Open Source Linux Cybersecurity Tools
Sort By:
Cybersecurity Tools for Linux
View 91 business solutionsBrowse free open source Cybersecurity tools and projects for Linux below. Use the toggles on the left to filter open source Cybersecurity tools by OS, license, language, programming language, and project status.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Web-Based Debt Collection SoftwareInterProse ACE is a modern, web-based debt recovery software solution built for collection agencies who specialize in consumer or commercial debt, including property management, healthcare, education, and government accounts.
-
1
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
2
Greenplum Database
Massive parallel data platform for analytics, machine learning and AI
Rapidly create and deploy models for complex applications in cybersecurity, predictive maintenance, risk management, fraud detection, and many other areas. With its unique cost-based query optimizer designed for large-scale data workloads, Greenplum scales interactive and batch-mode analytics to large datasets in the petabytes without degrading query performance and throughput. Based on PostgreSQL, Greenplum provides you with more control over the software you deploy, reducing vendor lock-in, and allowing open influence on product direction. Greenplum reduces data silos by providing you with a single, scale-out environment for converging analytic and operational workloads, like streaming ingestion. All major Greenplum contributions are part of the Greenplum Database project and share the same database core, including the MPP architecture, analytical interfaces, and security capabilities. -
3
cyborghawk v1.1
Latest-v1.1 of The World's most advanced pen testing distribution ever
updated version of The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
4
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application. -
Omnilert | Visual Passive Security SystemsTransform your passive security systems into early warning and active prevention systems with Omnilert's visual artificial intelligence. Omnilert Gun Detect not only helps save lives but also reduces the operational, legal, and social impacts of gun violence.
-
5
BerserkArch
A bleeding-edge, security-centric Arch-based Linux distribution.
BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). As an Arch-based distribution, it benefits from the rolling release model, providing users with the latest software versions and kernel updates. BerserkArch is a dist "designed to make you powerful" for specific use cases like reverse-engineering binaries and automating exploits, rather than being an easy-to-use distribution for general beginners. -
6
HydraPWK GNU/Linux
HydraPWK GNU/Linux Official SourceForge Pages.
-
7
pyWhat
Identify emails, IP addresses, and more
pyWhat is a Python-based identification tool designed to figure out “what” a piece of text or file content represents, especially in security and OSINT workflows. Given inputs such as hex strings, URLs, email addresses, IP addresses, credit card numbers, cryptocurrency wallets, or entire .pcap capture files, it scans for structured patterns and tells you what it finds. The tool is recursive: it can traverse files and directories to extract meaningful entities, which is useful when analyzing malware samples, network captures, or code repositories at scale. It offers powerful filters called “tags” and distributions that let you narrow results to specific categories like bug bounties, cryptocurrencies, or AWS-related artifacts. For automation and integration, pyWhat provides a CLI with options for rarity filtering, sorting, and JSON export, as well as an API that can be imported into other Python programs. -
8
Watcher
Open Source Cybersecurity Threat Hunting Platform
Watcher is a file integrity monitoring tool that detects unauthorized changes to files, helping organizations maintain compliance and security. -
9
Java Vulnerable Lab - Pentesting Lab
a deliberately vulnerable Web application
This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download Credentials for the VM: ------------------------ Username: root Password: cspf Stand-alone file: (Run the Jar file directly) -------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download -
ScriptSure Cloud E-PrescribingScriptSure Cloud ERX allows users to electronically send prescriptions to all retail and mail order pharmacies attached to the Surescripts electronic network.
-
10
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6. Security-ninjas 7. WordPress We are adding more labs in few days
-
11
MalbianLinux
GNU/Linux Distribution for Malware Analysis and Reverse Engineering.
Malbian is a Light-weight Debian Based GNU/Linux Distribution for Malware Analysis and Reverse Engineering designed to aid the user in both Static and Dynamic analysis of malware samples. 100% Free to use and distribute. About: https://github.com/MalbianLinux Installation Guide in: https://github.com/MalbianLinux/Malbian-ISOs/ -
12
cyborg hawk v 1.0
The World's most advanced penetration testing distribution ever
The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment. -
13
openWrt-snort
Image of OpenWrt OS, with snort community featured in.
