Open source security software for windows

Топ-5 Open Source антивирусов

Во время работы на компьютере пользователь может обнаружить множество ошибок и всплывающих окон, которые мешают работать и отвлекают от важных дел. Вредоносные уведомления отправляются с помощью мошеннических каналов, нежелательные всплывающие окна перенаправляют человека на поддельные адреса сайтов, после чего система автоматически перестает работать.

Это может произойти с каждым пользователем ПК, у которого нет установленного средства антивирусной защиты на компьютере. Антивирус помогает обезопасить компьютер и не дает вредоносным программам и атакам воздействовать на систему. Он также обеспечивает эффективную работу устройства и защищает личную информацию пользователя. Кроме того, средство защиты от вредоносного ПО скрывает онлайн-данные от возможных киберугроз и контролирует межсетевой экран компьютера.

На рынке представлены различные антивирусы, доступные как бесплатно, так и по платной подписке. Но не все могут позволить себе премиальные инструменты, которые иногда стоят немало. Всегда будет кстати иметь про запас бесплатный Open Source антивирус, потому что это единственный способ безопасно подключиться к интернету и защитить свои данные от кибератак.

1. OpenAntiVirus Project

OpenAntiVirus Project — это один из самых популярных Open Source антивирусов, который включает в себя VirusHammer для целевого сканирования, которое может быть запущено пользователем. Кроме того, он позволяет молодым разработчикам участвовать в нескольких доступных проектах и вносить свой вклад в развитие программы, а также предлагать изменения для улучшения программного обеспечения.

Это средство антивирусной защиты обеспечивает разработчикам большую надежность, масштабируемость и эффективность. Такие функции, как Scanner Daemon, Squid vscan, Рattern finder, защищают компьютер и персональные данные пользователя. Многие разработчики работают над одним и тем же проектом, связанным с компьютерной безопасностью.

2. Armadito Antivirus

Armadito — это еще один Open Source антивирус для ПК и серверов. Он доступен как для Windows, так и для Linux, и состоит из веб-консоли центрального администрирования. Кроме того, антивирус имеет эвристическую архитектуру, которая позволяет ему легко интегрироваться с новыми алгоритмами и сосредоточиться на методах защиты от вредоносных программ.

Кроме того, он обеспечивает всестороннюю безопасность и конфиденциальность за счет механизма ClamAV. Armadito имеет удобный интерфейс, который работает быстро и эффективно, а также прост в использовании. С Armadito интеграция стала достаточно простой, поскольку он работает на основе решения GLPI (Open Source IT and Asset Management System).

Кроме того, любой желающий может внести свой вклад в развитие Armadito и совершенствования IТ-компетенций.

3. ClamAV Open Source

Другой известный Open Source антивирус — ClamAV. Он помогает обнаружить вредоносные программ, вирусы и любые другие атаки. Кроме того, средство антивирусной защиты также рассматривается как инструмент для программного обеспечения для сканирования почтового шлюза.

ClamAV обеспечивает более высокую производительность с помощью многопоточного сканера и утилит командной строки для сканирования файлов по требованию и включенного автоматического обновления. Будучи программой Open Source, ClamAV достаточно универсальна и поддерживает несколько форматов файлов и различных языков программирования.

4. ClamWin Open Source

ClamWin — это бесплатная Open Source антивирусная программа для Windows, применяемая во всем мире. Она помогает обнаружить самые распространённые вирусы, шпионские и вредоносные программы. Кроме того, ClamWin идет вместе с планировщиком сканирования и автоматическим обновлением для поддержания актуальности программного обеспечения. Дело в том, что ClamWin основан на движке ClamAV и использует GNU (General Public License).

Программа также обеспечивает интеграцию меню правой кнопки мыши в проводник Microsoft Windows и предлагает надстройку Microsoft Outlook для автоматического удаления зараженных вирусом файлов.

5. Moon Secure Antivirus

Moon Secure Antivirus — это бесплатное, простое и масштабируемое средство антивирусной защиты компьютера от вредоносных программ и других угроз. Кроме того, это единственное Open Source программное обеспечение корпоративного класса. Как и Armadito Antivirus, оно также использует движок ClamAV для обнаружения вирусов, троянов, шпионских программ.

Moon Secure Antivirus включает в себя такие функции, как защита в реальном времени, автоматическое обновление, низкое использование ресурсов, а также способно защитить любое стороннее приложение. Есть различные корпоративные продукты, среди которых MoonVAS (Moon Secure Vulnerability Scanner appliance) и Moon Secure Mobilizer.

