RSS feed icon for Linux security tools

Security Tools

Find the right tool

The database consists of 405 security tools. Looking for new tools? The top 100 list of best security tools is a great start.

Tools by category

Recently reviewed

GRR Rapid Response


GRR is a security tool for live forensics on remote systems. It uses a client-server model to obtain information from the systems and store them centrally.

Latest release: 3.2.2.0 [March 12, 2018]

Lynis


Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.

Latest release: 2.6.3 [March 7, 2018]

MIG (Mozilla InvestiGator)


MIG, or Mozilla InvestiGator, is a security tool to perform forensic investigation in real-time on Linux, macOS, and Windows systems.
New tool!

kubeaudit


Kubeaudit is a command line tool to audit Kubernetes clusters. It helps to test on various security risks, that may be introduced during deployment.

Latest release: 0.2.0 [Nov. 6, 2017]
New tool!

chkrootkit


chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

Kube-Bench


Kube-Bench is a security tool to perform a configuration audit of Kubernetes installations. It can be used to find flaws and improve system hardening.

Latest release: 0.0.14 [April 4, 2018]

SubFinder


SubFinder is a subdomain discovery tool. This can be useful to learn more about a particular target and available subdomains.
New tool!

Docker Bench for Security


Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.

Latest release: 1.3.3 [Oct. 6, 2017]

K8Guard


K8Guard is an accounting or monitoring system for Kubernetes clusters. It monitors resources and warns those who misbehave according to the defined rules.

Latest release: 1.0.1 [July 22, 2017]
New tool!

Rootkit Hunter (rkhunter)


Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix

Latest release: 1.4.4 [June 29, 2017]

SubOver


SubOver is a security tool to with the goal to take over subdomains. This can be used as part of security assessment or obtaining bug bounties.
New tool!

Th3inspector


Th3inspector is an information gathering tool to collect information about domains, DNS, web applications, and more. It may be used for security assessments.
New tool!

Sublist3r


Sublist3r is a security tool to scan a domain and attempt the discovery of underlying subdomains. This can be used during pentesting and security assessments.

aircrack-ng


Aircrack-ng is a security toolkit to perform WiFi auditing. It can be useful for security assessments to test the security of the wireless network.

Latest release: 1.2 [April 15, 2018]

BuQuikker


BuQuikker is a security tool to scan the Amazon S3 storage service. Its goal is to find open and unprotected S3 buckets.
New tool!

Archery


Archery is a Django-based application to perform vulnerability assessments and do vulnerability management.

Latest release: ARCHERY-v1.0-beta [March 19, 2018]

ssldump


ssldump is protocol analyzer for SSLv3/TLS network traffic. It identifies TCP connections on the chosen network interface and tries to interpret it.

LUNAR


LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.

AWSBucketDump


AWSBucketDump is a security tool to find interesting files in AWS S3 buckets that are part of Amazon cloud services.

GitMiner


GitMiner is a security tool to scan a Git repository for data leaks that may reveal sensitive information like authentication details.

sqlmap


The sqlmap performs automatic SQL injection and can take over a database. It is a valued tool for pentesters and those who want to test their web applications.

Latest release: 1.2 [Jan. 8, 2018]

s3-fuzzer


s3-fuzzer is a security tool to find sensitive data stored in Amazon S3 buckets. It can be used during security assessments.

Latest release: 0.0.1 [July 16, 2017]

Gitrob


Gitrob is a security tool to find sensitive information on GitHub. During the audit, it may detect passwords, API keys, or other secrets.