Open Source Windows Security Software - Page 15
Sort By:
Security Software for Windows
View 1532 business solutions-
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
secure rm
srm is a command-line program to delete files securely.
srm (secure rm) is a command-line compatible rm(1) which overwrites file contents before unlinking. The goal is to provide drop in security for users who wish to prevent recovery of deleted information, even if the machine is compromised. -
2
UltraDDOS-v2
DDOS tool
One of the most overpowered DDOS weapon on the internet. This software is mainly for pen testing websites or servers. -
3
Valhala Honeypot is an easy to use honeypot for the Windows System. The software have the following services: http (web), ftp, tftp, finger, pop3, smtp, echo, daytime, telnet and port forwarding. Some services are real, others are a simulation.
-
4
IBM's TPM 2.0 TSS
IBM's TPM 2.0 TSS
This is a user space TSS for TPM 2.0. It implements the functionality equivalent to (but not API compatible with) the TCG TSS working group's ESAPI, SAPI, and TCTI API's (and perhaps more) but with a hopefully simpler interface. It comes with over 110 "TPM tools" samples that can be used for scripted apps, rapid prototyping, education, and debugging. It also comes with a web based TPM interface, suitable for a demo to an audience that is unfamiliar with TCG technology. It is also useful for basic TPM management. See the below link for operating system, platform, and hardware support. See the companion IBM TPM 2.0 at https://sourceforge.net/projects/ibmswtpm2/ and attestation at projects/ibmtpm2acs I welcome (1) bug reports, (2) documentation requests, (3) suggestions for ECC tests, and (4) requests for features for which you have an immediate need. See the wiki for additional support - additions to the documentation. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
5
TrojanCockroach
A Stealthy Trojan Spyware
This program is a Trojan Virus that steals data (ID, password; every key stroke) from PC (Windows XP or later) and emails it back to the host. It spreads among PCs through USB drives. It is almost undetectable to any antivirus software. -
6
Rinzler USB Cleaner
V2.0-Unhides Folder/Files,removes malicious scripts from USB Drive
V2.0 (30th Dec 2014). It is a USB Malware Cleaner. This is a small tool that removes malicious scripts created by virus or malware, unhides folder and files, deletes all shortcut from selected drive. Also disables autorun completely and provides option to enable registry, folder options and task manager. Visit the project website for more information. -
7
Lock Windows workstation upon disconnection of bluetooth device. The program is able to run user specified commands on device connection and disconnection. Requires .NET 3.5
-
8
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/ -
9
spyware
A complete SpyWare.
A complete local and configurable spyware. This spyware is a python package compiled for Windows. This spyware is not a virus, it does not export any data to a server. Data is stored locally only. Do not use it for illegal purposes. - Save keyboard events - Record from microphone - Save files metadata in CSV file - Screenshots - Pictures from Webcam - Domains and IP addresses from metadata - Save clipboard -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
URC ACCESS MODES v3.0
Provides control of Various Functions with pasword protected interface
With URC ACCESS MODES v3.0 we can have complete protection & control for our desktop/laptop with a password protected interface it has 6 best tools which includes : USB Tool & CD/DVD Tool, Registry(regedit.exe) Tool & Command Prompt(cmd.exe) Tool, Group Policy Tool(gpedit.msc) & Task Manager Tool(taskmgr.exe), With USB & CD Tools , Data Theft is Eliminated , No one can access our data without our permission since we can disable USB Mass Storage Devices such as Pen Drives , Hard Disk etc whereas your USB Peripheral Devices will work normal including USB Mouse, Keyboard, Webcam etc Also Virus Problem is Eliminated since no data is transferred it protects us from Viruses With Registry & Command Prompt Tools , Unauthorized Code Execution is Eliminated since we can disable command prompt & registry no one can write commands/registry entries manually and execute it Also Protection From Hackers since they can execute some codes via command prompt which may retrieve our data -
11
denuvo
DENUVO (VMProtect 2.6x) VM research tool
This is part of the original source code of DENUVO_Profiler, written by 386 Team in 2014-2017 to investigate the first versions of DENUVO (eq VMProtect 2-3), when there were no lifters and other modern devirtualisation tools. DENUVO_Profiler is a subsequent development of the SecuROM_Profiler utility - the simplest tool for visualising the operation of a virtual machine and effectively controlling the data it uses in the byte-code tape (p-code). DENUVO_Profiler also hunts for Electronic Arts (Origin) licence containers on the current user's machine and can extract their contents, with including the GameToken. # See also: 80_PA SecuROM keygen -
12
Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM. mercurial repo: http://hg.code.sf.net/p/tboot/code.
-
13
PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.
-
14
Penetration Testing Distribution based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security.
