Open Source Windows Security Software - Page 5
Sort By:
Security Software for Windows
View 1538 business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
UDP Unicorn
UDP Stress Tester
WISHLIST THIS GAME: https://store.steampowered.com/app/2778080/The_Bathrooms/ --- UDP Unicorn is a Win32 UDP flooding/DoS (Denial of Service) utility with multithreading. Uses Winsock to create UDP sockets and flood a target. I created this tool for system administrators and game developers to test their servers. DISCLAIMER: USE AT YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES. -
2
WinRAR
Compress, Encrypt, Package and Backup with only one utility
WinRAR is a powerful file archiver and compression tool that supports multiple file formats, including RAR and ZIP. It is widely used for compressing large files into smaller, more manageable sizes and decompressing files into their original format. WinRAR offers advanced features for both personal and professional use, such as file encryption, password protection, and splitting large files into smaller parts for easier storage or transfer. Its intuitive interface makes it easy for users to compress, encrypt, and share files quickly and efficiently. -
3
KeePassXC
KeePassXC is a cross-platform community-driven port
Securely store passwords using industry-standard encryption, quickly auto-type them into desktop applications, and use our browser extension to log into websites. Complete database encryption using industry-standard 256-bit AES. Fully compatible with KeePass Password Safe formats. Your password database works offline and requires no internet connection. Every feature looks, feels, works, and is tested on Windows, macOS, and Linux. You can expect a seamless experience no matter which operating system you are using. The full source code is published under the terms of the GNU General Public License and made available on GitHub. Use, inspect, change, and share at will; contributions by everyone are welcome. -
4
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
Shannon is an autonomous AI penetration testing system built to find and prove real, exploitable vulnerabilities in web applications rather than stopping at static warnings or best-guess alerts. It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks. -
6
Gpg4win
GnuPG for Windows
Gpg4win is the official Windows distribution of the GnuPG encryption ecosystem, providing an accessible graphical environment for secure email and file protection. It packages the GnuPG engine together with user-friendly tools such as certificate management utilities, Windows Explorer integration, and Outlook plugins, enabling encryption workflows without requiring command-line expertise. The suite supports both OpenPGP and S/MIME standards, allowing organizations and individuals to secure communications using widely recognized cryptographic methods. Users can easily encrypt, decrypt, sign, and verify files or entire folders directly from the Windows interface, making the software suitable for everyday business use. Gpg4win emphasizes strong cryptographic defaults and compatibility with smart cards and enterprise certificate infrastructures. -
7
Hackingtool
ALL IN ONE Hacking Tool For Hackers
HackingTool by Z4nzu is a large collection (“all-in-one”) of tools and scripts for penetration testing / hacking / OSINT etc. It bundles many utilities (port scanners, payload injectors, web attack tools, phishing tools, wireless attack tools, reverse engineering, etc.) into a menu interface. Includes many individual tools, often wrappers or aggregations of existing well-known tools (e.g. port scanners, web attack tools, steganography, hash cracking etc.). A menu interface offering categories: reconnaissance, payload creation, wireless attacks, reverse engineering, exploit frameworks, etc. Users can pick which tool to run. It is intended more for “ethical / lab / educational” hacking contexts rather than production or stealth scenarios. It depends a lot on external tools, grants, and root privileges in many cases. -
8
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. This is not intended for end-user self-assessment. If you are concerned with the security of your device please seek expert assistance. Compare extracted records to a provided list of malicious indicators in STIX2 format. Generate JSON logs of extracted records, and separate JSON logs of all detected malicious traces. -
9
Buster
Captcha solver extension for humans
Save time by asking Buster to solve captchas for you. Buster is a Firefox extension which helps you to solve difficult captchas by completing reCAPTCHA audio challenges using speech recognition. Challenges are solved by clicking on the extension button at the bottom of the reCAPTCHA widget. It is not guaranteed that challenges are always solved, the limitations of the technology need to be considered. The continued development of Buster is made possible thanks to the support of awesome backers. If you'd like to join them, please consider contributing with Patreon, PayPal or Bitcoin. The success rate of the extension can be improved by simulating user interactions with the help of a client app. Follow the instructions from the extension's options to download and install the client app on Windows, Linux and macOS, or get the app from this repository. -
