https://github.com/cryp7ic/open_source_security_tools

A list of open source Cyber Security tools
https://github.com/cryp7ic/open_source_security_tools

blueteam cybersecurity defense tools

Last synced: 11 months ago
JSON representation

A list of open source Cyber Security tools

Host: GitHub
URL: https://github.com/cryp7ic/open_source_security_tools
Owner: heimdev
Created: 2022-12-17T18:26:35.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2022-12-17T18:28:52.000Z (over 3 years ago)
Last Synced: 2025-03-12T19:33:38.699Z (about 1 year ago)
Topics: blueteam, cybersecurity, defense, tools
Homepage:
Size: 5.86 KB
Stars: 2
Watchers: 1
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

          # A List of Open Source Cyber Security Tools

**Security monitoring, intrusion detection/prevention**

- **[Suricata](https://suricata-ids.org/features/all-features/)** – intrusion detection system

- **[Snort](https://www.snort.org/)** – intrusion detection system

- **[Zeek](https://zeek.org/)** – network security monitoring

- **[OSSEC](https://www.ossec.net/)** – host-based intrusion detection system

- **[Wazuh](https://wazuh.com/)** – a more active fork of OSSEC

- **[Velociraptor](https://www.velocidex.com/)** – endpoint visibility and response

- **[OSSIM](https://github.com/ossimlabs/ossim)** – open source SIEM, at the core of AlienVault

- **[SecurityOnion](https://securityonionsolutions.com/software/)** – security monitoring and log management

- **[Elastic SIEM](https://www.elastic.co/siem)** – SIEM functionality by Elasticsearch

- **[Mozdef](https://mozdef.readthedocs.io/en/latest/overview.html)** – SIEM-like layer ontop of

   Elasticsearch

- **[Sagan](https://github.com/quadrantsec/sagan)** – log analytics and correlation

- **[Apache Metron](https://metron.apache.org/)** – (retired) network security monitoring, evolved from Cisco OpenSOC

- **[Arkime](https://arkime.com/)** – packet capture and search tool (formerly Moloch)

- **[PRADAS](https://github.com/gamelinux/prads/)** – real-time asset detection

- **[BloodHound](https://github.com/BloodHoundAD/BloodHound)** – ActiveDirectory relationship detection

**Threat intelligence**

- **[MISP](https://www.misp-project.org/)** – threat intelligence platform

- **[SpiderFoot](https://github.com/smicallef/spiderfoot)** – threat intelligence aggregation

- **[OpenCTI](https://www.opencti.io/en/)** – threat intelligence platform

- **[OpenDXL](https://www.opendxl.com/)** – open source tools for security intelligence sharing

- **[Sigma](https://github.com/SigmaHQ/sigma)** – Generic Signature Format for SIEM Systems

**Incident response**

- **[StackStorm](https://stackstorm.com/)** – SOAR platform

- **[CimSweep](https://github.com/PowerShellMafia/CimSweep)** – Windows incident response

- **[GRR](https://github.com/google/grr)** – incident response and remote live forensics

- **[TheHive](https://github.com/TheHive-Project/TheHive)** – incident response / SOAR platform

- **[TheHive Cortex](https://github.com/TheHive-Project/Cortex)** – TheHive companion used for fast queriying

- **[Shuffle](https://github.com/frikky/shuffle)** – open source SOAR platform

- **[osquery](https://osquery.io/)** – real-time querying of endpoint data

- **[Kansa](https://github.com/davehull/Kansa)**[ – PowerShell incident response](https://github.com/davehull/Kansa)

**Vulnerability assessment**

- **[OpenVAS](https://www.openvas.org/)** – very popular vulnerability assessment

- **[ZAProxy](https://www.zaproxy.org/getting-started/)** – web vulnerability scanner by OWASP

- **[WebScarab](https://github.com/OWASP/OWASP-WebScarab/)** – (obsolete) web vulnerability scanner by OWASP

- **[w3af](https://w3af.org)** – web vulnerability scanner

- **[Loki](https://github.com/Neo23x0/Loki)** – IoC scanner

- **[CVE Search](https://www.cve-search.org/about/)** – set of tools for search in CVE data

**Firewall**

- **[pfsense](https://www.pfsense.org/)** – the most popular open source firewall

- **[OPNSense](https://opnsense.org/)** – hardened BSD-based firewall

- **[Smoothwall](https://www.smoothwall.com/)** – Linux-based Firewall

**Antivirus / endpoint protection**

- **[ClamAV](https://www.clamav.net/)** – open source antivirus angine

- **[Armadito AV](https://www.armadito.com/)** – open source AV (retired)

- **[YARA](https://virustotal.github.io/yara/)** – The pattern matching swiss knife for malware researchers

**Email security**

- **[Hermes Secure Email Gateway](https://github.com/deeztek/Hermes-Secure-Email-Gateway)** – an Ubuntu-based email gateway

- **[Proxmox](https://www.proxmox.com/en/proxmox-mail-gateway)** – email gateway

- **[MailScanner](https://www.mailscanner.info/)** – email security system

- **[SpamAssassin](https://spamassassin.apache.org/)** – anti-spam platform

- **[OrangeAssassin](https://github.com/SpamExperts/OrangeAssassin)** – drop-in replacement of SpamAssassin

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/cryp7ic/open_source_security_tools

Awesome Lists containing this project

README