Open Source Security Software - Page 3
Sort By:
Security Software
View 5810 business solutions-
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
1
malware-samples
A collection of malware samples and relevant dissection information
This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves. -
2
Masscan
Mass IP port scanner
Masscan is an Internet-scale port scanner, able to scan the entire Internet in just 6 minutes or less. It's considered the fastest port scanner and is similar to the famous port scanner nmap, and like port scanners scanrand and unicornscan it uses asynchronous transmissions. However, it is more flexible when it comes to arbitrary port and address ranges. Masscan not only detects when ports are open, it can also check banners. And while it is useful for smaller, internal networks, it's designed with the entire internet in mind. Do take note however that Masscan uses its own custom TCP/IP stack, so anything other than a simple port scan could cause conflict with the local TCP/IP stack unless certain configurations are done. -
3
Aviator Predictor
Aviator hack: seed-inspection of aviator crash predictor & aviator app
Our downloadable SHA256 analysis tool powers the Aviator predictor, Aviator predictor app, and aviator crash predictor. Available for desktop, it’s designed for research, fairness verification, and safe demo testing Demo-focused aviator predictor tools — seed-inspection helpers (SHA-512 / SHA-256), AI-assisted summaries, and demo bot templates for aviator crash predictor, Start in demo mode to test safely. Disclaimer: Provided for analytical and testing purposes only. No predictive guarantees or gameplay assurances. -
4
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
Alertmanager
Prometheus Alertmanager
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It also takes care of silencing and inhibition of alerts. Precompiled binaries for released versions are available in the download section on prometheus.io. Using the latest production release binary is the recommended way of installing Alertmanager. The current Alertmanager API is version 2. This API is fully generated via the OpenAPI project and Go Swagger with the exception of the HTTP handlers themselves. A HTML rendered version can be accessed and clients can be easily generated via any OpenAPI generator for all major languages. -
6
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification. Works seamlessly with Grype (a fast, modern vulnerability scanner). Able to create signed SBOM attestations using the in-toto specification. Convert between SBOM formats, such as CycloneDX, SPDX, and Syft's own format. -
7
-
8
mimikatz
A little tool to play with Windows security
mimikatz is a tool that makes some "experiments" with Windows security. It's well-known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. It can also perform pass-the-hash, pass-the-ticket or build Golden tickets; play with certificates or private keys, vault and more. -
9
Service Bus Explorer
Connect to a Service Bus namespace and administer messaging entities
The Service Bus Explorer allows users to connect to a Service Bus namespace and administer messaging entities in an easy manner. The tool provides advanced features like import/export functionality or the ability to test topics, queues, subscriptions, relay services, notification hubs, and events hubs. Microsoft Azure Service Bus is a reliable information delivery service. The purpose of this service is to make communication easier. When two or more parties want to exchange information, they need a communication facilitator. Service Bus is a brokered, or third-party communication mechanism. This is similar to postal service in the physical world. Postal services make it very easy to send different kinds of letters and packages with a variety of delivery guarantees, anywhere in the world. The Service Bus Explorer 2.1.0 can be used with the Service Bus for Windows Server 1.1. The Service Bus Explorer 2.1.0 uses a version of the Microsoft.ServiceBus.dll client library. -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
BlockTheSpot
Video, audio & banner adblock/skip for Spotify
BlockTheSpot is an open-source modification tool designed to block advertisements and bypass certain limitations in the Spotify desktop application for Windows. It works by patching the Spotify client and injecting custom logic that prevents audio, video, and banner ads from being displayed or played during usage. The tool focuses primarily on performance and ad suppression rather than cosmetic changes, ensuring that playback remains uninterrupted. It includes configurable options that allow users to enable or disable features dynamically, often through developer settings or configuration files. The project operates at a low level by modifying application components, which makes it effective but also susceptible to breaking when Spotify updates its software. It has gained popularity as a workaround for ad-supported tiers, though it requires manual installation and maintenance. -