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
10
Flipper Zero Firmware
Flipper Zero firmware source code
Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware, and more. It's fully open-source and customizable, so you can extend it in whatever way you like. Flipper Zero is a tiny piece of hardware with a curious personality of a cyber-dolphin. It can interact with digital systems in real life and grow while you use it. Explore any kind of access control system, RFID, radio protocols, and debug hardware using GPIO pins. The idea of Flipper Zero is to combine all the hardware tools you'd need for exploration and development on the go. Flipper was inspired by the pwnagotchi project, but unlike other DIY boards, Flipper is designed with the convenience of everyday usage in mind — it has a robust case, handy buttons, and shape, so there are no dirty PCBs or scratchy pins. Flipper turns your projects into a game, reminding you that development should always be fun. -
11
Advanced Onion Router is a portable client for the OR network and is intended to be an improved alternative for Tor+Vidalia+Privoxy bundle for Windows users. Some of the improvements include UNICODE paths, support for HTTP and HTTPS proxy protocols on the same Socks4/Socks5 port with HTTP header filtering that generates fake identity-dependent headers every time the identity is changed (proxy chains are also supported), support for NTLM proxies, a User Interface that makes Tor's options and actions more accessible, local banlist for forbidden addresses, private identity isolation, a point-and-click process interceptor that can redirect connections from programs that don't support proxies, also giving them fake information about the local system and support for .onion addresses. Also, it can estimate AS paths for all circuits and prevent AS path intersections, it can restrict circuits to be built using only nodes from different countries, can change circuit lengths and more.
-
12
Portecle is a user friendly GUI application for creating, managing and examining key stores, keys, certificates, certificate requests, certificate revocation lists and more.
-
13
holehe
Check if the mail is used on different sites
holehe is a Python-based OSINT utility designed to determine whether a specific email address is registered across a wide range of online services. The tool works by leveraging password-reset mechanisms and other public account-existence checks to infer whether an email is associated with accounts on major platforms. It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate quickly and quietly, emphasizing efficiency and minimal footprint during enumeration tasks. The project can be used both as a standalone command-line tool and as a library embedded into larger automation pipelines. Overall, holehe provides investigators with a focused and scalable method for mapping an email’s online presence. -
14
JSch is a pure Java implementation of SSH2. JSch allows you to connect to an sshd server and use port forwarding, X11 forwarding, file transfer, etc., and you can integrate its functionality into your own Java programs.
-
15
KPEnhancedEntryView
An enhanced entry view panel for KeePass
This is a plugin to KeePass <http://www.KeePass.info> to provide an enhanced entry view. For the rationale and design behind this project, see the forum post linked to as the homepage -
16
Algo VPN
Set of Ansible scripts that simplifies the setup of a personal VPN
Introducing Algo, a self-hosted personal VPN server designed for ease of deployment and security. Algo automatically deploys an on-demand VPN service in the cloud that is not shared with other users, relies on only modern protocols and ciphers, and includes only the minimal software you need. And it’s free. For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you. Really, the paid-for services are just commercial honeypots. If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data. Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators. Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. In that case, your network traffic will be analyzed when law enforcement makes that seizure. -
17
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic directory brute-forcing mode, DNS subdomain brute-forcing mode, the mode that enumerates open S3 buckets and looks for existence and bucket listings, and the virtual host brute-forcing mode (not the same as DNS!). Since this tool is written in Go you need to install the Go language/compiler/etc. Full details of installation and set up can be found on the Go language website. Once installed you have two options. You need at least go 1.16.0 to compile gobuster. -
