Dagda alternatives

Looking for an alternative tool to replace Dagda? During the review of Dagda we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Anchore Engine (container analysis and inspection)
  2. Archery (vulnerability assessment and management)
  3. OpenVAS (vulnerability scanner)

These tools are ranked as the best alternatives to Dagda.

Alternatives (by score)

64

Anchore Engine

Introduction

Anchore is a tool to help with discovering, analyzing and certifying container images. These images can be stored both on-premises or in the cloud. The tooling is mainly focused on developer so that perform analysis on their container images. Typical actions include running queries, creating reports, or set up policies for a continuous integration and deployment pipeline.

Project details

Anchore Engine is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + Commercial support available
  • + More than 1000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • System hardening

    Anchore Engine review

    93

    Archery

    Introduction

    Archery is a tool that helps to collect data about vulnerabilities within an environment. Instead of focusing on the actual scanning, it allows managing findings in a web-based interface. This includes options like reporting, searching, and dashboards. It can interact with other tools, including the well-known vulnerability scanners.

    Project details

    Archery is written in Python.

    Strengths and weaknesses

    • + More than 500 GitHub stars
    • + The source code of this software is available

      Typical usage

      • Penetration testing
      • Vulnerability management
      • Vulnerability scanning
      • Vulnerability testing

      Archery review

      97

      OpenVAS

      Introduction

      OpenVAS is an open source vulnerability scanner that emerged from when Nessus became closed source in October of 2005.

      Project details

      OpenVAS is written in C.

      Strengths and weaknesses

      • + The source code of this software is available
      • + Well-known tool

        Typical usage

        • Penetration testing
        • Security assessment
        • Vulnerability scanning

        OpenVAS review

        97

        Safety

        Introduction

        When having applications deployed in your environment, not all of those may be installed via a package manager. When your infrastructure grows, it becomes even harder to know which tools are properly patched and which ones are not. For Python applications, this is where Safety comes in that can help scan installed software components via pip. It will also look at any of the dependencies that are installed.

        Project details

        Safety is written in Python.

        Strengths and weaknesses

        • + More than 10 contributors
        • + The source code of this software is available

          Typical usage

          • Penetration testing
          • Security assessment
          • Security monitoring
          • Vulnerability scanning

          Safety review

          64

          VScan

          Introduction

          Vscan is a security tool to perform vulnerability scanning with Nmap. It leverages NSE scripts to provide some flexibility in terms of vulnerability detection and exploitation.

          Project details

          VScan is written in shell script.

          Strengths and weaknesses

          • + The source code of this software is available

            Typical usage

            • Backdoor detection
            • Vulnerability scanning

            VScan review

            100

            Vuls

            Introduction

            Vuls is a vulnerability scanner for Linux and FreeBSD. It is written in Go, agentless, and can use a remote login to find any software vulnerabilities. It has multiple levels of scanning, from a fast scan up to a deep scan with extensive analysis.

            Project details

            Vuls is written in Golang.

            Strengths and weaknesses

            • + More than 50 contributors
            • + More than 5000 GitHub stars
            • + The source code of this software is available

              Typical usage

              • System hardening
              • Vulnerability scanning

              Vuls review

              64

              w3af

              Introduction

              W3af is an open source web application attack and audit framework and helps in scanning for vulnerabilities. The tool comes with both a graphical user interface (GUI) and command line utility. Some of the project files include a copyright line of 2006. That gives a good idea on the maturity of the project, and it is one of the rare tools that is still maintained after so many years.

              Project details

              w3af is written in Python.

              Strengths and weaknesses

              • + Tool is modular and extendable
              • + More than 2000 GitHub stars
              • + The source code of this software is available

                Typical usage

                • Application security
                • Application testing
                • Penetration testing
                • Vulnerability scanning
                • Web application analysis

                w3af review

                60

                bane

                Introduction

                Bane is a tool to create AppArmor profiles. This helps to secure applications by setting restrictions on resources they access or modify. A strict policy may help to prevent privilege escalation attacks.

                Project details

                bane is written in Golang.

                Strengths and weaknesses

                • + More than 500 GitHub stars
                • + The source code of this software is available

                  Typical usage

                  • Application security
                  • Security monitoring
                  • System hardening

                  bane review

                  78

                  Intrigue Core

                  Introduction

                  Intrigue Core provides a framework to measure the attack surface of an environment. This includes discovering infrastructure and applications, performing security research, and doing vulnerability discovery.

