nixarmor alternatives
Looking for an alternative tool to replace nixarmor? During the review of nixarmor we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.
Alternatives (by score)
JShielder
Introduction
JShielder is a security tool for Linux systems to make them more secure by adding system hardening measures.Project details
JShielder is written in Python, shell script.
Strengths and weaknesses
- + Used language is shell script
- + The source code of this software is available
Typical usage
- System hardening
Lynis
Introduction
Lynis is an open source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.
Project details
Lynis is written in shell script.
Strengths and weaknesses
- + More than 50 contributors
- + Commercial support available
- + More than 4000 GitHub stars
- + Used language is shell script
- + Very low number of dependencies
- + Project is mature (10+ years)
- + The source code of this software is available
Typical usage
- IT audit
- Penetration testing
- Security assessment
- System hardening
- Vulnerability scanning
OpenSCAP
Introduction
The OpenSCAP project provides a wide variety of hardening guides, configuration baselines, and tools to test for vulnerabilities and configuration issues. It uses SCAP as the protocol to store the underlying data.
Project details
OpenSCAP is written in C.
Strengths and weaknesses
- + More than 25 contributors
- + The source code of this software is available
- + Supported by a large company
Typical usage
- Security assessment
- Vulnerability scanning
Zeus
Introduction
Tools like Zeus are useful to perform a quick security scan of an AWS environment. It helps to find missing security controls and apply system hardening measures to systems.
Project details
Zeus is written in shell script.
Strengths and weaknesses
- + Used language is shell script
- + The source code of this software is available
- - No releases on GitHub available
Typical usage
- Security assessment
- Self-assessment
- System hardening
ArpON
Introduction
ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.
The tool works by using three types of inspection to detect a related attack.
- SARPI (Static ARP Inspection), statically configured networks (without DHCP)
- DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
- HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)
Project details
ArpON is written in C.
Strengths and weaknesses
- + The source code of this software is available
MongoSanitizer (python-mongo-sanitizer)
Introduction
Typically this type of tool would be used as an additional defense layer to prevent injection attacks from reaching the database.
Project details
MongoSanitizer is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Application security
- Database security
Fail2ban
Introduction
Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacksProject details
Fail2ban is written in Python.
Strengths and weaknesses
- + More than 2000 GitHub stars
- + The source code of this software is available
Typical usage
- Network traffic filtering
- Security monitoring
hBlock
Introduction
For the privacy-aware users, tools like hBlock can be helpful to block malicious domains, malware, advertisements, and trackers. Trackers could be pixels added to websites to track which pages you visited, which might invade your privacy.
Project details
hBlock is written in shell script.
Strengths and weaknesses
- + Used language is shell script
- + The source code of this software is available
Typical usage
- Malware protection
- Privacy enhancement
DBShield
Introduction
This tool is typically used by developers and system administrators to protect their database against common database attacks. One of them is the SQL injection attack, that tries to bypass checks, resulting in data leakage. By using this tool, another level of security defense is implemented.
Project details
DBShield is written in Golang.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Database security
django-axes
Introduction
This tool may be used by developers that work with the Django framework. It adds a security layer on top of the application by looking at login attempts and track them.
Project details
django-axes is written in Python.
Strengths and weaknesses
- + More than 50 contributors
- + The source code of this software is available
Typical usage
- Application security
django-defender (Django Defender)
Introduction
Django-defender is a reusable app for Django that blocks people from performing brute forcing login attempts.Project details
django-defender is written in Python.
Strengths and weaknesses
- + More than 10 contributors
- + The source code of this software is available
Typical usage
- Application security
OpenSnitch
Introduction
OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.
Project details
OpenSnitch is written in Golang.
Strengths and weaknesses
- + More than 3000 GitHub stars
- + The source code of this software is available
- - No releases on GitHub available
Typical usage
- Network traffic filtering
Portspoof
Introduction
Portspoof is a small utility with the goal to make port scanning by other much harder. It achieves this by showing all configured TCP ports to be in the 'open' state instead of closed or filter. The related ports are also emulating valid services. This way a port scan on the system will reveal many open ports and look to have legitimate services running.
Project details
LUNAR
Introduction
LUNAR is short for Lockdown UNix Auditing and Reporting and runs on the system itself.
Project details
LUNAR is written in shell script.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Security assessment
- Self-assessment
- System hardening
Nix Auditor
Introduction
This fairly new tool is written in shell script to scan Linux systems with the focus on security auditing.
Project details
Nix Auditor is written in shell script.
Strengths and weaknesses
- + Used language is shell script
- - Full name of author is unknown
- - Unknown project license
seccheck
Introduction
Seccheck is a security scanner for Linux systems. It is originally written for SuSE Linux by Marc Heuse.Project details
seccheck is written in shell script.
Strengths and weaknesses
- + The source code of this software is available
- - Project looks outdated (old code or documentation)
Typical usage
- Security assessment
- System hardening
sysechk (System Security Checker)
Introduction
System Security Checker, or sysechk, is a tool to perform a system audit against a set of best practices. It uses a modular approach to test the system.Project details
sysechk is written in shell script.
Strengths and weaknesses
- + Used language is shell script
- + The source code of this software is available
Typical usage
- IT audit
- System hardening
Some relevant tool missing as an alternative to nixarmor? Please contact us with your suggestion.