Автор переведенной статьи: Chirag Manghnani

Источник

5 best open source antivirus software [Windows 10 & Mac]

An antivirus program needs to be fast, efficient, and cost-effective, and this one has them all.

Open source antivirus software can detect lots of types of malicious software.

Experienced developers and research experts in the antivirus, network security, and computer security fields will know best the meaning of open-source software.

An open-source antivirus denotes a program for which the original source code is made available for free, and it may be modified and redistributed.

We gathered five of the best programs to make your choice more comfortable.

Best Antivirus Deals For You:

The best open source antivirus software for Windows PCs

BullGuard

When it comes to trustworthy solutions to quickly detect and neutralize advanced threats, Bullguard is unmatched.

This antivirus may not be the exponential open-source tool since it’s already a well-established, feature-rich security solution.

Nevertheless, BullGuard embodies the scalability and efficiency you could ask from an open-source project.

Plus, it offers a 30-day free trial period to allow you plenty of time to test its features and convince yourself before closing the deal.

Let’s quickly look at its key features:

BullGuard

BullGuard uses the new cloud protection technology so it will identify any emerging threats in real-time.

Avira Free Antivirus

Avira is another great security tool that will keep you safe from viruses, malware, and other types of cyberattacks, thanks to multilayered security.

The antivirus comes with a built-in VPN that will ensure your data stays private and nobody finds out your IP address, location, and identity.

More so, the program is absolutely free, not using any ads and other annoying popups. Simply install it and never worry about intrusive advertisements or offers.

Some of Avira’s core features include:

Avira Free Antivirus

Avira Free Antivirus is the protection tool that everybody should have installed on their devices, either in their home or work stations.

Armadito Antivirus

This is an open-source antivirus for servers and PCs that protects systems from any viruses and malware.

Expert Tip: Some PC issues are hard to tackle, especially when it comes to corrupted repositories or missing Windows files. If you are having troubles fixing an error, your system may be partially broken. We recommend installing Restoro, a tool that will scan your machine and identify what the fault is.
Click here to download and start repairing.

The solution is, of course, available for Windows machines and it is created with a web-based central administration console.

The software can be used remotely from any location via an intuitive interface, and it will provide access to lots of features.

Let’s quickly look at its key features:

OpenAntiVirus Project

This is another open-source antivirus software that includes more projects available for developers who wish to add their contributions and improve it.

OpenAntiVirus Project is based on the fact that successful open-source software provides enhanced portability, scalability, reliability, and effectiveness.

This is a platform for people who are really interested and enthusiastic about antivirus research, computer, and network security.

You will be able to use an integrative platform for various developing projects that are related to virus protection and computer security.

Let’s quickly look at its key features:

⇒ Get OpenAntiVirus

ClamAV

ClamAV is another open-source antivirus engine targeted at detecting viruses, Trojans, malware and other kinds of malicious threats.

Let’s quickly look at its key features:

⇒ Get ClamAV

These are some of the best open-source antivirus programs that you can currently find out there.

Speaking of such programs, we have a thorough list of antivirus software with lifetime license for you to check out. All of them are great, offering robust sets of features.

If you have any other suggestions for this list, don’t hesitate to leave them in the comments section below.

Источник

Free Open Source Windows Anti-Malware Software

Anti-Malware Software

Browse free open source Anti-Malware software and projects for Windows below. Use the toggles on the left to filter open source Anti-Malware software by OS, license, language, programming language, project status, and freshness.

PeopleForce helps you to build a high-performance culture in your company

For HR Professionals

ClamWin

Antivirus software with virus scanning and virus definition updates

HiJackThis

A free utility that finds malware and other threats

Cuckoo Sandbox

Cuckoo Sandbox is for automated analysis of malware

Robolinux

UNTRACKABLE & FAST Robolinux 12.11

Built by Developers, for Developers

Clam Sentinel

Detekt

Malware triaging tool

theZoo

A repository of LIVE malwares for malware analysis and security

No Autorun

The PE file analysis toolkit

With maps, space and desk management, distance planning, analytics, and more, returning to the office is easier than ever.

Rinzler USB Cleaner

V2.0-Unhides Folder/Files,removes malicious scripts from USB Drive

Simple Software-restriction Policy

Control which folders programs can be run from.

CyberGod KSGMPRH

Open-Source antivirus for Windows

phpMussel

PHP-based anti-virus anti-trojan anti-malware solution.

Lumernite Antivirus

A simple lightweight Antivirus for Windows Devices

Copfilter

Treater Antivirus

Cloud antivirus scanner based on machine detection

USB Autorun Virus Protector

Stealth VM For Ubuntu & All Derivatives

Run Windows XP & 7 Virus Free Inside Ubuntu & All Derivatives

ClamGuard

Free and opensource antivirus solution based on ClamAV.

