Tools starting with C

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.

CAIRIS

CAIRIS is a tool to specify and model secure and usable systems. It helps to support the elements necessary for usability, requirements, and risk analysis.


Latest release: 2.2.0 [Aug. 25, 2019]

Certificate Transparency

Google's Certificate Transparency project audits the way SSL/TLS certificates are used and its underlying cryptographic system.

Certigo

Certigo is a security tool to find information about different types of digital certificates and validate them. It can be used in scripts or manually.


Latest release: 1.11.0 [Nov. 21, 2018]

changeme

The tool changeme is a credential scanner for default usernames and passwords, or common combinations of these.


Latest release: 1.2.1 [June 1, 2019]

Chiron

Chiron is a security assessment framework for IPv6 testing. It can be used during penetration testing or analysis of network devices. Read how it works in this review.


Latest release: 1.0 [Nov. 11, 2018]

CHIRON ELK

CHIRON is a tool to provide network analytics based on the ELK stack with threat detection. Learn how it works in this review.

chkrootkit

chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

cipherscan

Cipherscan is a tool to test the ordering of SSL/TLS ciphers on a given target. It tests the major versions of SSL, TLS, and any extensions of these protocols.

CIRCLean

CIRCLean is a hardware solution to clean documents from untrusted USB drives and sticks. The device automatically disarms harmful documents.


Latest release: 2.5 [Aug. 30, 2019]

Clair

Clair is an open source container analyzer. It performs static analysis of container images and correlates their contents with public vulnerability databases.


Latest release: 2.0.9 [Aug. 6, 2019]

ClamAV

ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.


Latest release: clamav-0.102.0-beta [Aug. 2, 2019]

Cloud Security Suite (CS Suite)

CS Suite is a security toolkit that allows scanning Amazon, Google, and Azure cloud platforms. Read how it works in this review.

CloudSploit scans

CloudSploit scans is an open source software project to test security risks related to an AWS account. It runs tests against your Amazon account and aims to discover any potential misconfigured setting or other risks.

CMSeeK

CMSeeK is a security scanner for content management systems (CMS) and used for security assessments. Read how it works in this review.


Latest release: v.1.1.2 [May 19, 2019]

CMSmap

CMSmap is a security tool to perform reconnaissance on a web target. It helps with the detection of several popular content management systems (CMS).

Commix

Commit is a security tool to test web applications and find vulnerabilities related to command injection attacks. It can be used during security assignments.


Latest release: 2.9.post20190626 [June 26, 2019]

Confidant

Confidant is an open source secret manager developed by Lyft. Read our review about what it does and how it works.


Latest release: 4.4.0 [Feb. 20, 2019]

Conpot

Conpot is an ICS honeypot to collect intelligence and information about attacks against industrial control systems. It is written in Python.

Cowrie

Cowrie is a honeypot to emulate SSH and telnet services. It can be used to learn attack methods and as an additional layer for security monitoring.


Latest release: 1.6.0 [April 4, 2019]

Cppcheck

Cppcheck is a static code analysis tool for C and C++ code. It helps to discover bugs that would not be picked up by compilers, yet avoid any false positives.


Latest release: 1.89 [Sept. 1, 2019]

Crowbar

Crowbar is a brute forcing tool that can be used during penetration tests. Unlike other similar tools it uses different methods to achieve its goal.

Cryptomator

Cryptomator is a multi-platform tool for transparent client-side encryption of your files. It is used together with cloud services to ensure you are the only one who can access the data.


Latest release: 1.4.15 [Aug. 18, 2019]

Cuckoo Sandbox (cuckoo)

Cuckoo Sandbox is a malware analysis system. By feeding it suspicious files, Cuckoo can provide detailed findings on what a file did and how it behaved.

Cutter

Cutter is a graphical user interface for radare2, the well-known reverse engineering framework. Read how it works in this review.


Latest release: 1.9.0 [Sept. 6, 2019]

cve-search

cve-search is a security tool to import CVE and CPE data and enable it to be searched. It can be used to detect vulnerabilities on the system.

Cyphon

Cyphon is an incident management and response platform to deal with incoming alerts and messages. It is multi-purpose and can be used for information security.


Latest release: 1.6.7 [Dec. 17, 2018]
RSS feed icon for Linux security tools

Recently reviewed

  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • Zeek (network security monitoring tool)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • Malice (VirusTotal clone)
  • Bleach (sanitizing library for Django)
  • siemstress (basic SIEM solution)
  • CMSeeK (CMS detection and exploitation)
  • GitMiner (Git data miner)
  • massh-enum (OpenSSH user enumeration)
  • CMSmap (reconnaissance tool for popular CMS frameworks)
  • Prowler (AWS benchmark tool)
  • django-security (Security add-ons for Django)
  • Malscan (malware scanner for web servers)
  • SQLMate (a friend of SQLMap with additional features)
  • hBlock (ad blocking and tracker/malware protection)
  • nftables (network traffic filtering)
  • Cutter (graphical user interface for radare2)
  • Termineter (smart meter security framework)
  • tlsenum (enumeration tool for TLS)