Open Source Mac Security Software - Page 5
Sort By:
Security Software for Mac
View 938 business solutions-
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
1
Antivirus Live CD
4MLinux fork including ClamAV scanner
Antivirus Live CD is an official 4MLinux fork including the ClamAV scanner. It's designed for users who need a lightweight live CD, which will help them to protect their computers against viruses. Ethernet, WiFi, PPP and PPPoE are supported by Antivirus Live CD to enable automatic updates of its virus signature databases. All partitions are mounted during the boot process so that they can be scanned by ClamAV. The Antivirus Live CD ISO images are fully compatible with UNetbootin, which can be used to create an easy-to-use Antivirus Live USB. -
2
AutoTypeSearch
AutoType Quick Search plugin for KeePass
This is a plugin to KeePass <http://www.KeePass.info> to provide a quick searching capability as an enhancement to the global auto-type system. If a global auto-type is requested, but no matching entry for the active window is found, this plugin will show a quick as-you-type search window which lets you to easily pick the entry to auto-type. It is also possible to open/edit, show, open the url for, or copy the password for the entry that is found. Auto-typing the password only is also supported. Any two actions can be configured, one for Enter, one for Shift+Enter. -
3
Ignorant
Checks if a phone number is registered on online services
Ignorant is a Python-based OSINT tool designed to determine whether a specific phone number is associated with accounts on various online platforms. It performs phone number enumeration by sending requests to supported services and analyzing their responses to identify whether an account exists for that number. By querying endpoints used during account registration, login, or other interactions, Ignorant can infer the presence of an account without notifying the phone number owner. This allows investigators, researchers, or security professionals to perform reconnaissance without alerting the target. Ignorant supports multiple platforms, including services such as Instagram, Snapchat, and Amazon, using a modular architecture where each platform is implemented as a separate module. Ignorant is built with asynchronous Python technologies, enabling concurrent checks across multiple services for faster results. It also provides standardized output in JSON format. -
4
geowifi
OSINT tool for locating WiFi networks using BSSID or SSID data
geowifi is an open source OSINT tool designed to search and retrieve geolocation information about WiFi networks using their BSSID or SSID identifiers. It queries several public WiFi geolocation databases and aggregates the results to help identify the approximate location of a wireless access point. By combining multiple data sources such as Wigle, Apple, Google, WifiDB, Mylnikov, and Combain, the tool can provide location data that may include coordinates and additional network metadata. Users can run searches through a command-line interface by specifying either the BSSID (MAC address) or the SSID of a network. The results can be displayed in different formats, including a structured JSON output or an interactive HTML map showing the discovered locations. geowifi also supports API-based integrations with certain services, which allows geowifi to retrieve more accurate or detailed geolocation data when valid API credentials are configured. -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
5
PentestBox
A Portable Penetration Testing Distribution for Windows
PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 50% of penetration testing distributions users uses windows. Source:- https://pentestbox.com/download_stats.txt So it provides an efficient platform for Penetration Testing on windows. -
6
Blackbird
OSINT tool for finding accounts across 600+ sites by username or email
Blackbird is an open source OSINT tool designed to search for user accounts across social networks and online platforms using a username or email address. The project focuses on helping investigators, researchers, and security professionals quickly discover where a specific identity appears on the internet. It performs reverse searches across more than 600 websites by leveraging data from the community-driven WhatsMyName project, which improves detection accuracy and reduces false positives. The tool operates primarily through a command line interface, allowing users to run automated searches and gather results from many platforms in a single process. Blackbird also includes an optional AI-powered profiling feature that analyzes discovered sites to generate behavioral and technical insights about a user’s online presence. Results from searches can be exported in formats such as PDF, CSV, or JSON for documentation or reporting purposes. -
7
Udp2raw-tunnel
Turns UDP traffic into encrypted UDP/fakeTCP/ICMP traffic
A tunnel which turns UDP traffic into encrypted fakeTCP/UDP/ICMP traffic by using Raw Socket, helps you bypass UDP FireWalls(or unstable UDP environment). When used alone, Udp2raw tunnels only UDP traffic. Nevertheless, if you used udp2raw + any UDP-based VPN together, you can tunnel any traffic(include TCP/UDP/ICMP), currently, OpenVPN/L2TP/ShadowVPN and tinyfecVPN are confirmed to be supported. Linux host (including desktop Linux,Android phone/tablet,OpenWRT router,or Raspberry PI) with root account or cap_net_raw capability. ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel. UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stalization). -
8
kubelogin
kubectl plugin for Kubernetes OpenID Connect authentication
Kubelogin is designed to run as a client-go credential plugin. When you run kubectl, kubelogin opens the browser and you can log in to the provider. Then kubelogin gets a token from the provider and kubectl accesses Kubernetes APIs with the token. If you install via GitHub releases, you need to put the kubelogin binary on your path under the name kubectl-oidc_login so that the kubectl plugin mechanism can find it when you invoke kubectl oidc-login. The other install methods do this for you. If the cached ID token is valid, kubelogin just returns it. If the cached ID token has expired, kubelogin will refresh the token using the refresh token. If the refresh token has expired, kubelogin will perform re-authentication (you will have to login via browser again). -
9
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization -
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
10
Greenplum Database
Massive parallel data platform for analytics, machine learning and AI
Rapidly create and deploy models for complex applications in cybersecurity, predictive maintenance, risk management, fraud detection, and many other areas. With its unique cost-based query optimizer designed for large-scale data workloads, Greenplum scales interactive and batch-mode analytics to large datasets in the petabytes without degrading query performance and throughput. Based on PostgreSQL, Greenplum provides you with more control over the software you deploy, reducing vendor lock-in, and allowing open influence on product direction. Greenplum reduces data silos by providing you with a single, scale-out environment for converging analytic and operational workloads, like streaming ingestion. All major Greenplum contributions are part of the Greenplum Database project and share the same database core, including the MPP architecture, analytical interfaces, and security capabilities. -
