Anti-Virus / Anti-Malware
- Fastfinder - Fast customisable cross-platform suspicious file finder. Supports md5/sha1/sha256 hashs, litteral/wildcard strings, regular expressions and YARA rules. Can easily be packed to be deployed on any windows / linux host.
- Linux Malware Detect - A malware scanner for Linux designed around the threats faced in shared hosted environments.
- LOKI - Simple Indicators of Compromise and Incident Response Scanner
- rkhunter - A Rootkit Hunter for Linux
- ClamAv - ClamAV® is an open-source antivirus engine for detecting trojans, viruses, malware & other malicious threats.
Content Disarm & Reconstruct
- DocBleach - An open-source Content Disarm & Reconstruct software sanitizing Office, PDF and RTF Documents.
Configuration Management
- Fleet device management - Fleet is the lightweight, programmable telemetry platform for servers and workstations. Get comprehensive, customizable data from all your devices and operating systems.
- Rudder - Rudder is an easy to use, web-driven, role-based solution for IT Infrastructure Automation & Compliance. Automate common system administration tasks (installation, configuration); Enforce configuration over time (configuring once is good, ensuring that configuration is valid and automatically fixing it is better); Inventory of all managed nodes; Web interface to configure and manage nodes and their configuration; Compliance reporting, by configuration and/or by node.
Authentication
- google-authenticator - The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth). These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. Tutorials: How to set up two-factor authentication for SSH login on Linux
- Stegcloak - Securely assign Digital Authenticity to any written text
Mobile / Android / iOS
- android-security-awesome - A collection of android security related resources. A lot of work is happening in academia and industry on tools to perform dynamic analysis, static analysis and reverse engineering of android apps.
- SecMobi Wiki - A collection of mobile security resources which including articles, blogs, books, groups, projects, tools and conferences. *
- OWASP Mobile Security Testing Guide - A comprehensive manual for mobile app security testing and reverse engineering.
- OSX Security Awesome - A collection of OSX and iOS security resources
- Themis - High-level multi-platform cryptographic framework for protecting sensitive data: secure messaging with forward secrecy and secure data storage (AES256GCM), suits for building end-to-end encrypted applications.
- Mobile Security Wiki - A collection of mobile security resources.
- Apktool - A tool for reverse engineering Android apk files.
- jadx - Command line and GUI tools for produce Java source code from Android Dex and Apk files.
- enjarify - A tool for translating Dalvik bytecode to equivalent Java bytecode.
- Android Storage Extractor - A tool to extract local data storage of an Android application in one click.
- Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System.
- dotPeek - Free-of-charge standalone tool based on ReSharper's bundled decompiler.
- hardened_malloc - Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
- AMExtractor - AMExtractor can dump out the physical content of your Android device even without kernel source code.
- frida - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
- UDcide - Android Malware Behavior Editor.
- reFlutter - Flutter Reverse Engineering Framework
Forensics
- grr - GRR Rapid Response is an incident response framework focused on remote live forensics.
- Volatility - Python based memory extraction and analysis framework.
- mig - MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security.
- ir-rescue - ir-rescue is a Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
- Logdissect - CLI utility and Python API for analyzing log files and other data.
- Meerkat - PowerShell-based Windows artifact collection for threat hunting and incident response.
- Rekall - The Rekall Framework is a completely open collection of tools, implemented in Python under the Apache and GNU General Public License, for the extraction and analysis of digital artifacts computer systems.
- LiME - Linux Memory Extractor
- Maigret - Maigret collect a dossier on a person by username only, checking for accounts on a huge number of sites and gathering all the available information from web pages.
Tags:
security
Last modified 23 December 2025