Image of OpenWrt OS, with snort community featured in, for Raspberry Pi 4/ 4B+ and 400, basically for Processor BCM2711. Installed Snort Community Model to Intrusion Detection system. Prevention system not installed. eth0 used as output/ LAN socket, to run internet and access router. eth1, which can be USB -> Ethernet port, is used as WAN port, to connect Pi board to Internet IP. to flash img file, you can restore in SD card, or use Balena Etcher to flash. or you can use DD commend of UNIX. **USERNAME** - root **PASSWORD** - bing.google12 -
14
BTS Pentesting Lab
BTS Pentesting Lab - a deliberately vulnerable Web application
BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities. Currently, the app contains the following types of vulnerabilities: *SQL Injection *XSS(includes Flash Based xss) *CSRF *Clickjacking *SSRF *File Inclusion * Code Execution *Insecure Direct Object Reference *Unrestricted File Upload vulnerability *Open URL Redirection *Server Side Includes(SSI) Injection and more... Java version of this application can be found here: https://sourceforge.net/p/javavulnerablelab/ -
15
KFishMonger O anonimato em primeiro lugar Build Status Enquanto a sociedade evolui, a liberdade se apaga, KFishMonger é uma solução para um cenário perverso, permite. Automação em montagem de ambientes anônimos Um projeto para se discutir e evoluir o anonimato ✨MNONIMATO✨ Recursos Automação em inicialização de VPN Montagem automática de serviços TOR Configuração de DNSCrypt Layout moderno para monitorar o ambiente De fácil customização PARA INSTALAR veja essa playlist: https://www.youtube.com/playlist?list=PLzoythjsH3QPj762VSc8SHlk25Zfw0bQk
-
16
tirreno
Open Security Analytics
tirreno is open security analytics. tirreno [tir.ˈrɛ.no] helps understand, monitor, and protect your applications from cyber threats, account takeovers, bots, and abuse. While classic cybersecurity focuses on infrastructure and network perimeter, most breaches occur through compromised accounts and application logic abuse that bypasses firewalls, SIEM, WAFs, and other defenses. tirreno detects threats where they actually happen: inside your product. It adds a security layer to internal or external applications to identify malicious activity by analyzing user behavior, account activity, field changes history, and business logic abuse that infrastructure tools are unable to detect. -
17
BunkerWeb
Next-generation and open-source Web Application Firewall (WAF).
Being a full-featured web server (based on NGINX under the hood), it will protect your web services to make them "secure by default". BunkerWeb integrates seamlessly into your existing environments (Linux, Docker, Swarm, Kubernetes, …) and is fully configurable (don't panic, there is an awesome web UI if you don't like the CLI) to meet your own use-cases . In other words, cybersecurity is no more a hassle. -
18
Ethical Hacking - Pokhara
Educating Nepalese on about Cyber Security & Ethical Hacking.
This project is basically based on giving free/paid workshop/training/seminar on "Cyber Security & Ethical Hacking", to the people/students of Nepal. Being Nepali, I always thought of helping people of Nepal in New and Rising Topic of World. Now, that topic is "Cyber Security & Ethical Hacking". My involvement in this Project can be found in detail in my own website here : http://www.bijayacharya.com/about-me/bj-as-hacker/ -
19
S2OPC - Safe & Secure OPC UA
An Open Source Safe & Secure OPC UA stack
Open-source Safe and Secure OPC UA Toolkit designed with embedded devices in mind (see https://www.s2opc.com). Its demo server is certified by the OPC Foundation and CSPN(-BSZ). -
20
maskphish
MaskPhish: First ever URL masking tool for Phishing
MaskPhish can hide any URL to another URL. We can make https://ngrok.io/4GTJ78C [Example Link] to https://google.com/live-football@is.gd/6hts4 [Example Link] For more Cybersecurity information visit https://www.kalilinux.in -
21
AsyncPortScanner
Cross-platform asynchronous port scanner written in Nim.
Fast cross-platform asynchronous port scanner written in Nim. -
22
Bootleg-Password-Vault
A password vault with client-side encryption and nice-looking UI
A password vault with client-side encryption and nice-looking UI built with React. The app is hosted at https://northstrix.github.io/Bootleg-Password-Vault/ The source code can also be found at: https://github.com/Northstrix/Bootleg-Password-Vault https://codeberg.org/Northstrix/Bootleg-Password-Vault The related article is available at: https://medium.com/@Northstrix/adbd8dad0442 -
23
BypassHash
This tool downloads an executable and bypasses hash-based virus checks
This tool downloads an executable, ELF (Linux) and PE (Windows), modify metadata to bypasses hash-based virus checks and protect against identification with metadata (like rich headers, timestamps, ...). -
24
Falcon_ArchLinux
Falcon ArchLinux pruple team tools cyber security
uses repo BlackArchlinux and ArchLinux -
25
ODS3 Virtual Machine Challenge
Virtual Machine Image To Test Penetration Skills
The ODS3 Virtual Machine Challenge are downloadable images that can be run as VMWare or VirtualBox instances. The Idea behind the challenge is to test and exercise web application penetration testing in a controlled environment. These images are great for cyber security students, penetration testers and hobbyist. Care should be taken if installed on an Internet access host as the application are purposely vulnerable to attack and exploitation.