Stealth VM For Linux Mint

Run Windows XP & 7 Virus Free Inside Linux Mint

clamwin portable

portable zipped version of the free and open source antivirus ClamWin

Safe Autorun

Creates permanent autorun.inf to avoid USB infections

Tiny Watcher

Monitors system changes on a Windows machine

Источник

Free Open Source Windows Security Software

Security Software

Browse free open source Security software and projects for Windows below. Use the toggles on the left to filter open source Security software by OS, license, language, programming language, project status, and freshness.

Journyx makes it easy to gather accurate time and expense data so you can make smarter, more informed business decisions.

For fashion brands, apparel manufacturers, garment producers

WinSCP

WinSCP is a free SFTP, SCP, S3, WebDAV, and FTP client for Windows.

KeePass

A lightweight and easy-to-use password manager

Scrollout F1

An easy-to-use anti-spam email gateway

Anti-Spam SMTP Proxy Server

Anti-Spam SMTP Proxy Server implements multiple spam filters

For companies wishing to sell by auction

Tor Browser

Browser for using Tor on Windows, Mac OS X or Linux

Safe Exam Browser

mimikatz

A little tool to play with Windows security

x64dbg

An open-source x64/x32 debugger for windows.

Brave Browser

The faster, safer desktop browser for macOS, Windows, and Linux

Predict. Visualize, analyze, and harness the power of your data to solve your toughest business challenges from anywhere on the cloud.

Process Hacker

View and manage processes, services and more with this powerful tool.

Darik’s Boot and Nuke

A hard drive disk wipe and data clearing utility

ophcrack

A Windows password cracker based on rainbow tables

Eraser

A security tool to remove sensitive data from your Windows hard drive

ClamWin

Antivirus software with virus scanning and virus definition updates

waircut

WPS wireless protocol audit software for Windows

Metasploitable

Metasploitable is an intentionally vulnerable Linux virtual machine

A network stress testing application

Angry IP Scanner

A cross-platform network scanner that is fast and simple to use

Algo VPN

Set of Ansible scripts that simplifies the setup of a personal VPN

Keylogger

A simple keylogger for Windows, Linux and Mac

Источник

Бесплатные антивирусы и межсетевые экраны (UTM, NGFW) от Sophos

Хочется рассказать о бесплатных продуктах компании Sophos, которые можно использовать как дома, так и на предприятии (подробности под катом). Использование ТОПовых решений Gartner и NSS Labs позволит существенно повысить персональный уровень безопасности. В число бесплатных решений входят: Sophos UTM, XG Firewall (NGFW), Антивирусы (Sophos Home с веб-фильтрацией для Win/MAC; для Linux, Android) и средства удаления вредоносов. Далее мы рассмотрим высокоуровневый функционал и шаги получения бесплатных версий.

Сегодня у многих дома имеется несколько ноутбуков, планшетов, телефонов, есть удалённые площадки (дома родителей, родственников), есть дети, которых нужно оградить от нежелательного контента, защитить компьютеры от шифровальщиков/вымогателей. Всё это по сути сводится к задачам небольшой компании — с распределённой ИТ инфраструктурой и высокими требованиями к безопасности. О продуктах, которые позволяют решить эти задачи бесплатно в домашних условиях — мы сегодня и поговорим.

Лирическое отступление о Sophos

Компания Sophos была основана в 1985 г., как антивирусная компания, таковой она оставалась до начала 2000-х. С этого момента Sophos активно стала развиваться в других направлениях: с помощью собственной экспертизы и лабораторий, а также путём приобретения других компаний. На сегодня компания насчитывает 3300 сотрудников, 39000 партнеров и 300000 заказчиков. Компания является публичной — отчёты для инвесторов доступны открыто. Компания проводит исследования в области ИБ (SophosLabs) и отслеживает новости — следить можно в блоге и подкасте от Sophos — Naked Security.

Миссия:
Быть лучшими в мире для обеспечения комплексной ИТ-безопасности предприятий различного размера (от малого бизнеса до международных корпораций).

Ближе к сути или начнём по порядку

Основной страницей, на которой перечислены почти все бесплатные решения является страница: Sophos Free Products.

Чтобы быстро сориентироваться в решении, я буду давать небольшое описание. Для удобства будут приведены быстрые ссылки для получения соответствующего продукта.

Базовые шаги, которые необходимо сделать почти для каждого продукта:

Sophos Home для Windows и Mac OS

Sophos Home — бесплатный антивирус и родительский контроль. Обеспечивает безопасность всех домашних компьютеров с помощью бесплатного антивируса Sophos Home. Это та самая технология антивирусной защиты и веб-фильтрации, которой доверяют сотни тысяч компаний, доступная для домашнего использования.

