Open Source ChromeOS Security Software - Page 2
Sort By:
Security Software for ChromeOS
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
1
emp3r0r
Linux/Windows post-exploitation framework made by linux user
A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it. -
2
holehe
Check if the mail is used on different sites
holehe is a Python-based OSINT utility designed to determine whether a specific email address is registered across a wide range of online services. The tool works by leveraging password-reset mechanisms and other public account-existence checks to infer whether an email is associated with accounts on major platforms. It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate quickly and quietly, emphasizing efficiency and minimal footprint during enumeration tasks. The project can be used both as a standalone command-line tool and as a library embedded into larger automation pipelines. Overall, holehe provides investigators with a focused and scalable method for mapping an email’s online presence. -
3
subfinder
Fast passive subdomain enumeration tool
Subfinder is a high-performance passive subdomain discovery tool built for fast and reliable asset enumeration. It focuses exclusively on collecting valid subdomains from a wide range of passive online sources, prioritizing accuracy and speed over intrusive scanning techniques. The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results. Its modular architecture allows users to enable dozens of data providers through API keys, expanding coverage as needed. Subfinder integrates easily into automation pipelines and CI workflows thanks to its clean command-line design and structured output formats. The tool is intentionally specialized, doing one job extremely well rather than attempting to be an all-in-one scanner. In practice, Subfinder serves as a foundational building block for modern reconnaissance stacks. -
4
uBlock
uBlock: a fast, lightweight, and lean blocker for Chrome, Firefox
uBlock: a fast, lightweight, and lean blocker for Chrome, Firefox, and Safari. Available on the Chrome Web Store or for manual installation. Available to install from the homepage. Available for install from the homepage or from the App Store. Available on the Firefox Add-ons site, or for manual installation. Opera shares Chrome's underlying engine, so you can install uBlock simply by grabbing the latest release for Chrome.To benefit from uBlock's higher efficiency, it's advised that you don't use other blockers at the same time (such as AdBlock or Adblock Plus). uBlock will do as well or better than most popular ad blockers. It's important to note that blocking ads is not theft. Don't fall for this creepy idea. The ultimate logical consequence of blocking = theft is the criminalisation of the inalienable right to privacy. -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.
-
6
WhatsApp Beacon
OSINT tool for tracking WhatsApp online status via Web automation
WhatsApp Beacon is an open source OSINT tool designed to monitor and analyze the online activity status of WhatsApp users through WhatsApp Web. It uses Selenium automation to interact with the web interface and detect when a target account goes online or offline. By continuously monitoring these changes, WhatsApp Beacon records connectivity patterns and builds a historical dataset of activity sessions. The collected information is stored in logs and a local database, allowing users to review behavioral patterns over time. In addition, the project supports exporting collected data to spreadsheet formats for further analysis or reporting. WhatsApp Beacon is designed to run across multiple operating systems and can operate in the background using headless browser automation. It is intended for educational and research purposes related to open-source intelligence (OSINT) and digital investigation. -
7
Antivirus Live CD
4MLinux fork including ClamAV scanner
Antivirus Live CD is an official 4MLinux fork including the ClamAV scanner. It's designed for users who need a lightweight live CD, which will help them to protect their computers against viruses. Ethernet, WiFi, PPP and PPPoE are supported by Antivirus Live CD to enable automatic updates of its virus signature databases. All partitions are mounted during the boot process so that they can be scanned by ClamAV. The Antivirus Live CD ISO images are fully compatible with UNetbootin, which can be used to create an easy-to-use Antivirus Live USB. -
8
Blackbird
OSINT tool for finding accounts across 600+ sites by username or email
Blackbird is an open source OSINT tool designed to search for user accounts across social networks and online platforms using a username or email address. The project focuses on helping investigators, researchers, and security professionals quickly discover where a specific identity appears on the internet. It performs reverse searches across more than 600 websites by leveraging data from the community-driven WhatsMyName project, which improves detection accuracy and reduces false positives. The tool operates primarily through a command line interface, allowing users to run automated searches and gather results from many platforms in a single process. Blackbird also includes an optional AI-powered profiling feature that analyzes discovered sites to generate behavioral and technical insights about a user’s online presence. Results from searches can be exported in formats such as PDF, CSV, or JSON for documentation or reporting purposes. -
9
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
Flowsint is an open source OSINT investigation platform designed to help analysts explore and understand relationships between digital entities through a visual graph interface. The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns, associations, and investigative leads that might be difficult to detect through traditional data analysis methods. The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities. -
