Monday, November 16, 2020

Open source security tools list

Here at Penetrum we are strong believers in the opensource community. We think knowledge should be free and everyone should have the best tools to do the job at their fingertips.

That's why we decided to come up with a list of tools to help with security implementations, auditing, penetration testing, server management, and much more. Enjoy!

Project Management:

- Trello https://trello.com/en-US
- MeisterTask https://www.meistertask.com/
- Wrike https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjk6tr6tpvjAhUE4MgKHbv2BR0YABAAGgJxdQ&ohost=www.google.com&cid=CAESEeD20Zpi5P6sIDYSwTN0R6sH&sig=AOD64_3sIr0fiuILpk9tST2kZvVEHO3JnA&q=&ved=2ahUKEwiC_NL6tpvjAhVlu1kKHQsgBtoQ0Qx6BAgOEAE&adurl=
- Bitrix24 https://www.bitrix24.com/
- Teamwork Projects https://www.teamwork.com/project-management-software/
- Todoist https://todoist.com/?lang=en
- Zenkit https://zenkit.com/en/
- Wekan https://wekan.github.io

Asset Management/Supply Chain Management:

- Snipe-IT https://github.com/snipe/snipe-it
- Ralph https://github.com/allegro/ralph
- Open Boxes https://github.com/openboxes/openboxes
- Spiceworks https://www.spiceworks.com

Vulnerability Management:

- Faraday https://github.com/infobyte/faraday
- Archery Sec https://github.com/archerysec/archerysec
- Jackhammer https://github.com/olacabs/jackhammer
- Watchdog https://github.com/flipkart-incubator/watchdog
- OpenVAS https://sectools.org/tool/openvas/

Containter Related Scanning:

- Trivy https://github.com/knqyf263/trivy

Docker UI:

- Cockpit Docker https://cockpit-project.org/guide/133/feature-docker.html
- lazydocker https://github.com/jesseduffield/lazydocker/blob/master/README.md

Configuration Management:

- MGMT https://github.com/purpleidea/mgmt 
- Chef https://downloads.chef.io/
- Puppet https://puppet.com/download-open-source-puppet
- CFengine https://cfengine.com/product/free-download/
- Juju https://github.com/juju/juju
- Rudder https://www.rudder.io/en/
- Ansible https://www.ansible.com/
- Terraform https://www.terraform.io/downloads.html
- Vagrant https://www.vagrantup.com/downloads
- Bcfg2 http://bcfg2.org/download/
- Saltstack https://www.saltstack.com
- Cockpit https://cockpit-project.org/

SIEM:

- OSSEC https://www.ossec.net/
- WAZUH  https://wazuh.com/
- ZEEK  https://www.zeek.org/
- EventLog360 https://www.manageengine.com/log-management/download.html
- Alient Vault - OSSIM https://www.alienvault.com/products/ossim

VPN:

- OpenVPN https://openvpn.net/
        - Check out https://www.vpnbook.com/
- Libreswan VPN https://libreswan.org/
- strongSwan https://www.strongswan.org/
- OpenConnect http://www.infradead.org/openconnect/ 
- Social VPN http://ipop-project.org/
- SoftEther VPN https://www.softether.org/
- Tinc VPN http://www.tinc-vpn.org/

End Point:

- Redline https://www.fireeye.com/services/freeware/redline.html

Linux & Windows System Hardener:

- Lynis https://github.com/CISOfy/lynis
- Microsoft Attack Surface Analyzer https://github.com/microsoft/AttackSurfaceAnalyzer
- Microsoft Baseline Security Analyzer https://www.microsoft.com/en-us/download/details.aspx?id=19892
- Bastille https://github.com/BastilleBSD/bastille
- JShielder https://github.com/Jsitech/JShielder
- nixarmor https://github.com/emirozer/nixarmor
- Zeus (AWS) https://github.com/DenizParlak/Zeus
- Docker-bench (Docker) https://github.com/docker/docker-bench-security

Linux Login Protection:

- Fail2Ban  https://www.fail2ban.org/
- DenyHosts https://github.com/denyhosts/denyhosts
- SSHGuard https://www.sshguard.net/

IP Blacklists and Domains:

- Ultimate.Hosts.Blacklist https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist
- IPSet Firehol https://github.com/firehol/blocklist-ipsets
- Project Honeypot https://www.projecthoneypot.org/list_of_ips.php
- CryptoLocker https://data.netlab.360.com/feeds/dga/cryptolocker.txt
- BadIPs https://www.badips.com/get/list/any/2?age=7d

Proxies:

- Squid Proxy http://www.squid-cache.org/
- HAProxy http://www.haproxy.org/
- Swiper Proxy https://swiperproxy.github.io/
- DNSCrypt Proxy  https://github.com/jedisct1/dnscrypt-proxy
- NGinx https://www.nginx.com
- ThrottleProxy https://github.com/mistakster/throttle-proxy