Ссылка на скачивание Sophos Home.

Коммерческая версия Sophos Central позволяет управлять из единой консоли:

Антивирус находится в тройке лидеров по версии Gartner, поэтому использование домашней версии промышленного антивируса безусловно повысит общий уровень ИБ домохозяйства.

Sophos UTM Home Edition

Демо-интерфейс доступен по этой ссылке.
Ссылка на скачивание Sophos UTM Home Edition.

Особенности и описание:
Sophos UTM предоставляет весь необходимый функционал для защиты сети: межсетевой экран, веб-фильтрацию, IDS/IPS, анти-спам, WAF, VPN. Единственное ограничение домашней версии 50 защищаемых внутренних IP-адресов. Sophos UTM поставляется в виде ISO образа с собственной операционной системой и перезаписывает данные на жёстком диске во время установки. Поэтому требуется отдельный, специально предназначенный для этого компьютер или виртуальная машина.

На Хабре уже была статья об организации веб-фильтрации на базе Sophos UTM (с точки зрения замены Microsoft TMG).

Ограничение по сравнению с коммерческой версией — защита до 50 IP-адресов. Функциональных ограничений нет!

В качестве бонуса: в Home Edition имеется 12 антивирусных лицензий Endpoint Protection, а значит, Вы сможете контролировать из консоли UTM не только сетевую безопасность, но и безопасность рабочих мест: распространять на них правила антивирусной фильтрации, веб-фильтрации, контролировать подключаемые устройства — работает даже для тех компьютеров, которые не находятся в локальной сети.

Этап 1 — получение Software

Лицензия создаётся на 3 года, после чего лицензию нужно снова сгенерировать по шагам Этапа 2, предварительно удалив истёкшую лицензию с портала MyUTM.

Sophos UTM Essential Firewall

Бесплатный межсетевой экран для коммерческого использования. Для получения лицензии необходимо заполнить форму по этой ссылке. На почту придёт текстовый файл-лицензия с безсрочной лицензией.

Функции: Межсетевой экран до L4, маршрутизация, NAT, VLAN, PPTP/L2TP удалённый доступ, Amazon VPC, GeoIP фильтрация, DNS/DHCP/NTP сервисы, централизованное управление Sophos SUM.

Наглядное представление функций приведено на рисунке выше. Модули, которые окружают Essential Firewall — отдельные лицензируемые подписки.

Sophos SUM

Удобно использовать Sophos SUM (Sophos UTM Manager) для централизованного управления обособленными UTM на разных площадках. SUM позволяет из единого веб-интерфейса отслеживать состояния подчинённых систем и распространять отдельные политики. Бесплатно для коммерческого использования.

Ссылка на скачивание и запрос лицензии Sophos SUM. В письме придут ссылки на скачивание (аналогично Sophos UTM) и лицензионный файл во вложении.

Sophos XG Firewall Home Edition

Класс: NGFW (Next Generation Firewall), UTM (Unified Threat Management) — фильтрация по приложениям, пользователям и функции UTM
Лидер: Gartner UTM
Платформы: x86 сервер, виртуализация (VMWare, Hyper-V, KVM, Citrix), облако (Azure), оригинальная аппаратная платформа

Демо-интерфейс доступен по этой ссылке.
Ссылка на скачивание Sophos XG Firewall Home.

Особенности и описание:
Решение было выпущено в 2015 году как результат поглощения компании Cyberoam.
Версия Home Edition решения Sophos XG Firewall предоставляет полную защиту вашей домашней сети, включая все функции коммерческой версии: защита от вирусов, веб фильтрация по категориям и URL, контроль приложений, IPS, шейпинг трафика, VPN (IPSec, SSL, HTML5 и др.), отчетность, мониторинг и многое другое. Например, с помощью XG Firewall можно провести аудит сети, выявить рисковых пользователей и блокировать трафик по приложениям.

Getting Starting Guide для Software версии на английском и на русском.

Sophos XG Firewall Manager

Является продвинутой системой централизованного управления подчинёнными XG Firewall. Отображает статус безопасности на подключенных устройствах. Позволяет управлять конфигурацией: создавать шаблоны, проводить массовые изменения на группах устройств, изменять любую тонкую настройку. Может выступать единой точкой входа при распределённой инфраструктуре. Бесплатен до 5 управляемых устройств.

Демо-интерфейс доступен по этой ссылке.

