Open Source Security Software - Page 5
Sort By:
Security Software
View 5818 business solutions-
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
1
PAC is a Perl/GTK replacement for SecureCRT/Putty/etc (linux ssh/telnet/... gui)... It provides a GUI to configure connections: users, passwords, EXPECT regular expressions, macros, etc. You like 'SecureCRT/SSHMenu'? Check this tool and let me know
-
2
RELIANOID
Network Load Balancer and Application Security
RELIANOID is an open core (Debian GNU/Linux based) Application Delivery Controller (ADC) with advanced load balancing features such as Network Load Balancer, Application Load Balancer with SSL offloading, Advance Network Configuration including Virtual Interfaces, VLANs, Bonding with link aggregation, IPv4/IPv6, advanced routing, stateless cluster, web GUI, JSON API and much more! Enterprise Edition Load Balancer is available with extra features such as global service load balancing (gslb), application security including web application firewall (WAF), blacklists, Realtime Blackhole Lists (DNSBL), DDoS protection, stateful clustering, SNMP monitoring, email and SNMP notifications, RBAC, VPN support, and the best Support directly from an expert Team. -
3
RustScan
The Modern Port Scanner
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Scans all 65k ports in 3 seconds. Full scripting engine support. Automatically pipe results into Nmap, or use our scripts (or write your own) to do whatever you want. Adaptive learning. RustScan improves the more you use it. No bloated machine learning here, just basic maths. The usuals you would expect. IPv6, CIDR, file input and more. Automatically pipes ports into Nmap. RustScan is a modern take on the port scanner. Sleek & fast. All while providing extensive extendability to you. Not to mention RustScan uses Adaptive Learning to improve itself over time, making it the best port scanner for you. Speed is guaranteed via RustScan. However, if you want to run a slow scan due to stealth that is possible too. We have tests that check to see if RustScan is significantly slower than the previous version. -
4
airgeddon
This is a multi-use bash script for Linux systems
airgeddon is an alive project growing day by day. Interface mode switcher (Monitor-Managed) keeping selection even on interface name changing. DoS over wireless networks using different methods (mdk3, mdk4, aireplay-ng). "DoS Pursuit mode" is available to avoid AP channel hopping (available also on DoS performed on Evil Twin attacks). Full support for 2.4Ghz and 5Ghz bands. Assisted WPA/WPA2 personal networks Handshake file and PMKID capturing. Cleaning and optimizing Handshake captured files. Offline password decrypting on WPA/WPA2 captured files for personal networks (Handshakes and PMKIDs) using a dictionary, brute-force, and rule-based attacks with aircrack, crunch and hashcat tools. Enterprise networks captured password decrypting based on john the ripper, crunch, asleap and hashcat tools. GPU support available for hashcat. Only Rogue/Fake AP mode to sniff using external sniffer (Hostapd + DHCP + DoS). -
Add Two Lines of Code. Get Full APM.Works out of the box for Rails, Django, Express, Phoenix, and more. Monitoring exceptions and performance in no time.
-
5
Steghide is a steganography program that is able to hide data in various kinds of image- and audio-files. The color- respectivly sample-frequencies are not changed thus making the embedding resistant against first-order statistical tests.