11
Password Tech
Professional password generator and manager with full Unicode support
Password Tech is a powerful password generator capable of generating large amounts of cryptographically-secure passwords, pronounceable passwords, pattern-based passwords, passphrases composed of words, and scripted passwords. Passwords can be stored in encrypted databases along with user names, URLs, notes, etc. Password Tech provides lots of options to customize passwords to the users' various needs, and individual scripting with Lua gives full control over the process of password generation. Text encryption is also supported. -
12
NeoPass
Your Essential Exam Companion for the Iamneo Portal & NPTEL Exams
NeoPass is an offline, cross-platform password manager designed with simplicity and privacy in mind. It allows users to securely store and manage their credentials in an encrypted local file, with no cloud synchronization or network connectivity involved. The application is built with Python and Qt, providing a clean graphical user interface and cross-platform compatibility. It uses industry-standard AES encryption to protect user data and emphasizes complete user control without any third-party dependency or server. -
13
Cntlm is an NTLM / NTLMv2 authenticating HTTP/1.1 proxy. It caches auth'd connections for reuse, offers TCP/IP tunneling (port forwarding) thru parent proxy and much much more. It's in C, very fast and resource-efficient. Go to http://cntlm.sf.net/
-
14
OpenH264
Open Source H.264 Codec
Cisco has taken their H.264 implementation and open-sourced it under BSD license terms. Development and maintenance will be overseen by a board from the industry and the open-source community. Furthermore, we have provided a binary form suitable for inclusion in applications across a number of different operating systems and made this binary module available for download from the Internet. We will not pass on our MPEG-LA licensing costs for this module, and based on the current licensing environment, this will effectively make H.264 free for use on supported platforms. OpenH264 is a codec library which supports H.264 encoding and decoding. It is suitable for use in real-time applications such as WebRTC. Constrained Baseline Profile up to Level 5.2 (Max frame size is 36864 macro-blocks). Arbitrary resolution, not constrained to multiples of 16x16. Rate control with adaptive quantization, or constant quantization. -
15
ClamAV
Antivirus engine for detecting trojans, viruses and malware
ClamAV is an open-source antivirus engine developed by Cisco Talos that provides cross-platform malware detection for servers, desktops, and mail systems. Originally designed for Unix environments and email security, it has evolved into a flexible antimalware toolkit capable of identifying millions of viruses, worms, trojans, and other threats. The software includes a command-line scanner, an automatically updating signature database, and a scalable multi-threaded daemon that enables high-performance scanning in production environments. ClamAV is widely used in mail gateways, file servers, and security pipelines because it can inspect compressed archives, common document formats, and executable files. Its bytecode signature system allows advanced detection logic while ensuring signatures are trusted and securely distributed. -
16
Shadowsocks for Windows
A secure socks5 proxy for Windows
Shadowsocks for Windows is a free and open source, high-performance secured socks5 proxy designed to protect your internet traffic. It allows you to surf the web privately and securely, and offers a number of useful features such as HTTP proxy support, system proxy configuration, server auto switching and plugin support. Shadowsocks is incredibly fast, as it utilizes bleeding edge techniques with Asynchronous I/O and event-driven programming. It also has a flexible industry-level encryption algorithm that supports custom algorithms. Shadowsocks for Windows requires a Microsoft .NET Framework 4.7.2 or higher, as well as Microsoft Visual C++ 2015 Redistributable (x86). -
17
Poptop is an open source implementation of a PPTP server. Running under x86 or embedded Motorola ColdFire architectures Poptop provides full interoperability with the Microsoft PPTP VPN client.