Sophos iView

Если есть несколько инсталляций Sophos UTM и/или Sophos XG Firewall и нужно иметь сводную статистику, то можно установить iView, он является Syslog коллектором для продуктов Sophos. Продукт бесплатен до 100ГБ хранилища.

Ссылка на скачивание Sophos iView.

Sophos Mobile Security для Android

Удостоенный наград бесплатный антивирус Sophos Mobile Security для Android защищает устройства на базе Android без снижения производительности и времени работы от аккумулятора. Синхронизация с SophosLabs в реальном режиме времени обеспечивает постоянную защиту вашего мобильного устройства.

Коммерческий продукт: Sophos Mobile Control — относится к классу MDM и позволяет управлять мобильными телефонами (IOS, Android) и рабочими местами (MAC OS, Windows) по концепции BYOD с контейнерами для почты и контролем доступа к данными.

Sophos Mobile Security для iOS

Первым шагом по обеспечению безопасности устройства на базе iOS — является установка последних обновлений. Решение Sophos Mobile Security для iOS рассказывает о необходимости установки обновлений, и содержит коллекцию удобных средств повышения безопасности для устройств на базе iOS:

Средство удаления вредоносных программ для Windows выполняет сканирование всего компьютера на наличие проблем, и если они обнаружены, вам предоставляется бесплатная 30-дневная лицензия для удаления угрозы. Не ждите, пока произойдет заражение, это средство можно запустить в любое время, чтобы посмотреть, как работает ваш текущий антивирус или ПО для защиты конечных точек.

Коммерческий продукт: Sophos Clean входит во многие коммерческие продукты, например в Sophos Intercept X.

Бесплатное Средство удаления вирусов поможет быстро и легко найти и удалить угрозы, скрывающиеся на компьютере. Средство выявляет и удаляет вирусы, которые ваш антивирус мог пропустить.

Sophos Antivirus для Linux — Free Edition

Защита критически важных серверов Linux и предотвращение всех угроз — даже тех, что разработаны для Windows. Антивирус легковесный и прост в использовании, чтобы серверы Linux имели возможность сохранять высокую скорость работы. Он работает незаметно в фоновом режиме и выполняет сканирование в одном из режимов: при доступе, по запросу или по расписанию.

Коммерческий продукт: позволяет подключать к централизованной системе управления и поддерживает широкий набор операционных систем — Linux и Unix.

Поддержка или помоги себе сам

Единым окном входа является раздел Поддержки на сайте вендора — Sophos Support, со сквозным поиском по всем ресурсам. Для Sophos Home создан отдельный портал.
Можно выделить три основных способа найти решение возникшей проблемы:

Берегите себя от шифровальщиков!

Напоследок, Вы можете посмотреть видео про Time Machine для защиты от шифровальщиков 🙂

Источник

Over the past quarter of a century, the open source movement has gone from strength to strength. But that success and the openness inherent in the community have led to a major challenge – security. The more software that is developed, the greater the likelihood there is for vulnerabilities.

To make matters worse, the open source world prides itself on openness and transparency. Therefore, any security vulnerabilities are disclosed publicly. In this age of organized gangs of cybercriminals, that is like placing an ad asking for an attack.

This has given rise to a large number of open source security tools. They take care of all aspects of the management of security in open source components, examine dependencies, fix bugs in code, and lower risk.

However, the tools themselves vary considerably in scope, sophistication, and function. The editors of eSecurity Planet find the following 20 open source security tools to be particularly useful. Some are open source, some are commercial, but all are good security options for open source environments.

If you’re interested in learning more about Open Source Security check out this book!

The Best Open Source Security Tools

WhiteSource

WhiteSource detects all vulnerable open source components, including transitive dependencies, in more than 200 programming languages. It matches reported vulnerabilities to the open source libraries in code, reducing the number of alerts. With more than 270 million open source components and 13 billion files, its vulnerability database continuously monitors multiple resources and a wide range of security advisories and issue trackers. WhiteSource is also a CVE Numbering Authority, which allows it to responsibly disclose new security vulnerabilities found through its own research. It identifies and prioritizes the most critical open source security vulnerabilities so users can fix what matters most first.

Metasploit

Metasploit covers the scanning and testing of vulnerabilities. Backed by a huge open source database of known exploits, it also provides IT with an analysis of pen testing results so remediation steps can be done efficiently. However, it doesn’t scale up to enterprise level and some new users say it is difficult to use at first.

