Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev. Learn more →
Top 23 Cybersecurity Open-Source Projects
-
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Project mention: [Tutorial] How to manually change FOV (SoC, CS, & CoP) | /r/stalker | 2023-08-06Download a hex editor such as ImHex and open it. I'd recommend downloading the portable version of whatever hex editor you are using if it's offered. That way you don't have to install the program and can instantly delete it off your drive when you're done.
-
h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), artificial intelligence, vulnerability research, exploit development, reverse engineering, and more.
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2023
There's this handy site for personal security
-
Project mention: piece of software to find /crawl information about yourself? | /r/opsec | 2023-04-10
I’d suggest Spiderfoot.
-
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
-
test-your-sysadmin-skills
A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
-
Reverse-Engineering-Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Project mention: New embedded and Rust hacking tutorials added - For anyone that missed my last post. Kevin Thomas is my mentor. We are both working together to bring free and low cost resources to those who are looking to learn and don't have money for expensive bootcamps/certs. Please enjoy his free tutorials! | /r/ReverseEngineering | 2023-10-27 -
Onboard AI
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the exposed server are also good approaches to protecting yourself.
-
For now the best tool I have found is this one: https://github.com/1N3/Sn1per
-
berty
Berty is a secure peer-to-peer messaging app that works with or without internet access, cellular data or trust in the network
Not written in Rust, but may be Berty can give you some ideas?
-
-
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
-
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. (by projectdiscovery)
Httpx: https://github.com/projectdiscovery/httpx
-
-
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
-
Also, for the attack emulation part you might be interested in CALDERA.
-
Project mention: Free Tech Tools and Resources - Terraform for AWS, Cyberthreat Tool, Vim Training & More | /r/SysAdminBlogs | 2023-08-16
MISP is an open-source solution to streamline the acquisition, retention, distribution, and collaborative exchange of critical cybersecurity indicators and threats. Timely-Lychee-5204 considers it "a threat intelligence platform for gathering, sharing, storing, and correlating indicators of compromise."
-
awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
Project mention: rate my threat model i will be implementing and i need help and tips also | /r/privatelife | 2023-03-04If you want to go extreme, I remember from many years ago, there used to be a publicly released document by Australia's cyber security agency, made largely for Windows, which used to list attack vectors on a complex scale. I used to follow their listed possible vectors to formulate threat models as a kid for my Windows computer. Back in the day they used to provide PDF, now its webpages (https://www.cyber.gov.au/acsc/view-all-content/advice/guidelines-system-hardening). This also exists (https://github.com/decalage2/awesome-security-hardening), a bit more wide coverage of OSes and practices.
-
In gr-dtv transmitter examples for Gnuradio, I see some times people use a resampler block before the RF hardware sink. Say our sampling rate is ~9.14Msps which satisfies the Nyquist criterion because our samples are complex numbers.
-
Project mention: Red Team / Pen Testing Tools and Techniques: A Collection of Resources | news.ycombinator.com | 2023-01-01
-
or you can also use our open source version: https://github.com/infobyte/faraday
-
Project mention: GitHub - OpenCTI-Platform/opencti: Open Cyber Threat Intelligence Platform | /r/SecOpsDaily | 2023-04-20
-
security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
I recently bumped into https://github.com/jassics/security-study-plan which gives imho decent pointers if you are looking for a security related learning plan.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-11-06.
Cybersecurity related posts
- Alfred, an Advanced Osint Tool
- Alfred, an Advanced Osint Tool
- Cherrybomb: Audit, validate and test API specifications
- Fr0gger/Awesome-GPT-Agents: A curated list of GPT agents for cybersecurity
- What adversary emulation options are there nowadays to test SIEMs and IDSs?
- Neoss: User-friendly and detailed socket statistics with a Terminal UI
- RecoverPy 2.1.3: A Linux tool to recover deleted or overwritten files
-
A note from our sponsor - Onboard AI
getonboard.dev | 6 Dec 2023
Index
What are some of the best open-source Cybersecurity projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | ImHex | 30,855 |
| 2 | h4cker | 15,249 |
| 3 | personal-security-checklist | 12,928 |
| 4 | spiderfoot | 10,746 |
| 5 | vuls | 10,397 |
| 6 | test-your-sysadmin-skills | 10,026 |
| 7 | Reverse-Engineering-Tutorial | 9,362 |
| 8 | Wazuh | 7,747 |
| 9 | Sn1per | 7,107 |
| 10 | berty | 7,060 |
| 11 | awesome-incident-response | 6,695 |
| 12 | pyWhat | 6,182 |
| 13 | httpx | 6,156 |
| 14 | DevSecOps | 4,996 |
| 15 | DefaultCreds-cheat-sheet | 4,902 |
| 16 | caldera | 4,830 |
| 17 | MISP | 4,764 |
| 18 | awesome-security-hardening | 4,672 |
| 19 | gnuradio | 4,586 |
| 20 | RedTeam-Tools | 4,393 |
| 21 | faraday | 4,304 |
| 22 | opencti | 4,138 |
| 23 | security-study-plan | 3,922 |
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com