Tools starting with C

By first letter:  A  - B  - C  - D  - E  - F  - G  - H  - I  - J  - K  - L  - M  - N  - O  - P  - Q  - R  - S  - T  - U  - V  - W  - X  - Y  - Z 

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.

CAIRIS

CAIRIS is a tool to specify and model secure and usable systems. It helps to support the elements necessary for usability, requirements, and risk analysis.

CHIRON ELK

CHIRON is a tool to provide network analytics based on the ELK stack with threat detection. Learn how it works in this review.

CIRCLean

CIRCLean is a hardware solution to clean documents from untrusted USB drives and sticks. The device automatically disarms harmful documents.

CMSeeK

CMSeeK is a security scanner for content management systems (CMS) and used for security assessments. Read how it works in this review.

CMSmap

CMSmap is a security tool to perform reconnaissance on a web target. It helps with the detection of several popular content management systems (CMS).

Certificate Transparency

Google's Certificate Transparency project audits the way SSL/TLS certificates are used and its underlying cryptographic system.

Certigo

Certigo is a security tool to find information about different types of digital certificates and validate them. It can be used in scripts or manually.

Chiron

Chiron is a security assessment framework for IPv6 testing. It can be used during penetration testing or analysis of network devices. Read how it works in this review.

ChrootX

Clair

Clair is an open source container analyzer. It performs static analysis of container images and correlates their contents with public vulnerability databases.


Latest release: 4.7.4 [May 1, 2024]

ClamAV

ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.


Latest release: clamav-1.4.0-rc [May 6, 2024]

Cloud Security Suite (CS Suite)

CS Suite is a security toolkit that allows scanning Amazon, Google, and Azure cloud platforms. Read how it works in this review.

CloudSploit scans

CloudSploit scans is an open source software project to test security risks related to an AWS account. It runs tests against your Amazon account and aims to discover any potential misconfigured setting or other risks.


Latest release: 3.4.0 [May 1, 2024]

Commix

Commit is a security tool to test web applications and find vulnerabilities related to command injection attacks. It can be used during security assignments.


Latest release: 3.9 [Jan. 19, 2024]

Confidant

Confidant is an open source secret manager developed by Lyft. Read our review about what it does and how it works.

Conpot

Conpot is an ICS honeypot to collect intelligence and information about attacks against industrial control systems. It is written in Python.

Cowrie

Cowrie is a honeypot to emulate SSH and telnet services. It can be used to learn attack methods and as an additional layer for security monitoring.

Cppcheck

Cppcheck is a static code analysis tool for C and C++ code. It helps to discover bugs that would not be picked up by compilers, yet avoid any false positives.


Latest release: 2.14.0 [April 20, 2024]

Crowbar

Crowbar is a brute forcing tool that can be used during penetration tests. Unlike other similar tools it uses different methods to achieve its goal.

Cryptomator

Cryptomator is a multi-platform tool for transparent client-side encryption of your files. It is used together with cloud services to ensure you are the only one who can access the data.


Latest release: 1.12.4 [March 27, 2024]

Cuckoo Sandbox (cuckoo)

Cuckoo Sandbox is a malware analysis system. By feeding it suspicious files, Cuckoo can provide detailed findings on what a file did and how it behaved.

Cutter

Cutter is a graphical user interface for radare2, the well-known reverse engineering framework. Read how it works in this review.

Cyphon

Cyphon is an incident management and response platform to deal with incoming alerts and messages. It is multi-purpose and can be used for information security.

changeme

The tool changeme is a credential scanner for default usernames and passwords, or common combinations of these.

chkrootkit

chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

cipherscan

Cipherscan is a tool to test the ordering of SSL/TLS ciphers on a given target. It tests the major versions of SSL, TLS, and any extensions of these protocols.

clinker

cve-search

cve-search is a security tool to import CVE and CPE data and enable it to be searched. It can be used to detect vulnerabilities on the system.


Latest release: 5.0.3 [April 16, 2024]
RSS feed icon for Linux security tools

Recently reviewed

  • Archery (vulnerability assessment and management)
  • Wapiti (vulnerability scanner for web applications)
  • Patator (multi-purpose brute-force tool)
  • BleachBit (system cleaner and privacy tool)
  • OpenSCAP (suite with tools and security data)
  • Lynis (security scanner and compliance auditing tool)
  • BlackBox (store secrets in Git/Mercurial/Subversion)
  • salt-scanner (Linux vulnerability scanner)
  • Infection Monkey (security testing for data centers and networks)
  • Anchore Engine (container analysis and inspection)
  • Zeek (network security monitoring tool)
  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • Bleach (sanitizing library for Django)
  • siemstress (basic SIEM solution)
  • Malice (VirusTotal clone)