Read more:

• Metasploit: Pen Testing Product Overview and Analysis
• Getting Started With the Metasploit Framework: A Pentesting Tutorial

Revenera

FlexNet Code Aware by Revenera can find security threats and intellectual property (IP) compliance issues in open source code. It scans Java, NuGet, and NPM packages. In addition, the company offers a full enterprise platform for open source security and license compliance, with support for all major software languages. It has more than 70 extensions, and a knowledge base with more than 14 million open source components.

Synopsys

Black Duck software composition analysis (SCA) by Synopsys helps teams manage the security, quality, and license compliance risks that come from the use of open source and third-party code in applications and containers. It integrates with build tools like Maven and Gradle to track declared and transitive open source dependencies in applications’ built-in languages like Java and C#. It maps string, file, and directory information to the Black Duck KnowledgeBase to identify open source and third-party components in applications built using languages like C and C++. The SCA tool also identifies open source within compiled application libraries and executables (no source code or build system access required) and finds parts of open source code that have been copied within proprietary code, which can potentially expose you to license violations and conflicts.

Portswigger Burp

Burp Suite Community Edition by Portswigger is an open source manual version of a popular web vulnerability scanner used in a great many organizations. It can be used by skilled security professionals to find vulnerabilities rapidly.

Read more:

• Burp Scanner Features & Pricing
• Getting Started with the Burp Suite: A Pentesting Tutorial

OSSEC

OSSEC is open source and free. It can be tailored to security needs through its configuration options, adding custom alert rules and scripts to take action when alerts occur. It offers comprehensive host-based intrusion detection across multiple platforms, including Linux, Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX. Additionally, it helps organizations meet specific compliance requirements such as PCI-DSS. It detects and alerts on unauthorized file system modification and malicious behavior that could lead to non-compliance.

Acunetix

Acunetix is primarily a web application security scanner, with additional network infrastructure scanning capabilities. It uses the popular open source vulnerability scanning project OpenVAS as its scanning engine. Its multi-threaded scanner can crawl across hundreds of thousands of pages rapidly and it also identifies common web server configuration issues. It is particularly good at scanning WordPress.

Sonatype

Sonatype offers one tool that scales open source security monitoring across the software supply chain. An evolving database of known vulnerabilities is available to help users detect threats and inconsistencies before suffering an attack. Features include: Automatic detection and fixing of open source dependency vulnerabilities; integration of security vulnerability tools into git repositories already in use; and avoiding attacks through scaled secure development practices across dev and ops teams.

Fiddler

Fiddler by Telerik is a useful collection of manual tools to deal with web debugging, web session manipulation, and security/performance testing. However, it is probably most useful for those deploying the paid version on the .NET framework, as that comes with many automation features.

Read more: Fiddler: Pen Testing Product Overview and Analysis

OWASP ZAP

OWASP Zed Attack Proxy (ZAP) is said to be the most widely used web application scanner. It grew out of the OWASP Foundation that works to improve the security of software through its community-led open source software projects, worldwide chapters, membership base, and by hosting local and global conferences.

Nmap

Nmap is a port scanner that also aids pen testing by flagging the best areas to target in an attack. That is useful for ethical hackers in determining network weaknesses. As it’s open source, it’s free. That makes it handy for those familiar with the open source world, but it may be a challenge for someone new to such applications. Although it runs on all major OSes, Linux users will find it more familiar.

Read more:

• Nmap: Pen Testing Product Overview and Analysis
• Nmap Vulnerability Scanning Made Easy: Tutorial

Security Onion

Security Onion Solutions creates and maintains Security Onion, a free and open platform for threat hunting, network security monitoring, and log management. It includes best-of-breed free and open tools, including Suricata, Zeek, Wazuh, the Elastic Stack, and many others.

Wireshark

Wireshark is often used to point out what is happening with the network and assess traffic for vulnerabilities in real time. By reviewing connection-level information as well and the constituents of data packets, it highlights their characteristics, origin, destination, and more. While it flags potential weaknesses, a pen testing tool is still required to exploit them.

Read more: Wireshark: Pen Testing Product Overview and Analysis

Aircrack-ng

Aircrack-ng is the go-to tool for analysis and cracking of wireless networks. All the various tools within it use a command line interface and are set up for scripting. It focuses on different areas of Wi-Fi security, including: Packet capture and export of data to text files for further processing by third-party tools; replay attacks, de-authentication, fake access points, and others via packet injection; Checking Wi-Fi cards and driver capabilities (capture and injection); and WEP and WPA PSK (WPA 1 and 2) cracking.

Read more: Aircrack-ng: Pen Testing Product Overview and Analysis

VeraCrypt

VeraCrypt is free, open source disk encryption software for Windows, Mac OSX and Linux. It was created by Idrix and is based on TrueCrypt 7.1a. It creates a virtual encrypted disk within a file and mounts it as a real disk. It can encrypt an entire partition or storage device such as USB flash drive or hard drive, or any partition or drive where Windows is installed. Encryption is automatic and is done in real time.

