Showing 1039 open source projects for "linux malware detect"

View related business solutions
  • Gen AI apps are built with MongoDB Atlas Icon
    Gen AI apps are built with MongoDB Atlas

    Build gen AI apps with an all-in-one modern database: MongoDB Atlas

    MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
    Start Free
  • Enterprise-grade ITSM, for every business Icon
    Enterprise-grade ITSM, for every business

    Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity.

    Freshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
    Try it Free
  • 1
    Detect It Easy

    Detect It Easy

    Program for determining types of files for Windows, Linux and MacOS

    Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure.
    Downloads: 161 This Week
    Last Update:
    See Project
  • 2
    Crawler Detect

    Crawler Detect

    CrawlerDetect is a PHP class for detecting bots/crawlers/spiders

    Crawler Detect is a PHP library that detects bots, crawlers, and spiders by analyzing user-agent headers and comparing them against a constantly updated list of known crawlers. It's useful for analytics, rate-limiting, or displaying alternative content for automated tools. It is fast, lightweight, and easy to integrate into any PHP application.
    Downloads: 8 This Week
    Last Update:
    See Project
  • 3
    malware-samples

    malware-samples

    A collection of malware samples and relevant dissection information

    This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves.
    Downloads: 26 This Week
    Last Update:
    See Project
  • 4
    Alibi Detect

    Alibi Detect

    Algorithms for outlier, adversarial and drift detection

    Alibi Detect is an open source Python library focused on outlier, adversarial and drift detection. The package aims to cover both online and offline detectors for tabular data, text, images and time series. Both TensorFlow and PyTorch backends are supported for drift detection.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Find Hidden Risks in Windows Task Scheduler Icon
    Find Hidden Risks in Windows Task Scheduler

    Free diagnostic script reveals configuration issues, error patterns, and security risks. Instant HTML report.

    Windows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.
    Download Free Tool
  • 5
    Zen Linux

    Zen Linux

    Simple, free and efficient ad-blocker and privacy guard

    Zen is an open-source system-wide ad-blocker and privacy guard for Windows, macOS, and Linux. It works by setting up a proxy that intercepts HTTP requests from all applications and blocks those serving ads, tracking scripts that monitor your behavior, malware, and other unwanted content. By operating at the system level, Zen can protect against threats that browser extensions cannot, such as trackers embedded in desktop applications and operating system components.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 6
    HyDE Linux

    HyDE Linux

    Aesthetic, dynamic and minimal dots for Arch hyprland

    ...The install script will auto-detect an NVIDIA card and install nvidia-dkms drivers for your kernel.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 7
    YARA

    YARA

    The pattern matching swiss knife for malware researchers

    YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. ...
    Downloads: 57 This Week
    Last Update:
    See Project
  • 8
    Al-Khaser

    Al-Khaser

    Public malware techniques used in the wild: Virtual Machine, Emulation

    al-khaser is an open-source proof-of-concept security tool that deliberately implements techniques commonly used by real-world malware to test and evaluate the effectiveness of antivirus and endpoint detection and response (EDR) systems. It’s written in C/C++ and designed to execute a wide range of anti-analysis, anti-debugging, anti-virtualization, timing-based evasion, and sandbox detection routines so security researchers and defenders can see how well their tools detect or ignore these behaviors. ...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 9
    Volatility

    Volatility

    An advanced memory forensics framework

    Volatility is a widely used open-source framework for analyzing memory captures (RAM dumps) from Windows, Linux, and macOS systems. It enables investigators and malware analysts to extract process lists, network connections, DLLs, strings, artifacts, and more. Volatility supports many plugins for detecting hidden processes, malware, rootkits, and event tracing. It’s essential in digital forensics and incident response workflows.
    Downloads: 63 This Week
    Last Update:
    See Project
  • AI-generated apps that pass security review Icon
    AI-generated apps that pass security review

    Stop waiting on engineering. Build production-ready internal tools with AI—on your company data, in your cloud.

    Retool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
    Try Retool free
  • 10
    SSH-MITM

    SSH-MITM

    Server for security audits supporting public key authentication

    ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication. ...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 11
    Portmaster

    Portmaster

    Block Mass Surveillance

    Portmaster is a free and open-source application firewall that does the heavy lifting for you. Restore privacy and take back control over all your computer's network activity. Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally, get the power to act accordingly. Protect your whole computer, not just your browser. Block all advertisements and trackers for every application. Easily add your own rules and block...
    Downloads: 36 This Week
    Last Update:
    See Project
  • 12
    LSG - Linux SecureGuard

    LSG - Linux SecureGuard

    Professional antivirus solution developed for Linux systems.