                  Intrigue also allows enriching available data and perform OSINT research (open source intelligence). The related scans include DNS subdomain brute-forcing, email harvesting, IP geolocation, port scanning, and using public search engines like Censys, Shodan, and Bing.

                  Project details

                  Intrigue Core is written in Ruby.

                  Strengths and weaknesses

                  • + More than 500 GitHub stars
                  • + The source code of this software is available

                    Typical usage

                    • OSINT research
                    • Asset discovery
                    • Attack surface measurement
                    • Intelligence gathering
                    • Penetration testing
                    • Security assessment

                    Intrigue Core review

                    60

                    Bash Scanner

                    Introduction

                    Bash Scanner is a security tool that does a quick scan to see if there are vulnerable packages. It uses an external service to validate.

                    Project details

                    Bash Scanner is written in shell script.

                    Strengths and weaknesses

                    • + Used language is shell script
                    • + The source code of this software is available

                      Typical usage

                      • Security assessment
                      • Security monitoring

                      Bash Scanner review

                      78

                      vulscan

                      Introduction

                      Vulscan is a vulnerability scanner which uses the well-known Nmap tool. By enhancing it with offline data from VulDB, it allows for detecting vulnerabilities. The database itself based on information from multiple sources.

                      Project details

                      vulscan is written in Lua.

                      Strengths and weaknesses

                      • + The source code of this software is available
                      • - No releases on GitHub available

                      Typical usage

                      • Penetration testing
                      • Security assessment
                      • Vulnerability scanning
                      • Vulnerability testing

                      vulscan review

                      60

                      vulnix

                      Introduction

                      Tools like vulnix help with the detection of known weaknesses in packages by leveraging external resources. It can be used as an additional security layer on top of software patch management.

                      Project details

                      vulnix is written in Python.

                      Strengths and weaknesses

                      • + The source code of this software is available

                        Typical usage

                        • Vulnerability scanning

                        vulnix review

                        60

                        Docker Bench (by Aqua)

                        Introduction

                        Docker Bench is one of the tools that can be used to perform a security analysis on Docker and its configuration. It can find common configuration flaws that may impose risks to other containers or the host itself.

                        Project details

                        Docker Bench (by Aqua) is written in Golang.

                        Strengths and weaknesses

                        • + The source code of this software is available
                        • - No releases on GitHub available

                        Typical usage

                        • Configuration audit

                        Docker Bench (by Aqua) review

                        68

                        Docker Bench for Security

                        Introduction

                        Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.

                        Project details

                        Docker Bench for Security is written in shell script.

                        Strengths and weaknesses

                        • + More than 25 contributors
                        • + Screen output is colored
                        • + More than 3000 GitHub stars
                        • + The source code of this software is available

                          Typical usage

                          • Application security
                          • Configuration audit
                          • Security assessment

                          Docker Bench for Security review

                          100

                          ClamAV

                          Introduction

                          ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often used to support scanning incoming emails for malicious content.

                          Project details

                          ClamAV is written in C.

                          Strengths and weaknesses

                          • + Many maintainers
                          • + The source code of this software is available

                            Typical usage

                            • Malware analysis
                            • Malware detection
                            • Malware scanning

                            ClamAV review

                            74

                            LMD

                            Introduction

                            LMD uses MD5 file hashes and HEX pattern matches to define the malware signatures. These are used to detect malware.

                            Project details

                            LMD is written in shell script.

                            Strengths and weaknesses

                            • + The source code of this software is available

                              Typical usage

                              • Malware scanning

                              LMD review

                              70

                              Loki

                              Introduction

                              Loki is security tool to find so-called indicators of compromise (IOC). It does this by scanning files and then uses pattern matching.

                              Project details

                              Loki is written in Python.

                              Strengths and weaknesses

                              • + More than 10 contributors
                              • + Commercial support available
                              • + More than 500 GitHub stars
                              • + The source code of this software is available

                                Typical usage

                                • Digital forensics
                                • Intrusion detection
                                • Security monitoring

                                Loki review

                                60

                                Malice

                                Introduction

                                Malice is a malware analysis that wants to provide a free and open source version of VirusTotal. The goal of Malice is to make it usable by both independent researchers up to fortune 500 companies.