Earn up to 16% annual interest with Nexo.Generate interest, access liquidity without selling, and execute trades seamlessly. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
10
mendelson AS2
Implementation of the EDIINT AS2 protocol (RFC 4130)
mendelson AS2 is the JAVA-based open source EDIINT AS2 solution. Monitoring- and configuration GUI, async & sync MDN, signatures, encryption, TLS, web interface, pluggable into any servlet container, partner manager, certificate manager, data compression, optional profiles: MA, FN. Localized to Spanish, Italian, Portuguese, German, English, French, Polish -
11
GoSearch
OSINT tool to find usernames and digital footprints across 300+ sites
GoSearch is an open source OSINT tool designed to investigate a person's digital footprint by searching for usernames across hundreds of websites. The tool scans more than 300 platforms to determine whether a specific username exists on social networks and other online services. Built with the Go programming language, it aims to provide faster performance compared to similar tools written in other languages. GoSearch was inspired by the well-known Sherlock username search tool, but it attempts to address several of its limitations such as slow execution, outdated sources, and inaccurate results. The tool reduces false positives and false negatives by clearly marking uncertain matches, allowing users to quickly identify reliable results. In addition to username searches, GoSearch can check various breach intelligence databases for compromised credentials linked to a username. If password hashes are found in breach data, the tool can attempt to crack them using the Weakpass database. -
12
Msieve is a C library implementing a suite of algorithms to factor large integers. It contains an implementation of the SIQS and GNFS algorithms; the latter has helped complete some of the largest public factorizations known
-
13
ClatScope
OSINT reconnaissance tool for IP, domain, email, and username lookups
ClatScope is a Python-based OSINT (open source intelligence) utility designed to gather and analyze publicly available information from multiple online sources. It is primarily aimed at investigators, cybersecurity professionals, penetration testers, and researchers who need a centralized platform for reconnaissance tasks. It integrates with numerous public APIs and internet services to retrieve detailed data about IP addresses, domains, email addresses, phone numbers, usernames, and other digital identifiers. By combining these sources, ClatScope automates the process of collecting intelligence that would normally require multiple separate tools or manual searches. It operates through a menu-driven command line interface that allows users to choose from many reconnaissance functions and receive formatted results directly in the terminal. ClatScope supports dozens of OSINT operations, including domain analysis, breach checks, and account discovery. -
14
Telegram-OSINT
https://github.com/The-Osint-Toolbox/Telegram-OSINT
Telegram-OSINT is an extensive open source repository that compiles tools, techniques, and resources for conducting open source intelligence investigations on the Telegram platform. It serves as a central reference for analysts, researchers, and investigators who want to discover, analyze, and collect publicly available information from Telegram channels, groups, and bots. It organizes a wide variety of utilities that interact with Telegram’s API to gather data such as channel details, posts, and metadata, often exporting the results in formats like JSON for further analysis. The repository also includes utilities that help search for Telegram channels or process lists of channels from input files, making large-scale investigations easier to manage. In addition to direct data collection tools, it provides resources for channel discovery, similar channel analysis, and browser-based interfaces for interacting with Telegram data. -
15
Instaloader
Download pictures (or videos) along with their captions
Instaloader is a mature open-source utility for downloading and archiving Instagram content along with rich metadata. It enables users to retrieve posts, stories, reels, highlights, profile pictures, and associated information such as captions, comments, timestamps, and geotags. The tool supports both public and permitted private content when proper authentication is provided, making it useful for research, digital archiving, and social media analysis. Instaloader can be run as a simple command-line tool or used programmatically through its Python module, offering flexibility for automation workflows. It includes smart update mechanisms that resume interrupted downloads and fetch only new media to maintain efficient archives. The project is widely adopted by investigators and analysts who need structured Instagram data collection. In essence, Instaloader provides a robust and highly configurable pipeline for Instagram content retrieval. -
16
IntelOwl
Centralized platform for automated threat intelligence analysis
IntelOwl is an open source platform designed to manage and enrich threat intelligence data at scale. It provides a centralized environment where security analysts can gather information about suspicious files and observables such as IP addresses, domains, URLs, or hashes using a single API request. The platform integrates numerous online intelligence sources and advanced malware analysis tools, enabling users to obtain comprehensive threat intelligence without manually querying multiple services. IntelOwl was created to automate repetitive investigation tasks typically performed by security operations center (SOC) analysts, helping teams focus on deeper analysis and incident response. The system features a modular architecture built around plugins that allow new analyzers, connectors, and integrations to be added easily. These plugins can collect data from external intelligence platforms or generate insights using internal analysis tools such as YARA or static malware analyzers. -
