The adaptability of open source software ensures its durability, relevance, and compatibility with new technologies.
As we started digging deeper into the open source cybersecurity ecosystem, we discovered a community of developers working hard to find practical solutions to many problems. One thing he did was save time.
Here are 20 essential open source cybersecurity tools that are free and waiting to be added to your arsenal.
Adaransh
Adalanche provides instant insight into the permissions of users and groups in Active Directory. It is an effective open source tool for visualizing and investigating potential takeovers of accounts, machines, or domains. Additionally, it helps identify and view misconfigurations.
AuthLogParser
AuthLogParser is an open-source digital forensics and incident response tool specifically created to analyze Linux authentication logs (auth.log). This tool inspects the auth.log file and extracts important details such as SSH logins, user creation, event names, and IP addresses.
bob the smuggler
BobTheSmuggler is an open source tool designed to easily compress, encrypt, and securely transport payloads. Basically, it allows you to hide your payload in plain sight. BobTheSmuggler helps you evaluate phishing campaigns, data breach exercises, and potential breach scenarios.
cloud grappler
CloudGrappler is an open source tool designed to help security teams identify threat actors within AWS and Azure environments. Provides enhanced detection capabilities based on the latest cloud threat attacker tactics, techniques, and procedures (TTPs) like LUCR-3 (Scattered Spider).
CVEM map
CVEMap is an open-source command-line interface (CLI) tool that lets you explore Common Vulnerabilities and Exposures (CVEs). Designed to provide a streamlined and user-friendly interface for navigating the vulnerability database.
CVE prioritization
CVE Prioritizer is an open source tool designed to help prioritize vulnerability patching. It integrates data from his KEV catalog from CVSS, EPSS, and CISA to provide insight into the potential for exploitation and potential impact of vulnerabilities on the system.
Drive FS Sleuth
DriveFS Sleuth automates the investigation of disk artifacts in Google Drive File Stream. This tool can parse disk artifacts and build a file system tree-like structure that enumerates synchronized files and their respective properties.
Ember
EMBA Open Source Security Analyzer is tailored as a central firmware analysis tool for penetration testers and product security groups. It assists with the entire security assessment procedure, including extracting firmware, performing static and dynamic analysis through emulation, and creating web-based reports.
sect
Faction is an open source solution that enables collaborative penetration testing report generation and evaluation. It is designed to be flexible and scalable, and to fit seamlessly into any environment. Internal teams find it easier to build and support small modules rather than large code bases.
Linis
Lynis is a comprehensive open source security auditing tool for UNIX-based systems such as Linux, macOS, and BSD. Its main purpose is to evaluate security measures and recommend system hardening. The tool also checks general system details, identifies vulnerable software packages, and detects potential configuration issues.
Mobile Security Framework (MobSF)
MobSF is an open source research platform for mobile application security, including Android, iOS, and Windows Mobile. MobSF can be used for mobile app security assessment, penetration testing, malware analysis, and privacy assessment.
prowler
Prowler is an open source security tool designed to assess, audit, and harden the security of AWS, GCP, and Azure. It also includes capabilities for incident response, continuous monitoring, hardening, and forensic preparation.
quick map
Quicmap is a fast open source QUIC service scanner that streamlines the process by eliminating multiple tool requirements. This effectively identifies QUIC services, protocol versions, and supported ALPNs.
RiskInDroid
RiskInDroid (Risk Index for Android) is an open source tool for quantitative risk analysis of Android applications based on machine learning techniques. Reverse engineer the app to obtain the bytecode, infer which permissions are used (through static analysis), and extract a set of four permissions for each app analyzed .
Sicat
SiCat is an open source exploit research tool designed to obtain and compile information about exploits from open channels and internal databases. Its main purpose is to aid cybersecurity and allow users to search the Internet for potential vulnerabilities and their corresponding exploits.
soap hound
SOAPHound is an open source data collection tool that allows you to enumerate your Active Directory environment through the Active Directory Web Services (ADWS) protocol. SOAPHound is an alternative to various open source security tools commonly used to extract data from Active Directory via the LDAP protocol. Achieve the same data extraction without connecting directly to an LDAP server.
subdominator
Subdominator is a reliable and fast open-source command line interface tool for identifying subdomain takeovers. It boasts superior accuracy and reliability compared to other tools.
truffle hog
TruffleHog is an open-source scanner that identifies and takes action on exposed secrets across the technology stack. TruffleHog not only scans regular files, but also decodes dozens of encodings and scans for secrets, including base64, zip files, docx files, and more.
web check
Web Check provides in-depth open source intelligence to help users understand a website's infrastructure and security posture, giving them the knowledge to understand, optimize, and secure their online presence. Masu.
webcopilot
WebCopilot is an open-source automation tool that enumerates target subdomains and finds bugs using a variety of free tools. This simplifies application security workflows and reduces reliance on manual scripts.
Must read: 15 open source cybersecurity tools I wish I knew about sooner