Linux Security Tools

OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.

OpenSSL is an open source project and provides a toolkit for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.

KeePassXC is a cross-platform platform to store sensitive data like passwords, keys, and other secrets. It has a graphical user interface and is written in C++.

Clair is an open source container analyzer. It performs static analysis of container images and correlates their contents with public vulnerability databases.

cve-search is a security tool to import CVE and CPE data and enable it to be searched. It can be used to detect vulnerabilities on the system.

Frida is a toolkit for reverse engineers, security researchers, and developers. It allows them injecting JavaScript to explore and understand the inner workings of applications on Windows, Mac, Linux, iOS, Android, and others.

Bleach is a library for Django that can sanitize HTML by escaping and stripping harmful content. Read how it works in this review.

Vault is a tool created by HashiCorp to store secrets like keys and passwords. These secrets are typically used by other software components and scripts.

MISP is short for Malware Information Sharing Platform. It helps with sharing threat data which can be used by defenders and malware researchers.

Cppcheck is a static code analysis tool for C and C++ code. It helps to discover bugs that would not be picked up by compilers, yet avoid any false positives.

Angr is a security tool written in Python to allow analyzing binaries. It provides a combination of static and dynamic analysis.

Prowler is a security tool to perform security audits on AWS configurations. It helps to find configuration flaws and improve system hardening.

The r2frida project combines the best of both worlds from Radare2 and Frida. Where Radare2 focuses on static analysis of binaries and files, Frida will target running processes. This project combines the powers of both.

UPX is tool to pack several executable formats. It is free, portable, and extendable, and well-known.

Kube-Bench is a security tool to perform a configuration audit of Kubernetes installations. It can be used to find flaws and improve system hardening.