Search Results for "linux malware detect"
Sort By:
Showing 1039 open source projects for "linux malware detect"
View related business solutions-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
-
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
1
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS
Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure. -
2
Crawler Detect
CrawlerDetect is a PHP class for detecting bots/crawlers/spiders
Crawler Detect is a PHP library that detects bots, crawlers, and spiders by analyzing user-agent headers and comparing them against a constantly updated list of known crawlers. It's useful for analytics, rate-limiting, or displaying alternative content for automated tools. It is fast, lightweight, and easy to integrate into any PHP application. -
3
malware-samples
A collection of malware samples and relevant dissection information
This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves. -
4
Alibi Detect
Algorithms for outlier, adversarial and drift detection
Alibi Detect is an open source Python library focused on outlier, adversarial and drift detection. The package aims to cover both online and offline detectors for tabular data, text, images and time series. Both TensorFlow and PyTorch backends are supported for drift detection. -
Find Hidden Risks in Windows Task SchedulerWindows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.
-
5
Zen Linux
Simple, free and efficient ad-blocker and privacy guard
Zen is an open-source system-wide ad-blocker and privacy guard for Windows, macOS, and Linux. It works by setting up a proxy that intercepts HTTP requests from all applications and blocks those serving ads, tracking scripts that monitor your behavior, malware, and other unwanted content. By operating at the system level, Zen can protect against threats that browser extensions cannot, such as trackers embedded in desktop applications and operating system components. -
6
HyDE Linux
Aesthetic, dynamic and minimal dots for Arch hyprland
...The install script will auto-detect an NVIDIA card and install nvidia-dkms drivers for your kernel. -
7
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. ... -
8
Al-Khaser
Public malware techniques used in the wild: Virtual Machine, Emulation
al-khaser is an open-source proof-of-concept security tool that deliberately implements techniques commonly used by real-world malware to test and evaluate the effectiveness of antivirus and endpoint detection and response (EDR) systems. It’s written in C/C++ and designed to execute a wide range of anti-analysis, anti-debugging, anti-virtualization, timing-based evasion, and sandbox detection routines so security researchers and defenders can see how well their tools detect or ignore these behaviors. ... -
9
Volatility
An advanced memory forensics framework
Volatility is a widely used open-source framework for analyzing memory captures (RAM dumps) from Windows, Linux, and macOS systems. It enables investigators and malware analysts to extract process lists, network connections, DLLs, strings, artifacts, and more. Volatility supports many plugins for detecting hidden processes, malware, rootkits, and event tracing. It’s essential in digital forensics and incident response workflows. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
SSH-MITM
Server for security audits supporting public key authentication
ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication. ... -
11
Portmaster
Block Mass Surveillance
Portmaster is a free and open-source application firewall that does the heavy lifting for you. Restore privacy and take back control over all your computer's network activity. Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally, get the power to act accordingly. Protect your whole computer, not just your browser. Block all advertisements and trackers for every application. Easily add your own rules and block... -
12
LSG - Linux SecureGuard
Professional antivirus solution developed for Linux systems.
Professional antivirus solution developed for Linux systems. Protects your Linux servers and desktop systems with real-time protection, network security and advanced threat detection features. -
13
Motion Detect
use your webcam to detect motion
The program works with a webcam to detect a change in the picture, such as an object or a person moving, and capture frames in a folder, so it can be useful as a motion detection program, i.e. for security purposes. -
14
Elkeid
Open source solution that can meet the requirements of workloads
Elkeid is an open-source platform for security and intrusion-detection that aims to support a wide variety of deployment contexts — from bare-metal hosts to containers, Kubernetes clusters, and even serverless environments. It was born out of ByteDance’s internal security best practices, offering for community users a subset of its enterprise-grade capabilities. Elkeid combines kernel-level data collection, user-space agents, and runtime instrumentation (RASP) to detect malicious behavior,... -
15
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages... -
16
Power Pwn
Repurpose Microsoft-trusted executables, service accounts, etc.
Repurpose Microsoft-trusted executables, service accounts and cloud services to power a malware operation. These materials are presented from an attacker’s perspective with the goal of raising awareness to the risks of underestimating the security impact of No Code/Low Code. No Code/Low Code is awesome. -
17
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
18
Portable Executable Parser
lightweight Go package to parse, analyze and extract metadata
Saferwall PE is a lightweight Go package for parsing, analyzing, and extracting metadata from Portable Executable (PE) binaries. Designed with malware analysis in mind, it is robust against malformed PE files and provides detailed insights into executable structures. -
19
Linkify
JavaScript plugin for finding links in plain-text and converting them
Linkify is a JavaScript plugin. Use Linkify to find links in plain text and convert them to HTML tags. It automatically highlights URLs, #hashtags, @mentions and more. Detect URLs and email addresses #hashtag, @mention and #-ticket plugins. React and jQuery support. Multi-language and emoji support. Custom link plugins. Fast, accurate, and small footprint (~20kB minified, ~11kB gzipped) 99% test coverage. Compatible with all modern browsers (Internet Explorer 11 and up). By default Linkify... -
20
Falco
Malicious activity detection for Cloud-native applications
Falco is a open source project to detect abnormal application behavior in a cloud native environment like Kubernetes. This cloud native runtime security project allows you to detect unexpected application behavior and alerts on threats. -
21
kwatch
Monitor & detect crashes in your Kubernetes(K8s) cluster instantly
Monitor & detect crashes in your Kubernetes(K8s) cluster instantly. kwatch helps you monitor all changes in your Kubernetes(K8s) cluster, detects crashes in your running apps in realtime, and publishes notifications to your favorite channels (Slack, Discord, etc.) instantly. You can deploy kwatch easily on your cluster with one command. -
22
AimAhead
The fastest AI powered Aimbot
AimAhead is an AI-powered aim assist tool designed for high-speed target acquisition. It captures the screen, processes the image through a selected AI model to detect enemies, and then aims towards them. Optimized for NVIDIA graphics cards, AimAhead converts ONNX models to TensorRT engine files for enhanced performance, achieving between 100 to 200 cycles per second depending on the model used. -
23
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
24
Tracee
Linux Runtime Security and Forensics using eBPF
Tracee is a runtime security and observability tool that helps you understand how your system and applications behave. It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
25
Vuls
Agentless vulnerability scanner for Linux/FreeBSD
Vuls is open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc. Vuls uses multiple vulnerability databases NVD, JVN, OVAL, RHSA/ALAS/ELSA/FreeBSD-SA and Changelog. Vuls v0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. If you don't want the central Vuls server to connect to each server by SSH, you...