-
15
Alertmanager
Prometheus Alertmanager
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It also takes care of silencing and inhibition of alerts. Precompiled binaries for released versions are available in the download section on prometheus.io. Using the latest production release binary is the recommended way of installing Alertmanager. The current Alertmanager API is version 2. This API is fully generated via the OpenAPI project and Go Swagger with the exception of the HTTP handlers themselves. A HTML rendered version can be accessed and clients can be easily generated via any OpenAPI generator for all major languages. -
16
BloodHound Legacy
Six Degrees of Domain Admin
BloodHound Legacy is the deprecated open‑source version of the BloodHound Active Directory attack path analysis tool. It uses graph theory to model and visualize privileged relationships in AD, Entra ID, and Azure environments. Security professionals use it to enumerate domain privilege escalation paths, misconfigurations, and attack surfaces in corporate networks -
17
CaptfEncoder
Captfencoder is a rapid cross platform network security tool suite
Captfencoder is a rapid cross-platform network security tool suite, providing network security-related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools. CaptfEncoder V3 develop by Rust, Executable programs are smaller, faster, better performing, and more powerful. CaptfEncoder V3 suport script extension. -
18
DNSGen
Intelligent DNS permutation tool for subdomain discovery
DNSGen is an open source DNS name permutation tool designed primarily for security researchers and penetration testers who need to discover potential subdomains during reconnaissance and attack surface mapping. It analyzes existing domain names and generates numerous intelligent variations that may represent valid subdomains within an organization’s infrastructure. These generated permutations help identify hidden or unlisted services that may not appear in standard DNS queries or public records. DNSGen applies multiple permutation techniques to create realistic domain combinations based on modern infrastructure naming patterns, including cloud environments, DevOps tools, and microservice architectures. It can also extract meaningful keywords from existing domain names and incorporate them into newly generated permutations. The resulting domain list can be further processed by DNS resolution tools such as MassDNS to determine which generated domains actually exist. -
19
Django Hijack
With Django Hijack, admins can log in and work on behalf of others
With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials. 3.x docs are available in the docs folder. This version provides a security-first design, easy integration, customization, out-of-the-box Django admin support and dark mode. It is a complete rewrite and all former APIs are broken. A form is used to perform a POST including a CSRF-token for security reasons. The field user_pk is mandatory and the value must be set to the target users' primary key. The optional field next determines where a user is forwarded after a successful hijack. If not provided, users are forwarded to the LOGIN_REDIRECT_URL. Do not forget to load the hijack template tags to use the can_hijack filter. The can_hijack returns a boolean value, the first argument should be user hijacker, the second value should be the hijacked. -
20
Domain Digger
Domain analysis toolkit for DNS, IP, and WHOIS lookups
Domain Digger is an open source toolkit designed to help users analyze and explore domain-related information in a structured and visual way. It provides a centralized interface for investigating various technical details associated with a domain, including DNS records, IP information, and WHOIS data. By combining several domain intelligence features into a single platform, it simplifies the process of gathering and understanding domain infrastructure details. Domain Digger presents domain information through organized views and visual components, making it easier to interpret relationships between domains, DNS records, and network addresses. This can be useful for developers, security researchers, system administrators, and anyone working with domain infrastructure. Domain Digger aims to streamline domain analysis workflows by offering quick lookups and consolidated data sources in one environment. -
21
Findomain
Fast open source tool for discovering and monitoring domain subdomains
Findomain is an open source reconnaissance tool designed to discover and enumerate subdomains associated with a target domain. It focuses on speed and reliability by using Certificate Transparency logs and multiple well tested public APIs instead of relying solely on brute force scanning techniques. By querying multiple passive data sources in parallel, the tool can identify a large number of subdomains within a short time, making it useful for security researchers, penetration testers, and bug bounty hunters. Findomain aggregates information from various online services to provide a comprehensive list of discovered subdomains without directly attacking the target infrastructure. The tool also supports monitoring capabilities that allow users to track newly discovered subdomains and send alerts through integrations such as messaging platforms. Written in Rust, Findomain benefits from strong performance, safe concurrency, and cross platform compatibility. -
22
Hikari
LLVM Obfuscator
All releases prior to and including LLVM8 are signed using this PGP Key from Naville. Verifiable on his Keybase. Security is not now, and will never be based purely on Obscurity. The "Security Companies" might say so to sell more of their products. But no, binary obfuscation won't magically fix all your exploits and bugs, (If not introducing more). Designing an Obfuscator is hard, and keeping the source open definitely leaks the pattern to crackers which could potentially make the crackers' life easier if they have the right skillset. While every reasonable attempt has been made in Hikari to reduce such patterns from appearing, however, with overkill weapons like symbolic execution, binary obfuscation can still be defeated much easier, even so-called VM-based obfuscation. DOI 10.1145/2991079.2991114 explained this in great detail. I would implement a few anti-SE mechanisms in the future in an attempt to cause (even) more trouble to attackers, though. -
23
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP, UDP, ICMP, IGMP, ARP, NMB and SMB1, SMB2 and SMB3 and more. Impacket's object oriented API makes it easy to work with deep hierarchies of protocols. It can construct packets from scratch, as well as parse them from raw data. -
24
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration) oauth2-proxy can be configured via command line options, environment variables or config file (in decreasing order of precedence, i.e. command line options will overwrite environment variables and environment variables will overwrite configuration file settings). -
25
OneForAll
OneForAll is a powerful subdomain collection tool
OneForAll is a comprehensive subdomain enumeration and reconnaissance tool primarily used in penetration testing and bug bounty workflows. Built in Python, it aggregates results from numerous DNS, certificate transparency, search engine, and threat intelligence sources to uncover hidden subdomains. The tool is particularly notable for incorporating many Chinese data sources that are often missed by Western-focused recon tools, increasing discovery coverage. It supports brute-force subdomain discovery, recursive scanning, and takeover detection to help identify potential attack surfaces. OneForAll also performs validation and enrichment of discovered domains, producing structured outputs for further analysis. Overall, it is a powerful asset discovery platform designed to maximize subdomain visibility during security assessments.