-
6
Telegram-OSINT
https://github.com/The-Osint-Toolbox/Telegram-OSINT
Telegram-OSINT is an extensive open source repository that compiles tools, techniques, and resources for conducting open source intelligence investigations on the Telegram platform. It serves as a central reference for analysts, researchers, and investigators who want to discover, analyze, and collect publicly available information from Telegram channels, groups, and bots. It organizes a wide variety of utilities that interact with Telegram’s API to gather data such as channel details, posts, and metadata, often exporting the results in formats like JSON for further analysis. The repository also includes utilities that help search for Telegram channels or process lists of channels from input files, making large-scale investigations easier to manage. In addition to direct data collection tools, it provides resources for channel discovery, similar channel analysis, and browser-based interfaces for interacting with Telegram data. -
7
qFlipper
Desktop application for updating Flipper Zero firmware via PC
qFlipper is a cross-platform desktop application that serves as the official graphical interface for managing and maintaining the Flipper Zero device from a computer environment. Built using the Qt framework, it runs on Windows, macOS, and Linux, providing a consistent user experience across operating systems. Its primary function is to simplify firmware management by allowing users to update, repair, or install firmware with a single action, reducing the complexity typically associated with embedded device maintenance. In addition to firmware operations, qFlipper includes tools for backing up and restoring user data, ensuring that configurations and captured assets are preserved during updates or troubleshooting. The application also enables users to stream the Flipper Zero display and remotely control the device from their computer, effectively extending its interface beyond the physical hardware. -
8
Shortcut Virus Removal Tool
Powerful and Easy to Use USB Shortcut Virus Removal Tool for Windows
Shortcut Virus Removal Tool (SVRT) Shortcut Virus Removal Tool is a powerful, portable, easy to use and safe program for fixing USB drives, external HDD / SSD drives and computers infected with shortcut virus. With only one click, you can remove shortcut virus from your computer and USB disk drive. It can restore files hidden by a virus and remove suspicious shortcuts and files from your USB drive and computer. It can repair registry and undo unwanted changes made by malware. It can also delete autorun virus from your USB drive. It has a very simple interface. You just have to select your USB drive from list and click Clean button. If the tool does not work, please right click and "Run as Administrator." The tool currently supports five different languages: English, German, Turkish, Arabic and Indonesian. This tool requires .NET Framework 4.0 and Windows XP or later. -
9
PhoneInfoga
Information gathering framework for phone numbers
PhoneInfoga is an open-source intelligence framework focused on gathering and analyzing information related to international phone numbers. The tool aggregates data from multiple scanners and external services to provide contextual intelligence such as country, carrier, line type, and potential VoIP provider details. It is designed primarily for investigators, analysts, and security researchers who need structured phone-number reconnaissance rather than real-time tracking. PhoneInfoga intentionally avoids automation of invasive actions and instead assists manual investigations by correlating publicly available data. The platform includes both a command-line interface and a web client backed by a REST API, making it suitable for integration into larger investigative workflows. Because it relies heavily on external data sources, its effectiveness depends on proper configuration of scanners and APIs. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
SecLists
The Pentester’s Companion
SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. All the tester will have to do is pull this repo onto a new testing box and he’ll have access to every type of list he may require. -
11
Network Security Toolkit (NST)
A network security analysis and monitoring toolkit Linux distribution.
Network Security Toolkit (NST) is a bootable ISO image (Live USB Flash Drive) based on Fedora 42 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 systems. The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines. -
12
Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. Development has been moved to GitHub, https://github.com/Ettercap/ettercap
-
13
IPCop Firewall
Linux firewall distribution geared towards home and SOHO users.
The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy. -
14
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. This is not intended for end-user self-assessment. If you are concerned with the security of your device please seek expert assistance. Compare extracted records to a provided list of malicious indicators in STIX2 format. Generate JSON logs of extracted records, and separate JSON logs of all detected malicious traces. -
15
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
16
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks. -
17
IBM's TPM 2.0 TSS
IBM's TPM 2.0 TSS
This is a user space TSS for TPM 2.0. It implements the functionality equivalent to (but not API compatible with) the TCG TSS working group's ESAPI, SAPI, and TCTI API's (and perhaps more) but with a hopefully simpler interface. It comes with over 110 "TPM tools" samples that can be used for scripted apps, rapid prototyping, education, and debugging. It also comes with a web based TPM interface, suitable for a demo to an audience that is unfamiliar with TCG technology. It is also useful for basic TPM management. See the below link for operating system, platform, and hardware support. See the companion IBM TPM 2.0 at https://sourceforge.net/projects/ibmswtpm2/ and attestation at projects/ibmtpm2acs I welcome (1) bug reports, (2) documentation requests, (3) suggestions for ECC tests, and (4) requests for features for which you have an immediate need. See the wiki for additional support - additions to the documentation. -
18
Cuckoo Sandbox
Cuckoo Sandbox is for automated analysis of malware
Cuckoo Sandbox uses components to monitor the behavior of malware in a Sandbox environment; isolated from the rest of the system. It offers automated analysis of any malicious file on Windows, Linux, macOS, and Android. -
19
WinRAR
Compress, Encrypt, Package and Backup with only one utility
WinRAR is a powerful file archiver and compression tool that supports multiple file formats, including RAR and ZIP. It is widely used for compressing large files into smaller, more manageable sizes and decompressing files into their original format. WinRAR offers advanced features for both personal and professional use, such as file encryption, password protection, and splitting large files into smaller parts for easier storage or transfer. Its intuitive interface makes it easy for users to compress, encrypt, and share files quickly and efficiently. -
20
Parrot Project
Security, Development and Privacy Defense, all in one place.