    Professional antivirus solution developed for Linux systems. Protects your Linux servers and desktop systems with real-time protection, network security and advanced threat detection features.
    Downloads: 11 This Week
    Last Update:
    See Project
  • 13

    Motion Detect

    use your webcam to detect motion

    The program works with a webcam to detect a change in the picture, such as an object or a person moving, and capture frames in a folder, so it can be useful as a motion detection program, i.e. for security purposes.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 14
    Elkeid

    Elkeid

    Open source solution that can meet the requirements of workloads

    Elkeid is an open-source platform for security and intrusion-detection that aims to support a wide variety of deployment contexts — from bare-metal hosts to containers, Kubernetes clusters, and even serverless environments. It was born out of ByteDance’s internal security best practices, offering for community users a subset of its enterprise-grade capabilities. Elkeid combines kernel-level data collection, user-space agents, and runtime instrumentation (RASP) to detect malicious behavior,...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 15
    Terrascan

    Terrascan

    Detect compliance and security violations across Infrastructure

    Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages...
    Downloads: 13 This Week
    Last Update:
    See Project
  • 16
    Power Pwn

    Power Pwn

    Repurpose Microsoft-trusted executables, service accounts, etc.

    Repurpose Microsoft-trusted executables, service accounts and cloud services to power a malware operation. These materials are presented from an attacker’s perspective with the goal of raising awareness to the risks of underestimating the security impact of No Code/Low Code. No Code/Low Code is awesome.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 17
    Ghidra

    Ghidra

    Ghidra is a software reverse engineering (SRE) framework

    Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes.
    Downloads: 533 This Week
    Last Update:
    See Project
  • 18
    Portable Executable Parser

    Portable Executable Parser

    lightweight Go package to parse, analyze and extract metadata

    Saferwall PE is a lightweight Go package for parsing, analyzing, and extracting metadata from Portable Executable (PE) binaries. Designed with malware analysis in mind, it is robust against malformed PE files and provides detailed insights into executable structures.​
    Downloads: 7 This Week
    Last Update:
    See Project
  • 19
    Linkify

    Linkify

    JavaScript plugin for finding links in plain-text and converting them

    Linkify is a JavaScript plugin. Use Linkify to find links in plain text and convert them to HTML tags. It automatically highlights URLs, #hashtags, @mentions and more. Detect URLs and email addresses #hashtag, @mention and #-ticket plugins. React and jQuery support. Multi-language and emoji support. Custom link plugins. Fast, accurate, and small footprint (~20kB minified, ~11kB gzipped) 99% test coverage. Compatible with all modern browsers (Internet Explorer 11 and up). By default Linkify...
    Downloads: 6 This Week
    Last Update:
    See Project
  • 20
    Falco

    Falco

    Malicious activity detection for Cloud-native applications

    Falco is a open source project to detect abnormal application behavior in a cloud native environment like Kubernetes. This cloud native runtime security project allows you to detect unexpected application behavior and alerts on threats.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 21
    kwatch

    kwatch

    Monitor & detect crashes in your Kubernetes(K8s) cluster instantly

    Monitor & detect crashes in your Kubernetes(K8s) cluster instantly. kwatch helps you monitor all changes in your Kubernetes(K8s) cluster, detects crashes in your running apps in realtime, and publishes notifications to your favorite channels (Slack, Discord, etc.) instantly. You can deploy kwatch easily on your cluster with one command.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 22
    AimAhead

    AimAhead

    The fastest AI powered Aimbot

    AimAhead is an AI-powered aim assist tool designed for high-speed target acquisition. It captures the screen, processes the image through a selected AI model to detect enemies, and then aims towards them. Optimized for NVIDIA graphics cards, AimAhead converts ONNX models to TensorRT engine files for enhanced performance, achieving between 100 to 200 cycles per second depending on the model used.
    Downloads: 378 This Week
    Last Update:
    See Project
  • 23
    Nikto

    Nikto

    Web server vulnerability scanner for security assessments

    Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows.
    Downloads: 89 This Week
    Last Update:
    See Project
  • 24
    Tracee

    Tracee

    Linux Runtime Security and Forensics using eBPF

    Tracee is a runtime security and observability tool that helps you understand how your system and applications behave. It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 25
    Vuls

    Vuls

    Agentless vulnerability scanner for Linux/FreeBSD

    Vuls is open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc. Vuls uses multiple vulnerability databases NVD, JVN, OVAL, RHSA/ALAS/ELSA/FreeBSD-SA and Changelog. Vuls v0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. If you don't want the central Vuls server to connect to each server by SSH, you...
    Downloads: 50 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • 5
  • Next