management, 802.1X support, isolation of devices, integration with IDS; it can be used to secure networks from small to large. Source code is hosted here: https://github.com/inverse-inc/packetfence Issue tracker tracker is hosted here: http://www.packetfence.org/bugs/
-
9
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
Get anytime, anywhere access to your bank or credit union’s financial performance. Get insights into your bank or credit union’s financial performance from anywhere with secure, cloud-based access. Get margin components, branch performance, forecasts and more with point-and-click simplicity. Banker’s Dashboard and Credit Union dashboard integrate seamlessly with your core processor. Quick and easy setup, so you can start improving your bottom line right away. Automate reporting and eliminate errors, freeing you to focus on more value-added tasks. Quickly run and revise multiple forecast scenarios, so you can analyze variances and alternative strategies. Measure and compare branch performance. Institute best practices and hold each branch accountable for better results.
-
10
Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, web filtering, anti-virus, anti-spyware, intrusion prevention, bandwidth control, captive portal, VPN, firewall, and more. Visit http://untangle.com
-
11
Sn3rpOs_v7.21: CoNt4g1N
TinFoilSec Presents: Sn3rpOs_v7.21 (CoNt4g1N)
*Updated 11/05/2021 TinfoilSec Presents: Sn3rpOs [Codename: CoNt4g1N] Features: Xfce4 Desktop Kali Linux Full System Torified with Privoxy & Tor bleachbit Wire Signal Veracrypt All repos transported through Privoxy&Tor dnscrypt-proxy (no-logs) Tor Browser Custom Tor Switcher and Pyloris Firefox-esr (configured with tor) Thunderbird ProtonVPN (Free VPN no-logs) Sn1per Vault Scanner RED_HAWK Fork of Kali Rolling, Debian Stretch/Buster -No Back Doors- Now with UEFI boot support and of course bacon. XD login: tfs passwd: toor As Always RTFM! (README file) -
12
-
13
tcpreplay
edit and replay captured network traffic
tcpreplay is a suite of tools to edit and replay captured network traffic. -
14
Liberté Linux
Liberté Linux: Mission-critical stealth communication
Liberté Linux is a secure, lightweight, and easy to use Gentoo-based Linux distribution intended as a communication aid in hostile environments. Liberté installs on a USB key, and boots on any computer or laptop. -
15
GlobalPlatform
Implementation of GlobalPlatform smart card specification
The GlobalPlatform card specification is a standard for the management of the contents on a smart card. Mainly this comprises the installation and the removal of applications. This project offers a C library and a command line shell. Find more information on https://kaoh.github.io/globalplatform/ -
16
Alertmanager
Prometheus Alertmanager
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It also takes care of silencing and inhibition of alerts. Precompiled binaries for released versions are available in the download section on prometheus.io. Using the latest production release binary is the recommended way of installing Alertmanager. The current Alertmanager API is version 2. This API is fully generated via the OpenAPI project and Go Swagger with the exception of the HTTP handlers themselves. A HTML rendered version can be accessed and clients can be easily generated via any OpenAPI generator for all major languages. -
17
Bitwarden Desktop Application
Secure desktop password management application
Bitwarden is an easy-to-use and secure desktop vault for managing passwords and other sensitive data. It helps individuals and teams share, store and sync sensitive data, and create and secure passwords. All data is fully encrypted before it even leaves your device, with end-to-end AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256. Written using Electron and Angular, this native desktop application can be accessed on Windows, macOS and Linux desktops. -
18
Infection Monkey
Infection Monkey is a automated security testing tool for networks
Infection Monkey is a open source automated security testing tool for testing a network's security baseline. Monkey is a tool that infects machines and propagates and Monkey Island is the server for an administrator to control and visualize progress of Infection Monkey. -
19
SCAP Security Guide
Security automation content in SCAP, Bash, Ansible, and other formats
The purpose of this project is to create security policy content for various platforms, Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, SUSE Linux Enterprise Server (SLES), as well as products, Firefox, Chromium, JRE. We aim to make it as easy as possible to write new and maintain existing security content in all the commonly used formats. "SCAP content" refers to documents in the XCCDF, OVAL and Source DataStream formats. These documents can be presented in different forms and by different organizations to meet their security automation and technical implementation needs. For general use, we recommend Source DataStreams because they contain all the data you need to evaluate and put machines into compliance. The datastreams are part of our release ZIP archives. "Ansible content" refers to Ansible playbooks generated from security profiles. These can be used both in check-mode to evaluate compliance, as well as run-mode to put machines into compliance. -
20
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages the Open Policy Agent (OPA) engine so that you can easily create custom policies using the Rego query language. Monitor provisioned cloud infrastructure for configuration changes that introduce posture drift, and enables reverting to a secure posture. Detect security vulnerabilities and compliance violations. -
21
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. Permission control, load balancing, route control, DNS resolver and proxy, and TUN/TAP Device. In GOST, GOST and other proxy services are considered as proxy nodes, GOST can handle the requests itself, or forward the requests to any one or more proxy nodes. In addition to configuring services directly from the command line, parameters can also be set by specifying the external configuration file with the -C parameter. -
22
grype
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating system packages. Find vulnerabilities for language-specific packages. You can also choose another destination directory and release version for the installation. The destination directory doesn't need to be /usr/local/bin, it just needs to be a location found in the user's PATH and writable by the user that's installing Grype. If you're using GitHub Actions, you can simply use our Grype-based action to run vulnerability scans on your code or container images during your CI workflows. -
23
kubelogin
kubectl plugin for Kubernetes OpenID Connect authentication
Kubelogin is designed to run as a client-go credential plugin. When you run kubectl, kubelogin opens the browser and you can log in to the provider. Then kubelogin gets a token from the provider and kubectl accesses Kubernetes APIs with the token. If you install via GitHub releases, you need to put the kubelogin binary on your path under the name kubectl-oidc_login so that the kubectl plugin mechanism can find it when you invoke kubectl oidc-login. The other install methods do this for you. If the cached ID token is valid, kubelogin just returns it. If the cached ID token has expired, kubelogin will refresh the token using the refresh token. If the refresh token has expired, kubelogin will perform re-authentication (you will have to login via browser again). -
24
testssl.sh
Testing TLS/SSL encryption anywhere on any port
testssl.sh is a free command-line tool that checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. testssl.sh is free and open-source software. You can use it under the terms of GPLv2, please review the License before using it. Works for Linux, Mac OSX, FreeBSD, NetBSD and WSL/MSYS2/Cygwin out of the box, no need to install or configure something, no gems, CPAN, pip or the like. OpenBSD only needs bash to be postinstalled. You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443. Several command line options help you to run your test and configure your output. If a particular check cannot be performed because of a missing capability on your client side, you'll get a warning. You can look at the code, see what's going on and you can change it. -
25
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/