Parrot is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. -
21
metasploitable3-ub1404upgraded
An ova file for Metasploitable 3 ubuntu 14.04 virtual machine
An ova file for Metasploitable 3 ubuntu 14.04 virtual machine. Download here https://sourceforge.net/projects/metasploitable3-ub1404upgraded/files/ Upgraded build from this project https://github.com/rapid7/metasploitable3 apt update && apt upgrade ran on it Jan 8, 2022 . ESM repository not added so 169 or so security updates could be made further. Otherwise ubuntu no longer supplies upgrades to 14.04. Hard disk in vmdk format. To add to VirtualBox as a VM. Download Metasploitable3-ub1404.ova Selerct FILE tab, Choose Import Appliance Browse for this ova file on your computer. Modify settings such as RAM as desired, and name of VM, etc Deselect import hdd as vdi, if you want to keep vmdk format Then start the New VM. Username - vagrant;password - vagrant -
22
Flipper Zero Firmware
Flipper Zero firmware source code
Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware, and more. It's fully open-source and customizable, so you can extend it in whatever way you like. Flipper Zero is a tiny piece of hardware with a curious personality of a cyber-dolphin. It can interact with digital systems in real life and grow while you use it. Explore any kind of access control system, RFID, radio protocols, and debug hardware using GPIO pins. The idea of Flipper Zero is to combine all the hardware tools you'd need for exploration and development on the go. Flipper was inspired by the pwnagotchi project, but unlike other DIY boards, Flipper is designed with the convenience of everyday usage in mind — it has a robust case, handy buttons, and shape, so there are no dirty PCBs or scratchy pins. Flipper turns your projects into a game, reminding you that development should always be fun. -
23
Gpg4win
GnuPG for Windows
Gpg4win is the official Windows distribution of the GnuPG encryption ecosystem, providing an accessible graphical environment for secure email and file protection. It packages the GnuPG engine together with user-friendly tools such as certificate management utilities, Windows Explorer integration, and Outlook plugins, enabling encryption workflows without requiring command-line expertise. The suite supports both OpenPGP and S/MIME standards, allowing organizations and individuals to secure communications using widely recognized cryptographic methods. Users can easily encrypt, decrypt, sign, and verify files or entire folders directly from the Windows interface, making the software suitable for everyday business use. Gpg4win emphasizes strong cryptographic defaults and compatibility with smart cards and enterprise certificate infrastructures. -
24
Hackingtool
ALL IN ONE Hacking Tool For Hackers
HackingTool by Z4nzu is a large collection (“all-in-one”) of tools and scripts for penetration testing / hacking / OSINT etc. It bundles many utilities (port scanners, payload injectors, web attack tools, phishing tools, wireless attack tools, reverse engineering, etc.) into a menu interface. Includes many individual tools, often wrappers or aggregations of existing well-known tools (e.g. port scanners, web attack tools, steganography, hash cracking etc.). A menu interface offering categories: reconnaissance, payload creation, wireless attacks, reverse engineering, exploit frameworks, etc. Users can pick which tool to run. It is intended more for “ethical / lab / educational” hacking contexts rather than production or stealth scenarios. It depends a lot on external tools, grants, and root privileges in many cases. -
25
Wi-Fi Cracking
Crack WPA Wi-Fi routers with Airodump-ng and Aircrack-ng Hashcat
Crack Wi-Fi networks that are secured using weak passwords. It is not exhaustive, but it should be enough information for you to test your own network's security or break into one nearby. Begin by listing wireless interfaces that support monitor mode. If you do not see an interface listed then your wireless card does not support monitor mode. Start listening to 802.11 Beacon frames broadcast by nearby wireless routers using your monitor interface. WPA/WPA2 uses a 4-way handshake to authenticate devices to the network. You don't have to know anything about what that means, but you do have to capture one of these handshakes in order to crack the network password. These handshakes occur whenever a device connects to the network. The final step is to crack the password using the captured handshake. If you have access to a GPU, it is highly recommended to use hashcat for password cracking.