Socks Server:

- Shadowsocks https://shadowsocks.org/
- Dante https://github.com/notpeter/dante
- microsocks https://github.com/rofl0r/microsocks

HTTP Tunnel:

- Tinyproxy https://tinyproxy.github.io/
- mitmproxy https://mitmproxy.org/ < -- HTTPS 
- OpenProxy https://openproxy.space/
- Privoxy https://www.privoxy.org/

FTP Proxy:

- ftp.proxy http://www.ftpproxy.org/

DNS Proxy:

- dnsmasq  http://www.thekelleys.org.uk/dnsmasq/

Server/Network Monitoring:

- Netdata https://github.com/netdata/netdata
- Ganglia http://ganglia.info/
- Spiceworks https://www.capterra.com/p/79191/Spiceworks-IT-Desktop/
- Free Database Performance Analyzer https://www.solarwinds.com/free-tools/database-performance-analyzer-free?CMP=ORG-BLG-DNS
- WMI Monitor https://www.solarwinds.com/free-tools/wmi-monitor?CMP=ORG-BLG-DNS
- Wireshark https://www.wireshark.org
- TCPDump 
- NetMonitor https://www.microsoft.com/en-US/download/details.aspx?id=4865 
- NetMiner - http://www.netminer.com/main/main-read.do
- NetMon - https://www.nagios.org/downloads/
- Wireless Network Watcher https://www.nirsoft.net/utils/wireless_network_watcher.html
- AdapterWatch https://www.nirsoft.net/utils/awatch.html
- DNSDataView https://www.nirsoft.net/utils/dns_records_viewer.html
- MyLastSearch  https://www.nirsoft.net/utils/my_last_search.html
- SniffPass https://www.nirsoft.net/utils/password_sniffer.html

Network Intrusion Detection System (NIDS):

- Bro Logs https://www.bro.org/
- Snort https://github.com/snort3/snort3
        - Pulled Pork https://github.com/shirkdog/pulledpork
- SSHGaurd https://github.com/atenart/sshguard
- Suricata https://suricata-ids.org

Host Intrustion Detection System (HIDS):

- Tripwire https://github.com/Tripwire
- Stealth https://github.com/fbb-git/stealth
- Ossec https://www.ossec.net
- Samhain - https://la-samhna.de/samhain/s_download.html

Monitoring and Logging:

- justniffer https://github.com/onotelli/justniffer
- httpry https://github.com/jbittel/httpry
- ngrep https://github.com/jpr5/ngrep
- passivedns https://github.com/gamelinux/passivedns
- sgan https://github.com/agrimgupta92/sgan
- regshot https://sourceforge.net/projects/regshot/
- greylog https://www.graylog.org/ 
- Logstash https://www.elastic.co/products/logstash
- Flume  https://flume.apache.org/
- LOGalyze http://www.logalyze.com/
- Syslog-ng https://www.syslog-ng.com/products/open-source-log-management/
- Greylog2
- Logstash
- Lumberjack - https://sourceforge.net/projects/lumberjack/
- RabbitMQ - https://www.rabbitmq.com/management-cli.html
- ZeroMQ - http://zeromq.org

Anti-USB:

- USB Write Blocker https://legility.com/

INCIDENT RESPONSE:

Disk Image Creation Tools:

- AccessData FTK Imager https://github.com/MrMugiwara/FTK-imager-OSX
- Bitscout https://github.com/vitaly-kamluk/bitscout
- GetData Forensic Imager http://www.forensicimager.com/
- Magnet Acquire https://www.magnetforensics.com/products/magnet-acquire/
- ODIN - http://odin-win.sourceforge.net/
- CloneZilla http://clonezilla.org/

Network Analysis:

- Xplico http://www.xplico.org/download
- Spiceworks Inventory https://www.spiceworks.com/download/inventory/
- GraphTool  https://graph-tool.skewed.de/
- KeyPlayer https://cran.r-project.org/web/packages/keyplayer/index.html
- NDTV https://cran.r-project.org/web/packages/ndtv/index.html
- Walktrap https://www-complexnetworks.lip6.fr/~latapy/PP/walktrap.html
- Connvitals https://github.com/Comcast/connvitals
- IVRE https://ivre.rocks/

Evidence Collection:

- bulk_extractor https://github.com/simsong/bulk_extractor
- cold disk quick response  https://github.com/orlikoski/CDQR
- ir-rescue  https://github.com/diogo-fernan/ir-rescue
- Grr https://github.com/google/grr
- CimSweep https://github.com/PowerShellMafia/CimSweep
- Encrypted Disk Collector https://www.magnetforensics.com/free-tool-encrypted-disk-detector/
- Magnet RamCapture https://www.magnetforensics.com/free-tool-magnet-ram-capture/
- Network Miner https://www.netresec.com/?page=NetworkMiner
- NFI Defraser https://sourceforge.net/projects/defraser/
- ExifTools https://www.sno.phy.queensu.ca/~phil/exiftool/
- Toolsley https://www.toolsley.com/
- DumpZilla https://www.dumpzilla.org/
- Broswer History https://www.nirsoft.net/utils/browsing_history_view.html