11
Pomerium
Pomerium is an identity and context-aware access proxy
Secure, context-aware access that just works. Access internal resources securely. Implement zero trust. Achieve compliance. All without the headache of a VPN. For teams that prefer a hosted solution while keeping data governance. For organizations that need advanced scaling, access control, and governance capabilities. IT and developers need a scalable access control solution to keep users productive, happy, and secure. Pomerium uses identity and context to ensure secure access to internal applications, servers, and infrastructure even from untrusted networks. Pomerium adds authentication and authorization to any application or server, giving IT Management a centralized panel for organization-wide control. Assert compliance in your current architecture without giving up control over data tenancy. Pomerium supports your infrastructure and can be deployed in all environments: cloud, hybrid, or on-prem. From AWS to Kubernetes and more, your internal and 3rd-party apps are covered. -
12
Social-Analyzer
API, CLI, and Web App for analyzing and finding a person's profile
Social Analyzer is an open source OSINT tool that helps investigators discover and analyze a person’s presence across a very large number of social media platforms. It provides a unified API, CLI, and web interface capable of scanning hundreds or thousands of sites for username matches and related metadata. The project includes modular detection and analysis components that users can enable depending on their investigative needs. It is commonly used in cybersecurity, digital forensics, and reconnaissance workflows where identity correlation is required. Social Analyzer emphasizes flexibility, allowing integration into automated pipelines or manual investigations. Overall, the project functions as a powerful reconnaissance engine for mapping online identities at scale. -
13
Wfuzz
Web application fuzzer
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc. -
14
cyborghawk v1.1
Latest-v1.1 of The World's most advanced pen testing distribution ever
updated version of The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
15
Brook
Brook is a cross-platform strong encryption and not detectable proxy
Brook is a cross-platform strong encryption and not detectable proxy. Brook's goal is to keep it simple, stupid and not detectable. You can run commands after entering the command-line interface. Usually, everyone uses the command line interface on Linux servers. Of course, Linux also has desktops that can also run GUI. Of course, macOS and Windows also have command-line interfaces, but you may not use them frequently. Usually, the applications opened by double-clicking/clicking on macOS/Windows/iOS/Android are all GUIs. Usually, if you use Brook, you will need a combination of Server and Client, Of course Brook CLI also has many other independent functions. The Brook CLI file is an independent command file, it can be said that there is no concept of installation, just download this file to your computer, run it after granting it executable permissions in the command line interface. -
16
Notesnook
A fully open source & end-to-end encrypted note taking alternative
Notesnook makes it impossible for anyone to spy on your notes. Unlike Evernote and other note taking apps, your data is private, not open for everyone to see. Ditch other note taking apps that don't care about your data privacy. With app lock and private notes vault, your personal diary & journal are always safe. Worried that your friend will read your private notes? Notesnook fixes that by having an app lock built-in. Use a pin or biometrics to protect your notes. Protect your online journal or personal diary with an extra layer of security. Your notes vault is a super secure way to store your passwords, credentials & other secrets. Free or Pro, you get the same level of privacy. Making privacy a paid feature means only the privileged few deserve it but privacy is your right. And rights don't have a price tag, or do they? To verify that your notes are actually encrypted (and we aren't just lying), you can use our open source tool, Vericrypt. -
17
Tamper Dev
Extension that allows you to intercept and edit HTTP/HTTPS requests
If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software, with full support of HTTPS connections, and trivial to set-up (just install). -
18
ccrypt is a command-line tool for encrypting and decrypting files and streams. It provides strong encryption based on the Rijndael cipher, a version of which is also used in the Advanced Encryption Standard.
-
19
htmLawed
PHP code to purify & filter HTML
The htmLawed PHP script makes HTML more secure and standards- & policy-compliant. The customizable HTML filter/purifier can balance tags, ensure proper nestings, neutralize XSS, restrict HTML, beautify code like Tidy, implement anti-spam measures, etc. -
20
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser
HackBrowserData is an open-source tool that could help you decrypt data ( password|bookmark|cookie|history|credit card|download|localStorage|extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. This tool is limited to security research only, and the user assumes all legal and related responsibilities arising from its use! The author assumes no legal responsibility! Installation of HackBrowserData is dead-simple, just download the release for your system and run the binary. -
21
Kraken tool
Kraken: A multi-platform distributed brute-force password cracking
Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator-based cracking across multiple machines both as a web app in a web browser and as a standalone electron-based client. Kraken aims to be easy to use, fault-tolerant and scalable. Kraken is a dockerized application using docker-compose which will launch the db (Postgres), s3-compliant file storage (Minio), the server and the browser client. You can find the docker-compose file in the root directory of the repository. To upload password lists or dictionaries, upload them to Minio Console at localhost:9001. View the steps explained for a detailed guide Otherwise, you can generate word lists dynamically using crunch. Window EXE portable client needs to run in the folder with its hashcat dependencies. Hashcat files can be downloaded from their home page. -
22
The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.
-
23
kpcli
KeePass Command Line Interface
KeePass Command Line Interface (CLI) / interactive shell. Use kpcli to access and manage your KeePass databases from a Unix-like command line. It supports all version 1.x (*.kdb) and 2.x (*.kdbx) prior to the KDBX 4.0 update. -
24
EncFSMP
Mount EncFS folders - multiplatform style.
EncFSMP can create, mount and edit EncFS (encrypted file system) folders on Windows and Mac OS X. -
25
SilentEye is a cross-platform application design for an easy use of steganography. It provides a pretty nice interface and an easy integration of new steganography algorithm and cryptography process.