                                Malice is useful for those that do malware analysis or deal with user-generated files that may contain malware. The framework allows scanning files and directories to see if they are infected.

                                Project details

                                Malice is written in Golang.

                                Strengths and weaknesses

                                • + More than 500 GitHub stars
                                • + The source code of this software is available

                                  Typical usage

                                  • Malware analysis
                                  • Malware detection
                                  • Malware research
                                  • Malware scanning

                                  Malice review

                                  74

                                  Malscan

                                  Introduction

                                  Malscan is a tool to scan for malicious software (malware) such as viruses, worms, and backdoors. Its goal is to extend ClamAV with more scanning modes and signatures. It targets web servers running Linux, but can also be used on mail servers and desktops.

                                  Project details

                                  Malscan is written in shell script.

                                  Strengths and weaknesses

                                  • + Used language is shell script
                                  • + The source code of this software is available

                                    Typical usage

                                    • Malware protection
                                    • Malware scanning

                                    Malscan review

                                    85

                                    Maltrail

                                    Introduction

                                    Maltrail monitors for traffic on the network that might indicate system compromise or other bad behavior. It is great for intrusion detection and monitoring.

                                    Project details

                                    Maltrail is written in Python.

                                    Strengths and weaknesses

                                    • + More than 10 contributors
                                    • + More than 3000 GitHub stars
                                    • + The source code of this software is available

                                      Typical usage

                                      • Intrusion detection
                                      • Network analysis
                                      • Security monitoring

                                      Maltrail review

                                      60

                                      MultiScanner

                                      Introduction

                                      MultiScanner helps malware analysts by providing a toolkit to perform both automated and manual analysis. The data extracted from the analysis can be easily stored together, including the relevant metadata and samples. It allows enriching the data further by retrieving information from external resources.

                                      Project details

                                      Strengths and weaknesses

                                      • + More than 10 contributors
                                      • + The source code of this software is available

                                        Typical usage

                                        • Malware analysis
                                        • Malware detection
                                        • Malware scanning

                                        MultiScanner review

                                        59

                                        Rootkit Hunter (rkhunter)

                                        Introduction

                                        Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

                                        The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

                                        Project details

                                        Rootkit Hunter is written in shell script.

                                        Strengths and weaknesses

                                        • + Used language is shell script
                                        • + Project is mature (10+ years)
                                        • + The source code of this software is available

                                          Typical usage

                                          • Malware detection
                                          • Malware scanning

                                          Rootkit Hunter review

                                          97

                                          YARA

                                          Introduction

                                          YARA is a tool to identify and classify malware samples. It uses textual or binary patterns to match data, combined with a boolean expression to define a match. YARA is multi-platform, can be used via a command-line interface or via Python scripts using the yara-python extension.

                                          Project details

                                          YARA is written in C.

                                          Strengths and weaknesses

                                          • + More than 50 contributors
                                          • + More than 2000 GitHub stars
                                          • + The source code of this software is available

                                            Typical usage

                                            • Malware analysis
                                            • Malware detection
                                            • Malware scanning

                                            YARA review

                                            59

                                            chkrootkit

                                            Introduction

                                            The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

                                            Some areas that are checked include:

                                            • interface in promiscuous mode
                                            • lastlog deletions
                                            • wtmp deletions
                                            • wtmpx deletions
                                            • signs of LKM trojans
                                            • utmp deletions

                                            Project details

                                            chkrootkit is written in C, shell script.

                                            Strengths and weaknesses

                                            • + Used language is shell script
                                            • + Project is mature (10+ years)
                                            • - Long time between releases

                                            Typical usage

                                            • Malware detection
                                            • Malware scanning

                                            chkrootkit review

                                            60

                                            BDA (Big Data Audit)

                                            Introduction

                                            BDA is a vulnerability scanner for big data tools like Hadoop and Spark. It searches for configuration weaknesses and reports them. Hadoop and Spark are one of the few applications that encounter a lot of data. So by securing these applications, a big leap can be made as it covers a lot of data.

                                            Project details

                                            BDA is written in Python.

                                            Strengths and weaknesses

                                            • + The source code of this software is available

                                              Typical usage

                                              • Application testing
                                              • Vulnerability scanning
                                              • Vulnerability testing

                                              BDA review

                                              Some relevant tool missing as an alternative to Dagda? Please contact us with your suggestion.