Open Source ChromeOS Security Software - Page 3
Sort By:
Security Software for ChromeOS
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
1
Ignorant
Checks if a phone number is registered on online services
Ignorant is a Python-based OSINT tool designed to determine whether a specific phone number is associated with accounts on various online platforms. It performs phone number enumeration by sending requests to supported services and analyzing their responses to identify whether an account exists for that number. By querying endpoints used during account registration, login, or other interactions, Ignorant can infer the presence of an account without notifying the phone number owner. This allows investigators, researchers, or security professionals to perform reconnaissance without alerting the target. Ignorant supports multiple platforms, including services such as Instagram, Snapchat, and Amazon, using a modular architecture where each platform is implemented as a separate module. Ignorant is built with asynchronous Python technologies, enabling concurrent checks across multiple services for faster results. It also provides standardized output in JSON format. -
2
age
A simple, modern and secure encryption tool (and Go library)
age is a security-oriented tool and library by Filo Sottile. age is a simple, modern, secure encryption utility (and Go library) that emphasizes minimal configuration and strong defaults. It provides small explicit keys, no complex options, and is designed for UNIX-style composability; you can pipe into it, integrate it into scripts, etc. It supports a clearly defined format and promotes interoperability across implementations (there are Rust, TypeScript, etc). The project is well-suited for personal data encryption, backup use-cases, scripting encryption workflows, and embedding encryption in tools. Because of its design philosophy, it avoids the bloat of many older encryption utilities while maintaining strong cryptographic hygiene. It’s especially useful for developers or system administrators who want to adopt encryption without learning a multitude of options. -
3
ASN
Command line ASN lookup, network recon, and traceroute tool
asn is a multifunctional network investigation and OSINT command line tool designed for analyzing Autonomous System (ASN) and IP-related data. It provides a comprehensive set of capabilities for inspecting network infrastructure, routing information, and security signals associated with IP addresses, hostnames, prefixes, and organizations. It aggregates data from multiple external services to present detailed information such as BGP statistics, RPKI validation status, IP reputation, geolocation, and prefix ownership. It can also perform AS path tracing, allowing users to observe the network route between systems and identify Internet Exchange Points or anomalies in the path. In addition to its command line usage, asn can run as a web-based traceroute server or as a self-hosted lookup API that returns JSON-formatted data for automated workflows. This flexibility allows the tool to support manual investigations, incident response, and automated network analysis pipelines. -
4
Argus
Python toolkit for OSINT and reconnaissance with 135+ modules
Argus is a Python-based open source toolkit designed to simplify information gathering and reconnaissance tasks in cybersecurity. It provides an integrated command-line environment that consolidates numerous reconnaissance utilities into a single framework. The tool enables users to collect data about networks, domains, web applications, and infrastructure in an organized and efficient manner. Argus includes a modular architecture with more than 130 modules that support activities such as DNS analysis, port scanning, web application inspection, and threat intelligence lookups. Its interactive CLI allows users to browse available modules, configure targets, run scans, and review results from within a unified interface. The project aims to reduce the complexity of using multiple separate reconnaissance tools by bringing them together in one streamlined platform. Argus also supports integrations with external intelligence services. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
OpenCTI
Open Cyber Threat Intelligence Platform
OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and victimology, creating a unified intelligence knowledge base. OpenCTI is built to integrate with external tools including MISP, TheHive, and MITRE ATT&CK, allowing it to function as a central intelligence hub in security operations. Its design emphasizes traceability by linking intelligence objects back to their original sources and tracking confidence levels and temporal metadata. -
6
yesitsme
Simple OSINT script to find Instagram profiles by name
yesitsme is a Python-based OSINT utility designed to help investigators identify potential Instagram accounts associated with a specific person using limited identifying data. The script works by querying indexed public information and comparing obfuscated email addresses and phone numbers against user-provided inputs to estimate match confidence. It is intended to automate a time-consuming manual investigation process by aggregating candidate usernames and classifying them into match levels such as high, medium, or low. The tool requires an Instagram session cookie to operate and includes configurable timeout controls to help avoid detection or rate limiting during searches. Its minimal codebase and straightforward command-line interface make it accessible for researchers, security analysts, and digital investigators performing social media intelligence work. -
7
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
-
8
Crypto++ is a free C++ class library of cryptographic schemes originally written by Wei Dai. The library is now maintained by a community of volunteers. The Crypto++ website is located at https://cryptopp.com/, and the source code is located at https://github.com/weidai11/cryptopp. The repository was moved in response to developer requests for Git access. The SourceForge site will remain in "read only" mode for historical purposes. You should visit the Crypto++ website at https://cryptopp.com/ or GitHub at https://github.com/weidai11/cryptopp to view the latest news, download the latest source code, file bugs and request features. We thank SourceForge for hosting us through the years.
