Linux Security

7 Great Open-Source Security Apps You’re Not Using

Dan Price 12-02-2018

Security issues continue to make the news at an alarming rate. It almost seems like a majority of companies have now been affected in some way. Data leaks, accounts hacked en masse All 3 Billion Yahoo Users Were Hit by Epic Hack Yahoo originally thought that 1 billion users had been caught up in its security breach of 2013. However, it turns out that all 3 billion Yahoo users were affected. Including you... Read More , and fundamental security vulnerabilities are worryingly common.


To protect yourself against the ever-increasing online threat, you need to use a range of security apps. For a casual home user, it might be as simple as an antivirus suite The 10 Best Free Antivirus Software No matter what computer you're using, you need antivirus protection. Here are the best free antivirus tools you can use. Read More and a malware tool. As the complexity of your network increases, so too does your need for more complex security apps.

In this article, we’re going to look at some of the best open source Open Source vs. Free Software: What's the Difference and Why Does It Matter? Many assume "open source" and "free software" mean the same thing but that's not true. It's in your best interest to know what the differences are. Read More security apps out there. We’ll introduce you to a broad spectrum of tools that can perform a wide variety of functions.

1. Network Security Toolkit

The Network Security Toolkit is a bootable ISO that you can load onto either a CD or USB stick. It’s based on Linux distro Fedora, but will work on most x86 and x64 systems.

open source security apps

The download contains more than 100 open-source security apps aimed at network administrators. It includes tools for managing traffic, monitoring intrusions, checking for vulnerabilities, and a whole lot more.


Although you could theoretically install all the apps individually, Network Security Toolkit provides a single Web User Interface that you can use to configure many of the apps within the wider toolkit.

2. Metasploit Framework

Metasploit Framework is a sub-project of The Metasploit Project.

The app is a penetration testing framework. Formed out of a collaboration between open source developers and software company Rapid7, the software has become one of the most used penetration testing apps in the world.

open source security apps


Metasploit Framework includes 900 known bugs for Windows, macOS, and Linux operating systems. You can load the code you want to test, then establish whether the OS is vulnerable. You can also add custom payloads.

Any payload can be combined with any exploit thanks to the app’s modular system.

3. KeePass

If you’re not using a password manager How Password Managers Keep Your Passwords Safe Passwords that are hard to crack are also hard to remember. Want to be safe? You need a password manager. Here's how they work and how they keep you safe. Read More (and you don’t have a photographic memory), you’re doing online security all wrong. Browser-based password managers are known for their flimsy security, while not using a password encourages people to use weaker passwords.

open source security apps


The most well-known password manager is arguably LastPass, but there are lots of alternatives 5 Best LastPass Alternatives to Manage Your Passwords Many people consider LastPass to be the king of password managers; it's packed with features and boasts more users than any of its competitors -- but it's far from being the only option! Read More .

One of the best alternatives is KeePass. It’s open source but has a thriving community. The app stores all your passwords in a single database which is then locked with a key. The database use AES and Twofish encryption methods.

4. Certbot

Certbot is a project from the Electronic Frontier Foundation (EFF).

To explain why it’s useful, we need to take a step back. The EFF wants to help to create a web where all the traffic is encrypted by default. Originally, the foundation helped create the HTTPS Everywhere browser extension, then the company followed it up with Let’s Encrypt (a free certificate authority).


The EFF’s latest release is Certbot. The app automatically connects to Let’s Encrypt to fetch and deploy SSL/TLS certificates on a web server.

It uses the Automated Certificate Management Environment (ACME) protocol, so can easily work with other certificate authorities.

5. Wireshark

Wireshark is a network protocol analyzer. It’s so popular that it has become the standard protocol analyzer for thousands of institutions, including government agencies, schools, and commercial businesses.

open source security apps

Using the app, you can examine data from a live network or a capture file on disk. You can explore your data on a granular level, right down to a near-microscopic level of packet detail.

Additional features include a rich display filter language, reconstructed streams of TCP sessions, and support for hundreds of protocols and media types.


OSSIM (Open Source Security Information Management) is a compilation of open source apps which together form a security information and event management system (SIEM). SIEM systems typically provide real-time analysis of security alerts from both other apps and network hardware.

OSSIM includes all the features you would expect from SIEM system, including event collection, normalization, and correlation.

open source security apps

It uses the AlienVault Open Threat Exchange to allow users to send and receive real-time information about malicious hosts.

Unfortunately, the basic app does not offer log management, AWS and Azure cloud monitoring, or integration with third-party ticketing apps. For those features, you will need to pay for a subscription.

7. CipherShed

CipherShed started life as a fork of the now-defunct TrueCrypt Project TrueCrypt Is Dead: 4 Disk Encryption Alternatives For Windows TrueCrypt is no more, but fortunately there are other useful encryption programs. While they may not be exact replacements, they should suit your needs. Read More . Available for Windows, Mac, and Linux, the app can either create single encrypted files or encrypt entire drives. It also with external storage media such as USB sticks and external hard drives.

The app mounts your drive once it’s encrypted. While mounted, the encryption is transparent to your operating system and installed apps. You can use the drive to read and write as usual. When you unmount the drive, the contents of the drive become hidden.

You can move encrypted drives between operating systems without compatibility issues.

Why Are Open Source Apps Important?

If an app is open source, its source code is available for other users to see, modify, and distribute.

From a security standpoint, it means you can be sure an app isn’t surreptitiously spying on you Yahoo Has Been Spying on Your Emails for the NSA If you have a Yahoo Mail account, Yahoo has been scanning all of your emails to help U.S. intelligence agencies. Which is nice of them. Read More or installing malware onto your machine. And even if you don’t have the technical ability to study the code yourself, you can be confident the community would have uncovered any bugs if they existed.

Open source apps are also attractive because they’re generally free. Why spend hundreds of dollars on security software when open source content can almost always fill the void?

Which Open Source Security Apps Do You Recommend?

In this article, we’ve introduced you to seven of the best open source security apps. Each specializes in a different part of network or computer security.

Unfortunately, the nature of open source software means there are hundreds of great apps out there that we couldn’t cover. And that’s where you come in.

What are some of your favorite open source security apps? What makes them so impressive?

Related topics: Linux, Online Security, Open Source.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. James Howde
    February 13, 2018 at 6:40 pm

    Also, judging from the site CipherShed look to have taken 2017 and most of 2016 off. No releases since Feb 2016 and no news or even forum postings either.

  2. AlS
    February 13, 2018 at 2:41 am

    I am surprised that you apparently prefer CipherShed over VeraCrypt. VeraCrypt has undergone a security audit and I can't find anything that indicates CipherShed has.

    • Not A Robot
      February 13, 2018 at 10:29 am

      Yes I was thinking the exact same thing. Why recommending open source apps because they can be reviewed if it is to then recommend CiperShed over VeraCrypt ?

    • DJPogoff
      February 18, 2018 at 2:27 pm

      While I haven't a clue to guide me toward CipherShed or VeraCrypt, assuming that AIS' and Not A Robot's comments are well-informed, the issue for me immediately becomes one of trust. Can I trust, implicitly, MUO and the author of this article?

      I'll presume to speak on behalf of readers of MUO, especially those who leave comments, by pointing out that as we are bombarded with so many sources of technology commentary, it quickly becomes essential to identify which to trust.

      • Lugh
        September 21, 2018 at 12:40 am

        Well said DJ, you speak on my behalf.