Top ten open source security projects

Guide

Open source is on the way to victory, although the day may come later, but open source will eventually win. In the cyber-security community, although many companies hold their code firmly in the form of commercial software, there are many security-related open source projects available to professional security personnel.

The best place to search for security-related open source software is obviously GitHub. You can use the search feature on the site to find these useful tools, but there is a place where you can find the most popular items in the security area, the GitHub display area, and probably not many people know about it.

From 2014 onwards, the GITHUB showcase will showcase these most popular items by category. In the display area, items are ranked by the number of stars they get, and this list keeps updating the most popular items currently. The "Security" category included in the showcase contains 24 items, and here we list the top ten security items on GitHub.

1. Osquery-from Facebook

Osquery represents the operating system as a high-performance relational database. This allows you to get operating system data through SQL-based queries. By Osquery, the running processes, loaded kernel modules, open network connections, browser plug-ins, hardware events, or file hashes are abstracted into SQL data tables.

2. Metasploit Framework-from Rapid7

The Metasploit Framework is a tool for developing and enforcing exploit code for remote target hosts.

3. Infer-from Facebook

Facebook Infer is a static analysis tool. Use it to analyze objective-c, Java, or C code to list the potential pitfalls. Before the code is uploaded to the device, you can use infer to find those fatal flaws that can prevent crashes or performance degradation.

4. brakeman-From Presidentbeef

Brakeman is an open source static analysis tool that examines the security vulnerabilities of Ruby on Rails applications.

5. Radare2-From the Radare project

Radare is a forensic tool that is a programmable command-line hex editor that can open disk files. It also supports binary parsing, disassembling code, debugging programs, connecting to a remote GDB server, and more.

6. OS X Auditor-from Jean-philippe teissier

OS x Auditor is a free Mac OS X computer Forensics tool that can parse various types of files and get suspicious content in them.

7. BeEF-From the BeEF project

BeEF is simply a browser that leverages the framework browser the exploitation framework. It is a vulnerability testing tool for browsers.

8. Cuckoo-From the Cuckoo Sandbox Project

The Cuckoo Sandbox is an automated malware dynamic analysis system. Simply put, you can throw any suspicious file to it in a matter of seconds, and cuckoo can give you an approximate result in an isolated environment.

9. Scumblr-From Netflix

SCUMBLR is a WEB application that can periodically check and take different disposal methods based on the results of the inspection.

Moloch-from AOL

Moloch is an open-source, large-scale system that grabs, indexes, and stores data into a database. It provides a simple Web interface that can be used to view, retrieve, and export captured packets. It supports APIs that can directly download PCAP data and JSON-formatted session data. Instead of replacing IDS, Moloch is used to store and index all of the network data in a standard PCAP format, which can be accessed quickly. The Moloch can be deployed across systems and can handle up to ten Gb of traffic per second.

Originally from: Http://www.linuxprobe.com/github-top10-security.html

Top ten open source security projects