See How to Encrypt a Flash Drive Using VeraCrypt

John the Ripper

John the Ripper is the tool most used to check out password vulnerability. It combines several approaches to password cracking into one package. It supports hundreds of hash and cipher types, including: user passwords of Unix flavors (Linux, *BSD, Solaris, AIX, QNX, etc.), macOS, Windows, “web apps” (e.g., WordPress), groupware (e.g., Notes/Domino), and database servers (SQL, LDAP, etc.); network traffic captures (Windows network authentication, WiFi WPA-PSK, etc.); encrypted private keys (SSH, GnuPG, cryptocurrency wallets, etc.), filesystems and disks (macOS .dmg files and “sparse bundles,” Windows BitLocker, etc.), archives (ZIP, RAR, 7z), and document files (PDF, Microsoft Office, etc.).

Read more: John the Ripper: Penetration Testing Tool Review

Nikto

Nikto is a web server scanner that performs tests against web servers for multiple items, including over 6,400 potentially dangerous files/CGIs, checks for outdated versions of over 1,200 servers, and version-specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files and HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

Snort

Snort is an open source Intrusion Prevention System (IPS). It uses rules to define malicious network activity and find packets that match against them, generating alerts for users. Snort can also be deployed inline to stop these packets. It is primarily used as a packet sniffer, a packet logger, or as a full-blown network intrusion prevention system.

Open SSH

OpenSSH is a connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, it provides a suite of secure tunneling capabilities, several authentication methods, and configuration options.

Tcpdump

Tcpdump is a powerful command-line packet analyzer, developed by the same people as libpcap, a portable C/C++ library for network traffic capture. It prints out a description of the contents of packets on a network interface, preceded by a time stamp. It can save packet data to a file for later analysis, and read from a saved packet file rather than reading packets from a network interface. It can also read a list of saved packet files.

Here is a list of best free open source encryption software for Windows. These are open source software which help you protect your confidential data and files from unauthorized users. Not just files, but filenames can also be encrypted through some software to protect files’ identity. Some software also let you encrypt a whole disk, partition of a disk, external storage device, etc.

These open-source encryptors use various encryption algorithms such as Blowfish, DESX, AES, etc. Plus, these freeware also provide you the flexibility to select any of the encryption algorithms. However, the choice of algorithm can vary the security of data as some are more secure than others. During encryption, you need to specify a password (key) so that authorized persons can decrypt data when required.

In general, almost all these software provide similar encryption/decryption process where you need to select a password and algorithm to encrypt files(s).

My Favorite Open Source Encryption Software For Windows:

DiskCryptor is my favorite software because it encrypts drive or partition of the drive along with all data inside it. It is also capable of encrypting USB storage device, external HDD’s, Flash Drives, etc. Plus, it gives you the freedom to select an encryption algorithm of your choice.

You can also check out lists of best free Hard Disk Encryption, USB Encryption, and Video Encryption software for Windows.

DiskCryptor

DiskCryptor is a free open source encryption software for Windows. As its name implies, it is used to encrypt disk or to be more precise, to encrypt partitions of the disk. Using it, you can also encrypt external storage devices like Pendrives, Portable HDD, etc. In order to keep the disk data secure, it uses various encryption techniques such as AES, Twofish, Serpent, AES-Twofish, etc. You can select any of the available algorithms to encrypt the data. Along with encryption algorithms, you can also use Wipe Modes to prevent the possibility of forcibly recovering data by examining residual magnetic energy. In a total of three Wipe modes are available named Gutmann Mode, Us DoD 5220.22-M (8-306. /E), and Us DoD 5220.22-M (8-306. /E, C, and E).

How to Encrypt disk using open source encryption software: DiskCryptor

• Select a drive partition from the main interface that you want to encrypt.
• Go to Volumes > Encrypt Volume and then select Encryption algorithm and Wipe mode and press the Next button.
• Now a Password setup section will open up where you need to set the encryption password. After the setup, press OK to start the encryption process.

Similarly to encryption, you can also decrypt the drive by selecting the Decrypt option and by entering the correct password. In this software, you can also find some additional tools like Format Volume, Mount/Unmount Volume, Delete Mount Point, Backup Header, CD Encrypter, etc.

