There are hundreds of open source security tools, with both defensive and offensive security capabilities. The following are essential security tools that will help you to secure your systems and networks.
1.OSSEC – OSSEC is a free, open-source, host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, Toolkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. OSSEC has a centralized, cross-platform infrastructure, allowing multiple systems to be easily monitored and managed.
2.OpenVAS – OpenVAS is an open source vulnerability scanning suite that grew from a fork of the Nessus engine when it went commercial. It manages all aspects of a security vulnerability management system from web-based dashboards.
3.Security Onion – Security Onion is a network security monitoring distribution that can replace expensive commercial grey boxes with blinking lights. Security Onion is easy to setup and configure. With minimal effort, you will start to detect security-related events on your network. You will be able to detect everything from brute force scanning kids to those nasty APT’s.
4.Metasploit Framework – The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, Shellcode archive and other related research.
5.Nmap – Nmap helps your network and ports with the number one port-scanning tool. Nmap now features powerful NSE scripts that can detect vulnerabilities, misconfiguration and security-related information around network services. After you have nmap installed be sure to look at the features of the included ncat – its netcat on steroids.