-
9
Harpoon
Command line OSINT and threat intelligence automation tool
Harpoon is a command line tool designed to assist with open source intelligence (OSINT) and threat intelligence investigations. It helps security professionals and researchers collect and analyze publicly available information from a wide range of online sources. Harpoon is written in Python and organized around a modular plugin system, where each plugin is responsible for querying a specific platform, API, or intelligence service. This design allows users to automate many reconnaissance and intelligence gathering tasks directly from the terminal. Harpoon integrates with numerous security and data services such as Shodan, VirusTotal, AlienVault OTX, and many other intelligence providers to retrieve information about domains, IP addresses, emails, and other indicators. Many commands rely on API keys that can be configured through a central configuration file, allowing users to connect their own intelligence accounts and data sources. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
NExfil
Fast OSINT tool for discovering web profiles by username
NExfil is an open source OSINT (Open Source Intelligence) tool designed to locate user profiles across the web based on a given username. Developed in Python, the tool automates the process of checking hundreds of websites to determine whether a specific username exists on those platforms. By performing automated queries across numerous services, NExfil helps investigators, researchers, and security professionals quickly identify potential accounts associated with a particular username. The tool focuses on delivering results rapidly while minimizing false positives during the search process. Users can supply a single username, multiple usernames, or a file containing a list of usernames for bulk scanning. NExfil processes these inputs and attempts to detect matching profiles across more than 350 websites within seconds. Because it is command-line based and open source, it can be easily integrated into OSINT workflows and cybersecurity research environments. -
11
OnionSearch
Search multiple Tor .onion engines at once and collect hidden links.
OnionSearch is a Python-based command-line tool designed to collect and aggregate links from multiple search engines on the Tor network. The script works by scraping results from a variety of .onion search services, allowing users to perform a single query while gathering results from many sources at once. This approach helps researchers and investigators locate hidden services more efficiently without manually querying each individual search engine. It is primarily intended for educational use and open-source intelligence (OSINT) research involving the Tor network. OnionSearch supports multiple engines and can combine results into a single output, making it easier to analyze discovered onion links. It also offers flexible command-line options that allow users to limit results, choose which engines to query, and export collected data. By automating searches across several dark web search engines, OnionSearch simplifies the process of discovering information on hidden services. -
12
SiteDorks
Automate search engine dorking across hundreds of websites
SiteDorks is a command line tool designed to automate advanced search queries across multiple search engines and websites. It allows users to perform search engine “dork” queries against a large set of predefined domains, making it easier to discover publicly available information across different platforms. SiteDorks supports several major search engines including Google, Bing, Brave, Ecosia, DuckDuckGo, Yahoo, and Yandex. Instead of manually running the same query for many sites, SiteDorks generates and executes the queries automatically using lists of “dorkable” websites. A built-in dataset contains hundreds of websites grouped into categories such as cloud services, developer platforms, documentation sites, social platforms, and communication tools. Users can also supply custom domain lists or CSV files to tailor searches for tasks like penetration testing, bug bounty research, or OSINT investigations. -
13
Situation Monitor
Real-time dashboard for monitoring global news and markets
Situation Monitor is an open-source real-time dashboard designed to aggregate and visualize global information streams related to news, financial markets, technology, and geopolitical developments. The project aims to provide a centralized situational awareness interface where users can observe multiple sources of high-signal information without constantly switching between separate applications or websites. Instead of functioning as a traditional news reader, the platform is designed more like an intelligence monitoring system that highlights important signals from diverse data feeds. The dashboard aggregates real-time updates about economic indicators, corporate developments, geopolitical events, and other macro-level signals that may influence markets or public discourse. Its architecture is implemented using modern frontend technologies, allowing data streams to update quickly while maintaining low resource consumption. -
14
Trape
OSINT tool for tracking users and analyzing browser data online
Trape is an open source OSINT analysis and research tool designed to track and analyze users on the internet in real time. The project focuses on demonstrating how web browsers can reveal sensitive information about users while interacting with websites and online services. It provides researchers, security professionals, and organizations with a platform for studying how attackers could gather intelligence through social engineering techniques. The tool can clone websites and monitor interactions in order to collect data from visitors, allowing investigators to observe user behavior and session activity. Trape was originally created to educate the public about how large internet services may obtain confidential information such as session status or browser details without users realizing it. Over time, it has evolved into a research platform that helps analysts track cybercriminal activity and study online tracking mechanisms. -
15
WhatBreach
OSINT tool for discovering email addresses in known data breaches
