Site Overlay

Good List of Open Source Security Projects

This is a compilation of some excellent open source security projects.  I will continue to update this page. Insert in comments below if you have any good reference projects or open source security tools. I am excluding the obvious ones like Metasploit and Bro for example, in this list.

Platform / Host Security

OSQuery from Facebook

Reference Link:

Github link

Commercial Comparison: The commercial equivalent functionality is with Tanium.

Description: osquery gives you the ability to query and log things like running processes, logged in users, password changes, usb devices, firewall exceptions, listening ports, and more. It allows you to easily ask questions about your Linux and OSX infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance


Reference link:

Github link:

Description: OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response

SIMP from National Security Agency (NSA)

Reference link

Github link

Description: SIMP keeps networked systems compliant with given security standards. It is a configuration management and more importanly a means for automated compliance checking/validation with excellent out of box integration using Puppet, authentication with OpenLDAP, and other update options.

Cloud Security

Security Monkey from Netflix

Github link

Description: Security Monkey monitors policy changes and alerts on insecure configurations in an AWS account.


GRR from Google

Github link:

Commercial alternative: FireEye/Mandiant’s MIR incident response platform

Description: GRR Rapid Response is an incident response framework focused on remote live forensics. It has a docker image for you to be up and running in ~2 minutes. It has cross-platform support for Linux, Mac OS X and Windows clients. It can perform live remote memory analysis using open source memory drivers for Linux, Mac OS X and Windows, and the Rekall memory analysis framework.

ThreatExchange from Facebook

Reference link:

Github link:

Description: More than 90 companies are now using Facebook’s cybersecurity platform, ThreatExchange, to share security and threat information. It is a set of RESTful APIs on the Facebook Platform for querying, publishing, and sharing security threat information including exchanging details on malware, phishing pages, and other threats with either specific members of the security community.

MozDef: The Mozilla Defense Platform

Reference link:

Github link:

Description: The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers. It allows for collaborative incident response, visualizations, and easy integration into other enterprise systems

Scumblr & Sketchy from Netflix

Github link

Github link

Description: Scubmlr performs periodic searches and storing / taking actions on the identified results. Things to look for include compromised credentials, vulnerability / hacking discussion, attack discussion, security relevant social media discussion, etc. – anything that can help your security team keep tabs on security- and attack-related social media and Internet chatter. Sketchy works well with Scumblr by taking automatic screenshots, text scrapes, and html files before they can be taken offline. Such information can all be stored locally or on a S3 bucket on Amazon.

Skyline from Etsy

Github link

Commercial alternative: Anomaly detection system from Nagios

DescriptionSkyline is an real-time anomaly detection system to help security teams with scalable and passive monitoring of potentially hundreds of thousands of metrics. It is designed to be used wherever there are a large quantity of high-resolution timeseries which need constant monitoring. After Skyline detects an anomalous metric, it surfaces the entire timeseries to the webapp, where the anomaly can be viewed and acted upon.

AnomalyDetection from Twitter

Reference link:

Github link:

Description: AnomalyDetection is an open-source R package to detect anomalies which is robust, from a statistical standpoint, in the presence of seasonality and an underlying trend.


Reference link:

Github link:

Description: RTIR is an open source ticketing system for incident response based on Request Tracker. This system can be built based on the Verizon VERIS taxonomy (to compare against Verizon DRIR reports) by creating custom fields that match the categories. This system supports using a REST API(3) to automate the creation of tickets

Securing the Human


Reference link:

Github link

Description: AVA maps the realities of your organisation, its structures, and behaviours. This map of people and interconnected entities can then be tested using a unique suite of customisable on-demand and scheduled information security awareness tests. The results of this combine into a detailed risk profile of your organisation unlike any other tool can provide – from the people up.

Similar Posts:

Published By:

Author: Ajit Gaddam

Ajit Gaddam is an accomplished technology executive and is currently the Head of Security Engineering at Visa, where he is responsible for building large scale AI driven cybersecurity products, leading engineering programs, and providing expert guidance on cybersecurity matters. He has presented at conferences worldwide, including USENIX Enigma, RSA, Black Hat, Strata Data Hadoop, COSO Dublin, and GCS Ukraine. Ajit has been quoted by major media organizations and his work has been showcased in academic journals, security publications, and in two published books. He is an active participant in various open source and standards bodies, is a prolific inventor of disruptive technologies (over 100+ global patents), and moonlights as an instructor (SANS, community colleges).

3 thoughts on “Good List of Open Source Security Projects

  1. I was very happy to find this site. I need to to thank
    you for ones time for this particularly wonderful read!!
    I definitely loved every part of it and I
    have you book-marked to look at new stuff on your site.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll Up