Open Source Security Software - Page 7

Security Software

View 5916 business solutions
Security Clear Filters
  • Error to trace to log to deploy. One click. No SSH. Icon
    Error to trace to log to deploy. One click. No SSH.

    Catch the cause before the pager goes off.

    AppSignal links every error to the trace, the trace to the log, the log to the deploy that shipped it.
    Free 30 days.
  • Fully Managed MySQL, PostgreSQL, and SQL Server Icon
    Fully Managed MySQL, PostgreSQL, and SQL Server

    Automatic backups, patching, replication, and failover. Focus on your app, not your database.

    Cloud SQL handles your database ops end to end, so you can focus on your app.
    Try Free
  • 1
    DAR - Disk ARchive

    DAR - Disk ARchive

    For full, incremental, compressed and encrypted backups or archives

    DAR is a command-line backup and archiving tool that uses selective compression (not compressing already compressed files), strong encryption, may split an archive in different files of given size and provides on-fly hashing, supports differential backup with or without binary delta, ftp and sftp protocols to remote cloud storage Archive internal's catalog, allows very quick restoration even a single file from a huge, eventually sliced, compressed, encrypted archive eventually located on a remote cloud storage, by only reading/fetching the necessary data to perform the operation. Dar saves *all* UNIX inode types, takes care of hard links, sparse files as well as Extended Attributes (MacOS X file forks, Linux ACL, SELinux tags, user attributes) and some Filesystem Specific Attributes (Linux ext2/3/4, Mac OS X HFS+) more details at: http://dar.linux.free.fr/doc/Features.html
    Leader badge
    Downloads: 139 This Week
    Last Update:
    See Project
  • 2
    Network Security Toolkit (NST)

    Network Security Toolkit (NST)

    A network security analysis and monitoring toolkit Linux distribution.

    Network Security Toolkit (NST) is a bootable ISO image (Live USB Flash Drive) based on Fedora 44 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 systems. The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.
    Leader badge
    Downloads: 143 This Week
    Last Update:
    See Project
  • 3
    Instaloader

    Instaloader

    Download pictures (or videos) along with their captions

    Instaloader is a mature open-source utility for downloading and archiving Instagram content along with rich metadata. It enables users to retrieve posts, stories, reels, highlights, profile pictures, and associated information such as captions, comments, timestamps, and geotags. The tool supports both public and permitted private content when proper authentication is provided, making it useful for research, digital archiving, and social media analysis. Instaloader can be run as a simple command-line tool or used programmatically through its Python module, offering flexibility for automation workflows. It includes smart update mechanisms that resume interrupted downloads and fetch only new media to maintain efficient archives. The project is widely adopted by investigators and analysts who need structured Instagram data collection. In essence, Instaloader provides a robust and highly configurable pipeline for Instagram content retrieval.
    Downloads: 28 This Week
    Last Update:
    See Project
  • 4
    Hypatia

    Hypatia

    A realtime malware scanner

    Hypatia is a free and open-source malware scanner for Android that aims to provide on-device, real-time scanning with minimal battery and resource impact using signature-based detection inspired by ClamAV style databases. Designed as an Android app, it scans user filesystems and installed applications either on demand or in real time when files are written or renamed, operating completely offline aside from occasional signature database downloads. The project is offered under an AGPL-3.0 license and is archived in its original repository, reflecting a historical effort to create a community-reviewable FOSS security tool for Android devices. Hypatia’s design targets performance and efficiency, keeping memory usage modest and enabling users to control which signature sets are active. Its real-time file observation uses multi-threaded scanning to leverage device CPU resources while striving for a negligible user experience impact.
    Downloads: 27 This Week
    Last Update:
    See Project
  • Secure File Transfer for Windows with Cerberus by Redwood Icon
    Secure File Transfer for Windows with Cerberus by Redwood

    Protect and share files over FTP/S, SFTP, HTTPS and SCP with the #1 rated Windows file transfer server.

    Cerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
    Try for Free
  • 5
    K9s

    K9s

    Kubernetes CLI To Manage Your Clusters In Style!

    K9s is a terminal based UI to interact with your Kubernetes clusters. The aim of this project is to make it easier to navigate, observe and manage your deployed applications in the wild. K9s continually watches Kubernetes for changes and offers subsequent commands to interact with your observed resources. Provides standard cluster management commands such as logs, scaling, port-forwards, restarts. Define your own command shortcuts for quick navigation via command aliases and hotkeys. Plugin support to extend K9s to create your very own cluster commands. Powerful filtering mode to allow user to drill down and view workload related resources. Supports for viewing RBAC rules such as cluster/roles and their associated bindings. Reverse lookup to asserts what a user/group or ServiceAccount can do on your clusters. You can benchmark your HTTP services/pods directly from K9s to see how your application fare and adjust your resources request/limit accordingly.
    Downloads: 27 This Week
    Last Update:
    See Project
  • 6
    Kubescape