WhatBreach is an open source OSINT (Open Source Intelligence) tool designed to help users discover whether an email address has appeared in known data breaches. It simplifies the process of investigating compromised credentials by allowing users to search for a single email address or analyze multiple email addresses at once. It gathers breach information from various sources and APIs to identify where the email has been exposed in leaked databases or online paste sites. Once breaches are discovered, WhatBreach can provide additional context such as the databases associated with those leaks and any related paste dumps containing the email address. If the breach databases are publicly available, the tool can attempt to download them for further analysis. It also supports deeper investigation of email domains and related profiles, making it useful for researchers, security analysts, and penetration testers conducting reconnaissance or breach analysis. -
16
socialscan
Scan platforms to check username and email account usage
Socialscan is an open source intelligence (OSINT) tool designed to check whether usernames or email addresses are associated with accounts on various online platforms. It allows users to quickly determine if a specific username or email address is already in use across multiple services, making it useful for security research, digital investigations, and account enumeration tasks. It focuses on accuracy by querying platform endpoints in a way that reliably detects whether a credential exists without producing misleading results. Socialscan can be used both as a Python library and as a command-line utility, making it flexible for developers and analysts alike. It uses asynchronous networking to perform multiple queries efficiently, enabling fast scans across different services. Because of its programmatic interface, the tool can also be integrated into larger workflows, automation scripts, or OSINT pipelines. Overall, Socialscan helps investigators, researchers, and developers. -
17
Keytool is an Eclipse plugin that maintains keystores and certificates. It allows you to create certificates and put them in a keystore. You can from Eclipse, open and inspect certificates that are stored as .cer, or in a given keystore.
-
18
-
19
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection. -
20
IntelOwl
Centralized platform for automated threat intelligence analysis
IntelOwl is an open source platform designed to manage and enrich threat intelligence data at scale. It provides a centralized environment where security analysts can gather information about suspicious files and observables such as IP addresses, domains, URLs, or hashes using a single API request. The platform integrates numerous online intelligence sources and advanced malware analysis tools, enabling users to obtain comprehensive threat intelligence without manually querying multiple services. IntelOwl was created to automate repetitive investigation tasks typically performed by security operations center (SOC) analysts, helping teams focus on deeper analysis and incident response. The system features a modular architecture built around plugins that allow new analyzers, connectors, and integrations to be added easily. These plugins can collect data from external intelligence platforms or generate insights using internal analysis tools such as YARA or static malware analyzers. -
21
Open Semantic Search
Open source semantic search and text analytics for large document sets
Open Semantic Search is an open source research and analytics platform designed for searching, analyzing, and exploring large collections of documents using semantic search technologies. It provides an integrated search server combined with a document processing pipeline that supports crawling, text extraction, and automated analysis of content from many different sources. Open Semantic Search includes an ETL framework that can ingest documents, process them through analysis steps, and enrich the data with extracted information such as named entities and metadata. It also supports optical character recognition to extract text from images and scanned documents, including images embedded inside PDF files. It integrates text mining and analytics capabilities that allow users to examine relationships, topics, and structured data within document collections. -
22
RedAmon
AI-powered framework for automated penetration testing and red teaming
RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process. -
23
SocialPwned
OSINT tool to collect emails from social networks and find leaks
SocialPwned is an OSINT tool designed to gather publicly exposed email addresses from social networks and analyze them for potential credential leaks. It helps security researchers and penetration testers identify vulnerable targets during the footprinting phase of ethical hacking engagements. It collects email addresses associated with individuals or organizations from platforms such as Instagram, LinkedIn, and Twitter. Once emails are discovered, SocialPwned searches for leaked credentials using breach databases like PwnDB and Dehashed to determine whether those accounts have appeared in data leaks. SocialPwned also integrates with GHunt to retrieve additional public information related to Google accounts linked to the discovered emails. By combining social media intelligence with breach data analysis, SocialPwned helps investigators identify reused passwords and patterns that may indicate potential security weaknesses. -
24
PLEASE NOTE that we are in the process of moving to GitHub: https://github.com/jasypt/jasypt Jasypt (Java Simplified Encryption) is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works. PLEASE NOTE that we are in the process of moving to GitHub: https://github.com/jasypt/jasypt
-
25
ASNmap
CLI tool for mapping organization network ranges using ASN data
asnmap is a command line tool and Go library designed to quickly map network ranges belonging to organizations using Autonomous System Number (ASN) data. It allows users to convert different types of inputs (such as ASN numbers, IP addresses, domain names, or organization names) into their associated CIDR ranges. This capability makes it particularly useful for security researchers, penetration testers, and reconnaissance workflows that require identifying network infrastructure owned by a target organization. asnmap retrieves ASN-related data and returns structured results that can be easily integrated into automated pipelines. Output can be generated in multiple formats including plain text, JSON, and CSV, enabling flexible data processing and analysis. asnmap also supports reading input from standard input and piping its results directly into other command line tools for chained workflows.