-
18
GhostTrack
Useful tool to track location or mobile number
GhostTrack is an open-source OSINT utility designed to help users gather publicly available intelligence related to IP addresses, phone numbers, and online usernames through a command-line workflow. The project is implemented in Python and targets cybersecurity researchers, ethical hackers, and investigators who need a lightweight reconnaissance tool for digital footprint analysis. It provides a menu-driven interface that allows users to select different tracking modes, making the tool accessible even to those with limited scripting experience. GhostTrack can be combined with complementary tools such as Seeker to enhance IP capture workflows and improve investigative coverage. Because it focuses on aggregating open data rather than exploiting systems, the tool positions itself within the information-gathering phase of security assessments and OSINT research. -
19
thc-hydra
Shows how easy it would be to gain unauthorized access to a system
Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already several login hacker tools available, however, none does either support more than one protocol to attack or support parallelized connects. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and MacOS. However the module engine for new services is very easy so it won't take a long time until even more services are supported. Via the command line options you specify which logins to try, which passwords, if SSL should be used, how many parallel tasks to use for attacking, etc. PROTOCOL is the protocol you want to use for attacking, e.g. ftp, smtp, http-get or many others are available. -
20
Lazesoft Windows Key Finder
A free Windows and MS Office product key code finder and retriever.
Lazesoft Windows Product finder is a free Windows and Microsoft Office product key code finder and retriever. It allows you to recover your CD product key for Windows or Microsoft Office for use when you are reinstalling or repairing your Windows and Microsoft Office setups. With it, you can recover your lost key for Windows 2000, XP, 2003, Vista, 2008, 7, 8, 8.1, 10 and all versions of Microsoft Office. What's new in the Version 1.7: Retrieve Windows 10 product key Retrieve Microsoft Office 2016 key Fixed bugs of decoding Microsoft Office 2013 key Supported Windows Versions: Windows 2000 SP4 Windows XP Windows Vista Windows 7 Windows 8 Windows 8.1 Windows 10 Windows Server 2003 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Supported Microsoft Office Versions: Microsoft Office 2000, 2003, 2007, 2010, 2013, 2016 -
21
OSINT Framework
OSINT Framework
OSINT-Framework is a web-based intelligence resource map designed to help investigators and researchers quickly locate free open-source intelligence tools and data sources. Rather than functioning as an automated scanner, it organizes hundreds of OSINT resources into a structured, navigable interface grouped by investigation type, such as usernames, email addresses, domains, and social media. The project was originally created from an information security perspective but has since expanded to support journalists, analysts, and digital investigators across many disciplines. Its value lies in curation and discoverability, allowing users to pivot rapidly between relevant intelligence tools during investigations. The framework includes indicators showing whether a resource requires registration, manual editing, or local installation, improving workflow planning. -
22
fsociety
Modular CLI framework for managing penetration testing tools
fsociety is a modular penetration testing framework designed to provide a unified interface for running and managing a wide range of security tools. It focuses on simplifying penetration testing workflows by integrating multiple external security utilities into a single command line environment. Instead of implementing its own security scanners, the framework acts as a wrapper and orchestrator that helps users discover, install, and execute tools from various GitHub repositories. Its modular architecture organizes tools into categories such as information gathering, networking, web application security, and password testing. This structure allows users to quickly navigate through different security tasks while maintaining a consistent interface. fsociety can automatically clone and manage required tools, reducing the manual effort typically needed to set up a penetration testing toolkit. fsociety is distributed as a Python package. -
23
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
An open-source Kubernetes security platform for your clusters, CI/CD pipelines, and IDE that seperates out the security signal from the scanner noise. Kubescape is an open-source Kubernetes security platform, built for use in your day-to-day workflow, by fitting into your clusters, CI/CD pipelines and IDE. It serves as a one-stop-shop for Kubernetes security and includes vulnerability and misconfiguration scanning. You can run scans via the CLI, or add the Kubescape Helm chart, which gives an in-depth view of what is going on in the cluster. Kubescape includes misconfiguration and vulnerability scanning as well as risk analysis and security compliance indicators. All results are presented in context and users get many cues on what to do based on scan results. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. -
24
Maigret
Collect a dossier on a person by username from thousands of sites
Maigret is an open-source OSINT tool designed to collect a dossier on a person by username from thousands of sites. It automates the process of checking for a user's presence across various platforms, aiding in digital investigations. -
25
WebAutoType
Adds support to KeePass AutoType for URL matching
This is a plugin to KeePass <http://www.KeePass.info> to allow the AutoType functionality to work with browser URLs as well as window titles. If integration with KeePass Check for Updates is required, install http://sourceforge.net/projects/kpsfupdatechecker