18
SimpleX
The first messaging platform operating without user identifiers
Other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc. SimpleX does not, not even random numbers. This radically improves your privacy. The video shows how you connect to your friend via their 1-time QR-code, in person or via a video link. You can also connect by sharing an invitation link. Temporary anonymous pairwise identifiers SimpleX uses temporary anonymous pairwise addresses and credentials for each user contact or group member. It allows to deliver messages without user profile identifiers, providing better meta-data privacy than alternatives. Many communication platforms are vulnerable to MITM attacks by servers or network providers. To prevent it SimpleX apps pass one-time keys out-of-band when you share an address as a link or a QR code. Double-ratchet protocol. OTR messaging with perfect forward secrecy and break-in recovery. NaCL cryptobox in each queue to prevent traffic correlation between message queues if TLS is compromised. -
19
Moon Secure Antivirus
Free - Simple - Scalable
Moon Secure Antivirus aims to be the best Free Antivirus for Windows under GPL license. It offers multiple scan engines, Net shield, Firewall, On access, on Exec scanner and rootkits preventions plus features from Commercial Antivirus applications. Also visit TWERT, our sister project, allowing scheduled domain and process blocking with Windows, Linux, OSX installers at https://sourceforge.net/projects/twert/ -
20
Cuckoo Sandbox
Cuckoo Sandbox is for automated analysis of malware
Cuckoo Sandbox uses components to monitor the behavior of malware in a Sandbox environment; isolated from the rest of the system. It offers automated analysis of any malicious file on Windows, Linux, macOS, and Android. -
21
A KeePass plugin that downloads and stores favicons. A favicon is the little icon / logo used to identify many websites, typically displayed in the browser's address bar, bookmark list and on tabs.
-
22
IBM's TPM 2.0 TSS
IBM's TPM 2.0 TSS
This is a user space TSS for TPM 2.0. It implements the functionality equivalent to (but not API compatible with) the TCG TSS working group's ESAPI, SAPI, and TCTI API's (and perhaps more) but with a hopefully simpler interface. It comes with over 110 "TPM tools" samples that can be used for scripted apps, rapid prototyping, education, and debugging. It also comes with a web based TPM interface, suitable for a demo to an audience that is unfamiliar with TCG technology. It is also useful for basic TPM management. See the below link for operating system, platform, and hardware support. See the companion IBM TPM 2.0 at https://sourceforge.net/projects/ibmswtpm2/ and attestation at projects/ibmtpm2acs I welcome (1) bug reports, (2) documentation requests, (3) suggestions for ECC tests, and (4) requests for features for which you have an immediate need. See the wiki for additional support - additions to the documentation. -
23
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
-
24
Toutatis
Extract public Instagram account information from usernames
Toutatis is an open source command-line tool designed to extract publicly available information from Instagram accounts. It helps users gather various data points from a target profile by querying Instagram using a username or account ID. The tool can retrieve details such as profile metadata, follower counts, biography information, and other publicly accessible account attributes. In addition to basic profile data, Toutatis can also reveal contact details that may be publicly exposed, including email addresses and phone numbers associated with the account. The utility is implemented in Python and runs through a simple command-line interface, making it easy to integrate into OSINT workflows and automation scripts. Toutatis is commonly used in open source intelligence investigations, research tasks, and security analysis that involve collecting publicly available social media data. -
25
kcptun
A stable and secure tunnel based on KCP with N:M multiplexing and FEC
kcptun is a stable and secure tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386 and AMD64. kcptun is shipped with builtin packet encryption powered by various block encryption algorithms and works in Cipher Feedback Mode, for each packet to be sent, the encryption process will start from encrypting a nonce from the system entropy, so encryption to same plaintexts never leads to a same ciphertexts thereafter. kcptun made use of ReedSolomon-Codes to recover lost packets, which requires massive amount of computation, a low-end ARM device cannot satisfy kcptun well. To unleash the full potential of kcptun, a multi-core x86 homeserver CPU like AMD Opteron is recommended. If you insist on running under some ARM routers, you'd better turn off FEC and use salsa20 as the encryption method.
