Open Source Cybersecurity Tools refer to a category of software applications that are developed and distributed with an open source license. These tools are designed to help individuals and organizations improve their cybersecurity posture by detecting, preventing, and mitigating various types of cyber attacks. One of the key benefits of open source cybersecurity tools is that they allow users to inspect, modify and distribute the source code, which increases transparency, flexibility and customization. As a result, the open source community is able to collectively improve the security features of these tools over time, making them more effective and robust. There are many different types of open source cybersecurity tools available, each with its own specific purpose and functionality. For example, some tools focus on network security, such as intrusion detection, firewall management and vulnerability scanning. Others focus on application security, such as penetration testing, web application scanning and code analysis. There are also tools that provide security for cloud environments, mobile devices and containers. Some of the most widely used open source cybersecurity tools include Snort, Metasploit, Nmap, Wireshark, OSSEC, OpenVAS, and Suricata. These tools have become essential components of many cybersecurity professionals' toolkits. In summary, open source cybersecurity tools are an important and growing aspect of the cybersecurity landscape, providing users with powerful and customizable solutions to protect their systems and networks from cyber threats. The open source community plays a crucial role in the development and improvement of these tools, making them increasingly effective and relevant in today's rapidly evolving threat landscape.

1. LIST OF OPEN-
SOURCE
SECURITY
TOOLS
Boni Yeamin

2. Contant
• Security monitoring, intrusion
detection/prevention
• Threat intelligence
• Incident response
• Vulnerability assessment
• Firewall
• Antivirus / endpoint protection
• Email security

3. Who I am ?
Boni Yeamin
IT Officer (Defensive Security)
Akij Group ,Dhaka Bangladesh

4. 01.
Security monitoring,
intrusion
detection/prevention

5. Tools
• Suricata – intrusion detection system
• Snort – intrusion detection system
• Zeek – network security monitoring
• OSSEC – host-based intrusion detection
system
• Wazuh – a more active fork of OSSEC
• Velociraptor – endpoint visibility and
response
• OSSIM – open source SIEM, at the core of
AlienVault
• SecurityOnion – security monitoring and log
management

6. Tools
• Elastic SIEM – SIEM functionality by Elasticsearch
• Mozdef – SIEM-like layer ontop of
• Elasticsearch
• Sagan – log analytics and correlation
• Apache Metron – (retired) network security
monitoring, evolved from Cisco OpenSOC
• Arkime – packet capture and search tool (formerly
Moloch)
• PRADAS – real-time asset detection
• BloodHound – ActiveDirectory relationship
detection

7. 02.
Threat
intelligence

8. Tools
• MISP – threat intelligence platform
• SpiderFoot – threat intelligence
aggregation
• OpenCTI – threat intelligence
platform
• OpenDXL – open source tools for
security intelligence sharing
• Sigma – Generic Signature Format
for SIEM Systems

9. 03.
Incident
response

10. Tools
• StackStorm – SOAR platform
• CimSweep – Windows incident response
• GRR – incident response and remote live forensics
• TheHive – incident response / SOAR platform
• TheHive Cortex – TheHive companion used for fast
queriying
• Shuffle – open source SOAR platform
• osquery – real-time querying of endpoint data
• Kansa – PowerShell incident response

11. 04.
Vulnerability
assessment

12. Tools
• OpenVAS – very popular vulnerability assessment
• ZAProxy – web vulnerability scanner by OWASP
• WebScarab – (obsolete) web vulnerability scanner by
OWASP
• w3af – web vulnerability scanner
• Loki – IoC scanner
• CVE Search – set of tools for search in CVE data

13. 05.
Firewall

14. Tools
• pfsense – the most popular open source firewall
• OPNSense – hardened BSD-based firewall
• Smoothwall – Linux-based Firewall
• Antivirus / endpoint protection

15. 06.
Antivirus,
Endpoint
protection

16. Tools
• ClamAV – open source antivirus angine
• Armadito AV – open source AV (retired)
• YARA – The pattern matching swiss knife for malware
researchers

17. 07.
Email
security

18. Tools
• Hermes Secure Email Gateway – an Ubuntu-based email
gateway
• Proxmox – email gateway
• MailScanner – email security system
• SpamAssassin – anti-spam platform
• OrangeAssassin – drop-in replacement of SpamAssassin

19. Reference
• https://www.spiceworks.com/it-
security/vulnerability-management/articles/top-
open-source-cybersecurity-tools/
• https://techbeacon.com/app-dev-testing/57-
open-source-app-sec-tools-guide-free-
application-security-software
• https://techblog.bozho.net/list-of-open-source-
security-tools/
• https://cloudinfrastructureservices.co.uk/top-10-
best-free-open-source-cyber-security-tools/

20. Thank You