17
kpcli
KeePass Command Line Interface
KeePass Command Line Interface (CLI) / interactive shell. Use kpcli to access and manage your KeePass databases from a Unix-like command line. It supports all version 1.x (*.kdb) and 2.x (*.kdbx) prior to the KDBX 4.0 update. -
18
Merlin HTTP/2
Merlin is a cross-platform post-exploitation HTTP/2 Command
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project. -
19
geowifi
OSINT tool for locating WiFi networks using BSSID or SSID data
geowifi is an open source OSINT tool designed to search and retrieve geolocation information about WiFi networks using their BSSID or SSID identifiers. It queries several public WiFi geolocation databases and aggregates the results to help identify the approximate location of a wireless access point. By combining multiple data sources such as Wigle, Apple, Google, WifiDB, Mylnikov, and Combain, the tool can provide location data that may include coordinates and additional network metadata. Users can run searches through a command-line interface by specifying either the BSSID (MAC address) or the SSID of a network. The results can be displayed in different formats, including a structured JSON output or an interactive HTML map showing the discovered locations. geowifi also supports API-based integrations with certain services, which allows geowifi to retrieve more accurate or detailed geolocation data when valid API credentials are configured. -
20
SpiderFoot
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you. -
21
OpenAS2
AS2 1.1 server implementation in Java
OpenAS2 is a java-based implementation of the EDIINT AS2 standard. It is intended to be used as a server. It is extremely configurable and supports a wide variety of signing and encryption algorithms. Supports very high traffic volume allowing parallel processing of files per partner. SUPPORT: Please use the Github issues and Discussions channels here: https://github.com/OpenAS2/OpenAs2App/ Requirements: - Java 11 or newer (tested with the LTS versions of Java up to 21) - Any OS that runs Java Planned enhancements in the next major release: - User interace configuration GUI - Certificate Exchange Management IMPORTANT: Java 8 is no longer supported. -
22
ASNmap
CLI tool for mapping organization network ranges using ASN data
asnmap is a command line tool and Go library designed to quickly map network ranges belonging to organizations using Autonomous System Number (ASN) data. It allows users to convert different types of inputs (such as ASN numbers, IP addresses, domain names, or organization names) into their associated CIDR ranges. This capability makes it particularly useful for security researchers, penetration testers, and reconnaissance workflows that require identifying network infrastructure owned by a target organization. asnmap retrieves ASN-related data and returns structured results that can be easily integrated into automated pipelines. Output can be generated in multiple formats including plain text, JSON, and CSV, enabling flexible data processing and analysis. asnmap also supports reading input from standard input and piping its results directly into other command line tools for chained workflows. -
23
Berglas
A tool for managing secrets on Google Cloud
Berglas is a command-line tool and Go library for managing secrets on Google Cloud in a way that reduces the manual work typically involved in secret handling. It is built to store and retrieve secrets securely by encrypting them with Cloud KMS and storing them in Cloud Storage, while also providing an interoperable layer for Secret Manager. The project serves two related purposes: as a CLI, it automates secret encryption, decryption, and storage workflows, and as a library, it helps inject secrets into supported Google Cloud runtimes. This makes it useful for teams that want a more programmable and cloud-native approach to secret distribution without hardcoding sensitive values into applications or deployment pipelines. Because it is written in Go and distributed in multiple ways, including binaries, Docker, Homebrew, and source installation, it fits a variety of developer environments and operational setups. -
24
RedAmon
AI-powered framework for automated penetration testing and red teaming
RedAmon is an AI-powered red team framework designed to automate offensive cybersecurity operations from reconnaissance to exploitation and post-exploitation. It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process. -
25
DNSGen
Intelligent DNS permutation tool for subdomain discovery
DNSGen is an open source DNS name permutation tool designed primarily for security researchers and penetration testers who need to discover potential subdomains during reconnaissance and attack surface mapping. It analyzes existing domain names and generates numerous intelligent variations that may represent valid subdomains within an organization’s infrastructure. These generated permutations help identify hidden or unlisted services that may not appear in standard DNS queries or public records. DNSGen applies multiple permutation techniques to create realistic domain combinations based on modern infrastructure naming patterns, including cloud environments, DevOps tools, and microservice architectures. It can also extract meaningful keywords from existing domain names and incorporate them into newly generated permutations. The resulting domain list can be further processed by DNS resolution tools such as MassDNS to determine which generated domains actually exist.
