hBlock alternatives

Looking for an alternative tool to replace hBlock? During the review of hBlock we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Privacy Badger (privacy protection for browsers)
  2. Decentraleyes (local CDN emulation for privacy)
  3. MAT (removal of metadata)

These tools are ranked as the best alternatives to hBlock.

Alternatives (by score)

100

Privacy Badger

Introduction

Privacy Badger provides protection against website visitor trackers. These trackers come in the form of beacons or invisible pixels and have the goal to collect information about the browser. This data is often shared by third parties and used to create a profile of a particular browser. As minor differences for each user may lead to an individual user, these third parties may even link some of the data to the related individual. Tools like Privacy Badger do not provide guarantees that they block everything, yet can decrease the amount of data greatly.

Project details

Privacy Badger is written in JavaScript.

Strengths and weaknesses

  • + More than 50 contributors
  • + The source code of this software is available
  • + Supported by a large company
  • + Well-known tool
  • - Many provided pull requests are still open

Typical usage

  • Privacy enhancement

Privacy Badger review

63

Decentraleyes

Introduction

Most websites consist of HTML show the structure of a website. Together with CSS for styling, and JavaScript for interactive functionality, the website can provide value for its visitors. Some of the used JavaScript libraries are heavy on bandwidth, so website owner may use a content delivery network (CDN). The primary goal for a CDN is to get data closer to the end-user, which results in faster downloads and increasing the performance of the website.

Some common JavaScript libraries are used on many websites. As not every single website creator can pay the costs of a CDN, bigger companies might actually sponsor bandwidth on their CDN edge servers. While this is great from a cost perspective, it also introduces a privacy concern. The owner of the CDN can exactly see what websites a user is visiting by looking at the related requests to the CDN and the related referrer. This is where Decentraleyes comes into place, by intercepting requests to content delivery networks (CDN).

Project details

Decentraleyes is written in JavaScript.

Strengths and weaknesses

  • + More than 1000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Privacy enhancement

    Decentraleyes review

    63

    MAT (Metadata Anonymisation Toolkit)

    Introduction

    Many file forms store sensitive data, like a location, author name, or even the date and time. This toolkit can remove these bits of data while allowing the file to be used as before.

    Project details

    MAT is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Privacy enhancement

      MAT review

      63

      ArpON

      Introduction

      ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.

      The tool works by using three types of inspection to detect a related attack.

      • SARPI (Static ARP Inspection), statically configured networks (without DHCP)
      • DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
      • HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)

      Project details

      ArpON is written in C.

      Strengths and weaknesses

      • + The source code of this software is available

        ArpON review

        89

        Fail2ban

        Introduction

        Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks

        Project details

        Fail2ban is written in Python.

        Strengths and weaknesses

        • + More than 2000 GitHub stars
        • + The source code of this software is available

          Typical usage

          • Network traffic filtering
          • Security monitoring

          Fail2ban review

          60

          MongoSanitizer (python-mongo-sanitizer)

          Introduction

          Typically this type of tool would be used as an additional defense layer to prevent injection attacks from reaching the database.

          Project details

          MongoSanitizer is written in Python.

          Strengths and weaknesses

          • + The source code of this software is available

            Typical usage

            • Application security
            • Database security

            MongoSanitizer review

            64

            Algo VPN

            Introduction

            Algo VPN allows you to run your own VPN service using common cloud providers. Most devices do not need client software, as it uses generic VPN components. For security reasons, Algo VPN supports only IKEv2 using strong cryptographic protocols (AES-GCM, SHA2, and P-256) and WireGuard. It can block advertisements, tunnel traffic via SSH, and helps to automate configuration.

            Project details

            Algo VPN is written in Python.

            Strengths and weaknesses

            • + More than 50 contributors
            • + More than 9000 stars
            • + The source code of this software is available
            • - No releases on GitHub available

            Typical usage

            • Data encryption
            • Privacy enhancement

            Algo VPN review

            64

            Binary Analysis Next Generation (BANG)

            Introduction

            BANG is a framework to unpack files recursively and scan them. The files can be firmware, binaries, or malware. The main goal is to scan all files and perform classification and labeling. This way each file can be further analyzed based on the characteristics.