Log Analysis Tools

- Lorg https://github.com/jensvoid/lorg 
- Logdissect https://github.com/dogoncouch/logdissect
- StreamAlert https://github.com/airbnb/streamalert
- SysmonSearch https://github.com/JPCERTCC/SysmonSearch

File System Analysis/Imager:

- The Sleuth Kit (+Autopsy) http://www.sleuthkit.org/
- FTK Imager https://accessdata.com/product-download

Metadata Analysis:

- Exiftool https://www.sno.phy.queensu.ca/~phil/exiftool/
- JustMeta https://github.com/FortyNorthSecurity/Just-Metadata
- Collection https://github.com/metadatacenter/metadata-analysis-tools
- Archer Meta https://github.com/metadatacenter/metadata-analysis-tools 
- TensorFlow Based https://github.com/tensorflow/metadata 

Memory Analysis Tools:

- Evolve  https://github.com/JamesHabben/evolve
- LiME https://github.com/504ensicsLabs/LiME
- Volatility https://www.volatilityfoundation.org/
- VolDiff https://github.com/aim4r/VolDiff
- WindowsSCOPE  http://www.windowsscope.com/

Memory Imaging Tools:

- Belkasoft Live RAM Capturer https://belkasoft.com/ram-capturer
- Linux Memory Grabber https://github.com/halpomeranz/lmg
- Magnet RAM Capture  https://www.magnetforensics.com/resources/magnet-ram-capture/
- OSForensics https://www.osforensics.com/download.html
- Memoryze https://www.fireeye.com/services/freeware/memoryze.html
- RAMMap https://docs.microsoft.com/en-us/sysinternals/downloads/rammap

MSSP:

- TheHive  https://github.com/TheHive-Project/TheHive

OSX Evidence Collection:

- Knocknock https://github.com/synack/knockknock
- mscOS Artifact Parsing Tool (mac_apt)
- OSX Auditor https://github.com/jipegit/OSXAuditor
- OSX Collector https://github.com/Yelp/osxcollector
- Shims (SDB Parser)    https://tzworks.net/prototype_page.php?proto_id=33
- SDB-Explorer                  https://github.com/evil-e/sdb-explorer

Threat Intelligence:

- ActorTrackr https://github.com/jalewis/actortrackr
- AiEngine https://gi thub.com/camp0/aiengine
- Automater https://github.com/1aN0rmus/TekDefense-Automater
- bro-intel-generator  https://github.com/exp0se/bro-intel-generator
- GoatRider https://github.com/BinaryDefense/goatrider
- Omnibus https://github.com/InQuest/omnibus
- poortego https://github.com/mgeide/poortego
- QRadio https://github.com/QTek/QRadio
- Redline https://www.fireeye.com/services/freeware/redline.html
- RITA https://github.com/activecm/rita
- HostHunter https://github.com/SpiderLabs/HostHunter
- Combine  https://github.com/mlsecproject/combine
- Cyphon https://www.cyphon.io/

Incident Response Operating System:

- DEFT http://www.deftlinux.net/download/
- Plainsight http://www.plainsight.info/download.html
- HBCD https://www.hirensbootcd.org/download/

Sandbox:

- Falcon Sandbox https://github.com/PayloadSecurity/VxAPI
- Spender Sandbox https://github.com/spender-sandbox
- Sandboxie https://www.sandboxie.com/DownloadSandboxie

Automated Triaging:

- PE Studio https://www.winitor.com/
- FAME - https://github.com/certsocietegenerale/fame
- VIPER https://github.com/viper-framework/viper
- MalwOverview https://github.com/alexandreborges/malwoverview

Online Sandbox:

- Reverse.it https://www.reverse.it/
- Any.run       https://any.run/ 
- Hybrid-Analysis https://www.hybrid-analysis.com/

IOC Scanner:

- Fenrir  https://github.com/Neo23x0/Fenrir
- Forager https://github.com/opensourcesec/Forager
- Loki https://github.com/Neo23x0/Loki
- Fast IR https://github.com/SekoiaLab/Fastir_Collector 
- Zimmermans Toolkit https://ericzimmerman.github.io/#!index.md
- Didier Stevens Toolkit https://blog.didierstevens.com/my-software/

DNS

- Bind https://www.isc.org/downloads/bind/
- djbdns http://cr.yp.to/djbdns.html
- Designate - https://wiki.openstack.org/wiki/Designate
- dnsmasq - http://www.thekelleys.org.uk/dnsmasq/doc.html
- knot - https://www.knot-dns.cz/ 


from Hacker News https://ift.tt/3kGpBeC

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.