Open source is winning everyday. It is getting In the cyber security community, even though many companies lock their code in their proprietary software, there are a lot of open source projects which anyone interested in cyber security can make use.
A great place to start searching for this cool open source security-related projects is the GitHub. You can use the GitHub’s search feature to find these useful tools, but there’s one place where you can find the most of the popular security-related projects, and that is the GitHub Showcases sections, a place on GitHub which a very few people.
Showcases includes a category called “Security” which includes 24 projects. Below are the top ten most popular open source security-related projects present on GitHub at the moment:
1. osquery – from Facebook
“ osquery exposes an operating system as a high-performance relational database. This allows you to write SQL-based queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes. ”
2. Metasploit Framework – from Rapid7
“ The Metasploit Framework is a tool for developing and executing exploit code against a remote target machine. ”
3. Infer – from Facebook
“ Facebook Infer is a static analysis tool – if you give Infer some Objective-C, Java, or C code, it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to people’s phones, and help prevent crashes or poor performance. ”
4. Brakeman – from PresidentBeef
“ Brakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities. ”
5. Radare2 – from the Radare Porject
“ Radare is a forensics tool and a scriptable command line hexadecimal editor able to open disk files, which also has support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb servers, … ”
6. OS X Auditor – from Jean-Philippe Teissier
“ OS X Auditor is a free Mac OS X computer forensics tool that parses various types of files for suspicious content. ”
7. BeEF – from BeEF Project
“ BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. ”
8. Cuckoo – from Cuckoo Sandbox Project
“ Cuckoo Sandbox is an automated dynamic malware analysis system. What does that mean? It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment. ”
9. Scumblr – from Netflix
“ Scumblr is a web application that allows performing periodic searches and storing / taking actions on the identified results. ”
10. Moloch – from AOL
“ Moloch is an open source, large scale packet capturing, indexing and database system. A simple web interface is provided for PCAP browsing, searching, and exporting. APIs are exposed that allow PCAP data and JSON-formatted session data to be downloaded directly. Simple security is implemented by using HTTPS and HTTP digest password support or by using apache in front. Moloch is not meant to replace an IDS but instead work along side them to store and index all the network traffic in standard PCAP format, providing fast access. Moloch is built to be deployed across many systems and can scale to handle tens of gigabits/sec of traffic. ”
At present these are the most popular open-source projects on GitHub that are security-related. You can always check the Showcases section on a regular basis to see what projects are on the rise and becoming popular.