            Project details

            Binary Analysis Next Generation is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available
            • - No releases on GitHub available

            Typical usage

            • Binary analysis
            • Malware analysis
            • Malware scanning

            Binary Analysis Next Generation review

            100

            ClamAV

            Introduction

            ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often used to support scanning incoming emails for malicious content.

            Project details

            ClamAV is written in C.

            Strengths and weaknesses

            • + Many maintainers
            • + The source code of this software is available

              Typical usage

              • Malware analysis
              • Malware detection
              • Malware scanning

              ClamAV review

              74

              Cuckoo Sandbox (cuckoo)

              Introduction

              In a matter of seconds, Cuckoo Sandbox provides detailed results on what a file does within an isolated environment. This helps with malware analysis and understanding what it exactly tries to achieve. Further analysis can be done, based on the previous actions that were done.

              Cuckoo Sandbox was created by Claudio Guarnieri as part of the Google Summer of Code project in 2010.

              Project details

              Cuckoo Sandbox is written in Python.

              Strengths and weaknesses

              • + More than 2000 GitHub stars
              • + The source code of this software is available
              • - Many provided pull requests are still open
              • - Many reported issues are still open

              Typical usage

              • Digital forensics
              • Malware analysis

              Cuckoo Sandbox review

              64

              Diamorphine

              Introduction

              Rootkits are typically considered to be malware, or malicious software. With the intent to hide, this type of software is often used after a breach. Learning about how it works can be useful for security researchers and security professionals.

              Project details

              Diamorphine is written in C.

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • Learning

                Diamorphine review

                74

                LMD

                Introduction

                LMD uses MD5 file hashes and HEX pattern matches to define the malware signatures. These are used to detect malware.

                Project details

                LMD is written in shell script.

                Strengths and weaknesses

                • + The source code of this software is available

                  Typical usage

                  • Malware scanning

                  LMD review

                  64

                  Mal Tindex

                  Introduction

                  Mal Tindex is a tool that performs binary analysis on malware samples. It analyzes the binaries it is provided to learn about the specifics of each malware sample that makes them unique. This way data can be gathered that may provide background information. For example, it could provide the attribution of a particular actor or malware campaign.

                  Project details

                  Mal Tindex is written in Python.

                  Strengths and weaknesses

                  • + The source code of this software is available

                    Typical usage

                    • Malware analysis
                    • Malware research

                    Mal Tindex review

                    60

                    Malice

                    Introduction

                    Malice is a malware analysis that wants to provide a free and open source version of VirusTotal. The goal of Malice is to make it usable by both independent researchers up to fortune 500 companies.

                    Malice is useful for those that do malware analysis or deal with user-generated files that may contain malware. The framework allows scanning files and directories to see if they are infected.

                    Project details

                    Malice is written in Golang.

                    Strengths and weaknesses

                    • + More than 500 GitHub stars
                    • + The source code of this software is available

                      Typical usage

                      • Malware analysis
                      • Malware detection
                      • Malware research
                      • Malware scanning

                      Malice review

                      74

                      Malscan

                      Introduction

                      Malscan is a tool to scan for malicious software (malware) such as viruses, worms, and backdoors. Its goal is to extend ClamAV with more scanning modes and signatures. It targets web servers running Linux, but can also be used on mail servers and desktops.

                      Project details

                      Malscan is written in shell script.

                      Strengths and weaknesses

                      • + Used language is shell script
                      • + The source code of this software is available

                        Typical usage

                        • Malware protection
                        • Malware scanning

                        Malscan review

                        60

                        MultiScanner

                        Introduction

                        MultiScanner helps malware analysts by providing a toolkit to perform both automated and manual analysis. The data extracted from the analysis can be easily stored together, including the relevant metadata and samples. It allows enriching the data further by retrieving information from external resources.