    Kubescape

    Kubescape is an open-source Kubernetes security platform for your IDE

    An open-source Kubernetes security platform for your clusters, CI/CD pipelines, and IDE that seperates out the security signal from the scanner noise. Kubescape is an open-source Kubernetes security platform, built for use in your day-to-day workflow, by fitting into your clusters, CI/CD pipelines and IDE. It serves as a one-stop-shop for Kubernetes security and includes vulnerability and misconfiguration scanning. You can run scans via the CLI, or add the Kubescape Helm chart, which gives an in-depth view of what is going on in the cluster. Kubescape includes misconfiguration and vulnerability scanning as well as risk analysis and security compliance indicators. All results are presented in context and users get many cues on what to do based on scan results. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities.
    Downloads: 27 This Week
    Last Update:
    See Project
  • 7
    Shannon

    Shannon

    Fully autonomous AI hacker to find actual exploits in your web apps

    Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.”
    Downloads: 27 This Week
    Last Update:
    See Project
  • 8
    YARA

    YARA

    The pattern matching swiss knife for malware researchers

    YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks.
    Downloads: 27 This Week
    Last Update:
    See Project
  • 9
    UDP Unicorn

    UDP Unicorn

    UDP Stress Tester

    WISHLIST THIS GAME: https://store.steampowered.com/app/2778080/The_Bathrooms/ --- UDP Unicorn is a Win32 UDP flooding/DoS (Denial of Service) utility with multithreading. Uses Winsock to create UDP sockets and flood a target. I created this tool for system administrators and game developers to test their servers. DISCLAIMER: USE AT YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES.
    Leader badge
    Downloads: 175 This Week
    Last Update:
    See Project
  • 10
    Robolinux

    Robolinux

    Announcing Robolinux Cinnamon 14.1

    Announcing The New Robolinux Series 14 Mate LTS - 2034 Robolinux is very pleased to announce a completely new 14.1 Mate privacy centered 1inux operating system you can download freely while also offering our users an optional 14+ advanced upgrade which comes with our Untracker and FAAST Boot along with one click popular privacy software installers like Tor and I2p, Wireshark and Bleachbit plus many more for a fair and reasonable price. Robolinux14.1-Mate is ideal for beginners and advanced users. We are proud that it comes with Enoch AI which is TOTALLY 100% PRIVATE, FREE, HONEST & UNCENSORED built into Robolinux Cinnamon 14.1 The Robolinux 14.1 version with rock solid Long Term Support through 2034! requires users to set secure boot in their BIOS. It is currently available in the Cinnamon desktop flavor. we will release series 14 Xfce version in the next two months.For more information please see Readme file. Warmest regards John Martinson Robolinux.org
    Downloads: 151 This Week
    Last Update:
    See Project
  • 11
    Google Authenticator Android

    Google Authenticator Android

    Open source fork of the Google Authenticator Android app

    Google Authenticator for Android is the open-source two-factor authentication app that generates time-based (TOTP) and counter-based (HOTP) one-time codes entirely on the device. It’s designed to be simple, offline, and standards-compliant, so any service that supports OATH OTP can interoperate with it. The app streamlines enrollment via QR codes or manual key entry, then displays rotating numeric codes with clear account labels to reduce mistakes during login. Because secrets are stored on the device and codes are computed locally, it works even without a data connection and avoids server-side dependencies. The UI focuses on clarity and safety cues—timers, account naming, and basic management—to make 2FA adoption accessible to non-experts. For developers, the project doubles as a reference implementation of OTP enrollment, storage, and code generation on Android.
    Downloads: 26 This Week
    Last Update:
    See Project
  • 12
    OpenFGA
    A high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is designed to make it easy for developers to model their application permissions and add and integrate fine-grained authorization into their applications. It allows in-memory data storage for quick development, as well as pluggable database modules. It currently supports PostgreSQL 14, MySQL 8, and SQLite (currently in beta). It offers an HTTP API and a gRPC API. It has SDKs for Java, Node.js/JavaScript, GoLang, Python, and .NET. Look in our Community section for third-party SDKs and tools. It can also be used as a library. OpenFGA takes the best ideas from Google's Zanzibar paper for Relationship-Based Access Control, and also solves problems for Role-based Access Control and Attribute-Based Access Control use cases. The modeling language is powerful enough for engineers, but friendly enough for other stakeholders on your team as well.
    Downloads: 26 This Week
    Last Update:
    See Project
  • 13
    Msieve is a C library implementing a suite of algorithms to factor large integers. It contains an implementation of the SIQS and GNFS algorithms; the latter has helped complete some of the largest public factorizations known
    Leader badge
    Downloads: 169 This Week
    Last Update:
    See Project
  • 14
    Flipper Zero Firmware

