YARA is a free and open source tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples.
Read more
Category: Security
ClamAV – antivirus engine
Clam AntiVirus is a free and open source anti-virus toolkit, designed especially for e-mail scanning on mail gateways.
Read more
Wireshark – network packet analyzer
Wireshark is a network packet analyzer. A network packet analyzer captures network packets and tries to display that packet data as detailed as possible.
Read more
netsniff-ng – Swiss army knife for network plumbing
netsniff-ng is a performant network analyzer and networking toolkit. It’s described as the Swiss army knife for network packets.
Read more
darkstat – captures network traffic
darkstat is a network statistics gatherer. It captures network traffic on a specified interface, calculates statistics about usage, and serves reports over HTTP.
Read more
dsniff – collection of tools for network auditing and penetration testing
dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor.
Read more
ngrep – grep applied to the network layer
ngrep strives to provide most of GNU grep’s common features, applying them to the network layer. ngrep is a pcap-aware tool.
Read more
tcpdump – command-line packet analyzer
tcpdump is a common computer network debugging tool that runs under the command line. Intercept and display TCP/IP and other packets.
Read more
sniffit – CORBA based sniffer system
sniffIt is a Distributed Sniffer System. Capture network traffic from an unique machine using a graphical client application.
Read more
EtherApe – graphical network monitor
EtherApe is a network traffic browser. It displays network activity graphically.
Read more
Justniffer – network TCP Packet Sniffer
justniffer is a network protocol analyzer that captures network traffic and produces logs.
Read more
sniffer – alternative network traffic sniffer
sniffer is an alternative network traffic sniffer that’s designed for network troubleshooting.
Read more
sniffglue – secure multithreaded packet sniffer
sniffglue is a network sniffer. Network packets are parsed concurrently using a thread pool to utilize all cpu cores.
Read more
Wazuh – platform used for threat prevention, detection, and response
Wazuh is a platform used for threat prevention, detection, and response.
Read more
Sagan – multi-threads, high performance log analysis engine
Sagan is billed as the advanced Suricata/Snort like log analysis engine.
Read more
Tripwire – security and data integrity tool
Open Source Tripwire is a free software security and data integrity tool useful for monitoring and alerting on specific file change(s).
Read more
Logwatch – powerful and versatile log parser and analyzer
Logwatch is a customizable log analysis system. Logwatch parses through your system’s logs and creates a report analyzing specific areas.
Read more
AIDE – Advanced Intrusion Detection Environment
AIDE (Advanced Intrusion Detection Environment is a file and directory integrity checker.
Read more
Samhain – host-based intrusion detection system
The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis.
Read more
Rootkit Hunter – security tool
rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits.
Read more