Skip to main content

Linux Security

A security related Linux distribution is Kali Linux.  Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing.  It has 600+ Penetration testing and network security tools pre-installed.  The true indication of a great Penetration Testing distribution is the selection of useful and relevant features that it offers security professionals.  It is for those who work under the umbrella of cybersecurity and analysis.

There is a wide range of security tools available for Linux and other platforms. To make them easier to find, we started an extensive review process to gather and document them. The goal of this top 100 is to showcase the best Linux security tools. By best there is an implied level of quality, healthy community and good governance of the project.  Check out this Security Dictionary of Terms.

The rankings of the list is determined by a combination of manual reviews and automated analysis. The list is updated frequently and then sorted based on a quality score. The score itself is measured by several ranking factors.

  • Availability of basic project details such as a defined license
  • Quality of documentation
  • Last release and release interval

Top 50 Linux security tools...

1. Cryptomator (client-side encryption for cloud services)

2. Buttercup for desktop (cross-platform password manager)

3. mitmproxy (TLS/SSL traffic interception)

4. Frida (reverse engineering tool)

5. Privacy Badger (privacy protection for browsers)

6. MISP (Malware Information Sharing Platform)

7. Zeek (network security monitoring tool)

8. GRR Rapid Response (remote live forensics for incident response)

9. ClamAV (malware scanner)

10. osquery (operating system query tool)

11. Vuls (agentless vulnerability scanner)

12. Faraday (collaboration tool for penetration testing)

13. Suricata (network IDS, IPS and monitoring)

14. ZAP (web application analysis)

15. WPScan (WordPress vulnerability scanner)

16. Infection Monkey (security testing for data centers and networks)

17. Wappalyzer (discovery of technology stack)

18. Lynis (security scanner and compliance auditing tool)

19. THC Hydra (password discovery)

20. Brakeman (static code analyzer for Ruby on Rails)

21. OpenSnitch (application firewall)

22. OpenSSL (TLS and SSL toolkit)

23. Moloch (network security monitoring)

24. OpenVAS (vulnerability scanner)

25. CloudSploit scans (AWS account scanner)

26. The Sleuth Kit (toolkit for forensics)

27. KeePassXC (cross-platform password manager)

28. Vault (storage of secrets)

29. Thug (low-interaction honeyclient)

30. Commix (command injection tool for web applications)

31. LIEF (library for analysis of executable formats)

32. YARA (malware identification and classification)

33. hBlock (ad blocking and tracker/malware protection)

34. BleachBit (system cleaner and privacy tool)

35. ntopng (network analysis and troubleshooting)

36. Cppcheck (static code analyzer)

37. angr (binary analysis framework)

38. cve-search (local CVE and CPE database)

39. Loki (file scanner to detect indicators or compromise)

40. Archery (vulnerability assessment and management)

41. Acra (database encryption proxy)

42. UPX (executable packer)

43. Lemur (certificate management)

44. jSQL Injection (automatic SQL database injection)

45. OpenSCAP (suite with tools and security data)

46. O-Saft (OWASP SSL audit for testers)

47. ScanSSH (SSH and open proxy scanner)

48. LMD (malware detection tool)

49. Wapiti (vulnerability scanner for web applications)

50. r2frida (bridge between Radare2 and Frida)