    Flipper Zero Firmware

    Flipper Zero firmware source code

    Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware, and more. It's fully open-source and customizable, so you can extend it in whatever way you like. Flipper Zero is a tiny piece of hardware with a curious personality of a cyber-dolphin. It can interact with digital systems in real life and grow while you use it. Explore any kind of access control system, RFID, radio protocols, and debug hardware using GPIO pins. The idea of Flipper Zero is to combine all the hardware tools you'd need for exploration and development on the go. Flipper was inspired by the pwnagotchi project, but unlike other DIY boards, Flipper is designed with the convenience of everyday usage in mind — it has a robust case, handy buttons, and shape, so there are no dirty PCBs or scratchy pins. Flipper turns your projects into a game, reminding you that development should always be fun.
    Downloads: 25 This Week
    Last Update:
    See Project
  • 15
    apk-mitm

    apk-mitm

    Application that automatically prepares Android APK files for HTTPS

    Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.
    Downloads: 25 This Week
    Last Update:
    See Project
  • 16
    EJBCA, JEE PKI Certificate Authority
    EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
    Leader badge
    Downloads: 121 This Week
    Last Update:
    See Project
  • 17
    Blackbird

    Blackbird

    OSINT tool for finding accounts across 600+ sites by username or email

    Blackbird is an open source OSINT tool designed to search for user accounts across social networks and online platforms using a username or email address. The project focuses on helping investigators, researchers, and security professionals quickly discover where a specific identity appears on the internet. It performs reverse searches across more than 600 websites by leveraging data from the community-driven WhatsMyName project, which improves detection accuracy and reduces false positives. The tool operates primarily through a command line interface, allowing users to run automated searches and gather results from many platforms in a single process. Blackbird also includes an optional AI-powered profiling feature that analyzes discovered sites to generate behavioral and technical insights about a user’s online presence. Results from searches can be exported in formats such as PDF, CSV, or JSON for documentation or reporting purposes.
    Downloads: 24 This Week
    Last Update:
    See Project
  • 18
    Keycloak

    Keycloak

    Identity and access management for modern applications and services

    Add authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box. You'll even get advanced features such as User Federation, Identity Brokering and Social Login. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application. This also applied to logout. Keycloak provides single-sign out, which means users only have to logout once to be logged-out of all applications that use Keycloak.
    Downloads: 24 This Week
    Last Update:
    See Project
  • 19
    ModSecurity

    ModSecurity

    Cross platform web application firewall (WAF) engine for Apache

    ModSecurity is an open-source, cross-platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language that provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity SecRules format and apply them to HTTP content provided by your application via Connectors. Before starting the compilation process, make sure that you have all the dependencies in place.
    Downloads: 24 This Week
    Last Update:
    See Project
  • 20
    BeeCrypt is an ongoing project to provide a strong and fast cryptography toolkit. Includes entropy sources, random generators, block ciphers, hash functions, message authentication codes, multiprecision integer routines, and public key primitives.
    Leader badge
    Downloads: 222 This Week
    Last Update:
    See Project
  • 21
    Hackingtool

    Hackingtool

    ALL IN ONE Hacking Tool For Hackers

    HackingTool by Z4nzu is a large collection (“all-in-one”) of tools and scripts for penetration testing / hacking / OSINT etc. It bundles many utilities (port scanners, payload injectors, web attack tools, phishing tools, wireless attack tools, reverse engineering, etc.) into a menu interface. Includes many individual tools, often wrappers or aggregations of existing well-known tools (e.g. port scanners, web attack tools, steganography, hash cracking etc.). A menu interface offering categories: reconnaissance, payload creation, wireless attacks, reverse engineering, exploit frameworks, etc. Users can pick which tool to run. It is intended more for “ethical / lab / educational” hacking contexts rather than production or stealth scenarios. It depends a lot on external tools, grants, and root privileges in many cases.
    Downloads: 23 This Week
    Last Update:
    See Project
  • 22
    OWASP Mobile Application Security

    OWASP Mobile Application Security

    Manual for mobile app security testing and reverse engineering

    The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS) and a comprehensive testing guide (OWASP MASTG) that covers the processes, techniques, and tools used during a mobile app security test, as well as an exhaustive set of test cases that enables testers to deliver consistent and complete results. MAS Advocates are industry adopters of the OWASP MASVS and MASTG who have invested a significant and consistent amount of resources to push the project forward by providing consistent high-impact contributions and continuously spreading the word.
    Downloads: 23 This Week
    Last Update:
    See Project
  • 23
    UFONet

    UFONet

    UFONet - Denial of Service Toolkit

    UFONet is a powerful and controversial Python-based toolkit for testing and conducting Distributed Denial of Service (DDoS) attacks using unconventional methods, such as leveraging third-party web applications as attack vectors. It automates the discovery of vulnerable targets and enables attackers or researchers to launch large-scale amplification attacks without directly using botnets. While primarily intended for penetration testing and educational purposes, UFONet emphasizes anonymity through the use of proxies, TOR, and encrypted command channels.
    Downloads: 23 This Week
    Last Update:
    See Project
  • 24
    mitmproxy

    mitmproxy

    A free and open source interactive HTTPS proxy

    mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of features like request interception and replay. Its command-line version mitmdump allows you to write powerful addons and script mitmproxy so it can automatically modify messages, redirect traffic, and perform many other custom commands.
    Downloads: 23 This Week
    Last Update:
    See Project
  • 25
    Open source DKIM library, MTA filter implementation and associated tools.
    Leader badge
    Downloads: 120 This Week
    Last Update:
    See Project