                        Project details

                        Strengths and weaknesses

                        • + More than 10 contributors
                        • + The source code of this software is available

                          Typical usage

                          • Malware analysis
                          • Malware detection
                          • Malware scanning

                          MultiScanner review

                          59

                          Rootkit Hunter (rkhunter)

                          Introduction

                          Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

                          The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

                          Project details

                          Rootkit Hunter is written in shell script.

                          Strengths and weaknesses

                          • + Used language is shell script
                          • + Project is mature (10+ years)
                          • + The source code of this software is available

                            Typical usage

                            • Malware detection
                            • Malware scanning

                            Rootkit Hunter review

                            78

                            SSMA

                            Introduction

                            SSMA is short for Simple Static Malware Analyzer. The tool can perform a set of tests against a malware sample and retrieve metadata from it. SSMA can analyze ELF and PE and analyze its structure. For example, it can retrieve the PE file header information and its sections. Other pieces it can analyze is the usage of packers, anti-debugging techniques, cryptographic algorithms, domains, email addresses, and IP addresses. It can also check if the sample is already detected or blocked by using VirusTotal and the blocklist of malwaredomains.com.

                            Project details

                            SSMA is written in Python.

                            Strengths and weaknesses

                            • + The source code of this software is available
                            • - No releases on GitHub available

                            Typical usage

                            • Malware analysis
                            • Malware detection
                            • Malware scanning
                            • Reverse engineering

                            SSMA review

                            70

                            Viper

                            Introduction

                            Viper organizes the malware samples and exploits you found over time. It calls itself "Metasploit for malware researchers". Viper has a terminal interface to store, search and analyze files. As it is a framework, is also allows you to create your plugins.

                            Project details

                            60

                            YaraGuardian

                            Introduction

                            YaraGuardian provides a web-based interface that helps to manage Yara rules. It can be used to search, organize, and bulk-edit rules. The tool also prevents creating duplicate entries, which is a nice additional benefit of this management utility.

                            Project details

                            YaraGuardian is written in Python.

                            Strengths and weaknesses

                            • + The source code of this software is available

                              Typical usage

                              • Malware analysis

                              YaraGuardian review

                              52

                              bingrep

                              Introduction

                              Searches through binaries and highlights the most important areas with colors.

                              Supported binary formats:

                              • ELF 32/64, arm, x86, openrisc
                              • Mach 32/64, arm, x86
                              • PE

                              Project details

                              59

                              chkrootkit

                              Introduction

                              The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

                              Some areas that are checked include:

                              • interface in promiscuous mode
                              • lastlog deletions
                              • wtmp deletions
                              • wtmpx deletions
                              • signs of LKM trojans
                              • utmp deletions

                              Project details

                              chkrootkit is written in C, shell script.

                              Strengths and weaknesses

                              • + Used language is shell script
                              • + Project is mature (10+ years)
                              • - Long time between releases

                              Typical usage

                              • Malware detection
                              • Malware scanning

                              chkrootkit review

                              60

                              yarGen

                              Introduction

                              The yarGen utility helps with creating YARA rules for malware detection. It can combine both 'goodware' and 'malware', to properly craft the right rules.

                              Project details

                              93

                              BleachBit

                              Introduction

                              With the help of BleachBit, the system can be kept clean and increase privacy in the process.

                              Items that can be cleaned by BleachBit include:

                              • Browser cache
                              • Cookies
                              • Internet history
                              • Temporary files
                              • Log files

                              The tool can 'shred' files to ensure the data can no longer be retrieved, opposed to just deleting it.

                              Project details

                              89

                              OnionShare

                              Introduction

                              This tool is useful for sharing sensitive data, including information to be shared with journalists where you rather stay anonymously. It can also be helpful for sharing bigger amounts of data, without having to use a typical cloud service like Dropbox.

                              Project details

                              OnionShare is written in Python.

                              Strengths and weaknesses

                              • + More than 50 contributors
                              • + More than 2000 GitHub stars
                              • + Many releases available
                              • + The source code of this software is available

                                Typical usage

                                • File sharing

                                OnionShare review

                                Some relevant tool missing as an alternative to hBlock? Please contact us with your suggestion.