VeraCrypt

VeraCrypt is another free open source encryption software for Windows. Through this software, you can encrypt an entire partition of a disk or the whole disk or storage devices like USB flash drive or hard drive. In order to encrypt the drive, it uses various highly secure algorithms (AES, Serpent, Twofish, Serpent (AES), etc.) and Hash Codes (SHA-256 and RIPEMD-160). Before the encryption process, you need to specify one algorithm and hash code that you want to use for the drive encryption. This software is optimized according to modern processors that allow this software to use the hardware acceleration to reduce the encryption time.

How to encrypt a drive using VeraCrypt:

• Open the System menu and select Encrypt System Partition/Drive to open the VeraCrypt Volume Creation Wizard.
• In this Wizard, the first step is to select the type of system encryption. To do that, select the Normal option if you just want to encrypt the system partition or drive. Select Hidden to create a hidden operating system whose existence should be impossible to prove. This Hidden option comes in handy if somebody forces you to decrypt the operating system.
• Next step is to choose the Area that you want to encrypt. You can choose either Encrypt the Windows System partition or Encrypt the whole drive option.
• In the next step, you need to select a Single-boot option, if there is only one operating system installed on your system or select the Multi-boot option if there is more than one OS installed in your system.
• In next two steps, you can choose the right encryption and hash algorithm along with the password for the encryption.
• Lastly, select the path of the Rescue Disk, so that you can recover data if something went wrong during the encryption. After that, the encryption of your disk will start.

By using the right password and decryption option, you can easily be able to decrypt the encrypted drive back to the original state. There are many other activities that you can perform with this encryptor such as Mount/Unmount Volume, Change Volume password, Run Benchmark Algorithms, Test Vectors, Generate Keyfiles, etc.

7-Zip

7-Zip is a popular open source file compression and file management software for Windows. However, you can also use it as an open-source encryption software because it also has a dedicated Encryption Section. The main advantage of this software is that it automatically integrates with system explorer to provide quick compression and encryption features. Similar to other encryption software, it uses Algorithm and Password protection to encrypt files and folders. It uses AES-256 algorithm to encrypt the data.

The process of encrypting a file is quite simple. First, select the file or folder that you want to encrypt. After that, open the right-click menu and go to 7 Zip > go to archive menu. In this menu, you can view an Encryption Section from where you can easily encrypt the selected file or folder by providing the password and pressing the OK button. Besides normal file encryption, you can also encrypt the name of the files by enabling the Encrypt Filename option.

In this software, you get various features related to compression such as Archive Format (7z, tar, wim, and zip), Compression Level, Compression methods (LZMA2, LZMA, PPMd, etc.), etc.

Kleopatra

Kleopatra is yet another free open source encryption software for Windows. Through this software, you can encrypt and decrypt all types of files, folders, media files, etc. In order to start file encryption, you first need to create a new key pair. To do that, go to File > New Key Pair and enter your name and email address. After that, press next and create a passphrase to protect your new pair key. Now, you can start encrypting the files.

How to encrypt files using this open source encryption software:

• Launch this software and press Sign/Encrypt button and select one or more files or folders that you want to encrypt and press Open.
• Now a small window will open up with various options like encrypt files for me, encrypt files for others (so that other specified users of this software can also decrypt files using their key pair and passphrase), Encrypt with password (to add a separate password other than your passphrase.), encrypt each files separately (to save all encrypted file separately). Choose available options according to your choice and press the Sign/Encrypt Button to start the encryption.

This software also integrates itself with the Windows Explorer that gives another option to encrypt files. To use this option, first, select a file and then select sign and encrypt option from the right-click menu. This will directly open up the Sign/Encrypt Window using which, you can easily encrypt files. Similar to the encryption process, you can also decrypt files using the Decrypt/Verify option. Remember to sign in from the same account that you had used for the encryption. Besides encryption and decryption features, this software also contains features like Export secret key, Change Expiry (to set the expiry date for your account), Create Checksum Files, etc.

Note: This software comes as a part of the Gpg4Win suite that has five more software in the package named as GnuPG, GPA, GpgOL, GpgEX, and Compendium.

AxCrypt

AxCrypt is the next free open source encryption software for Windows. Using it, you can encrypt files, folders, media (audio, video, images, etc.), documents, etc. without much hassle. To ensure the security of data, it uses the highly secured AES-128 algorithm. Like other encryption software, it also lets you password protect your encrypted files so that only authorized person can decrypt the data.

When you launch this software, the first thing it will ask you to enter your email address. On the registered email address, you will receive a verification code using which you can setup the encryption password. After that, you can easily encrypt any data just by pressing the plus button and selecting the files or folders that you want to encrypt. If you are already logged into this software, you do not need to enter the password again to view and use the encrypted files.

In order to decrypt encrypted files, first, go to its Recent Tabs tab and right-click on an encrypted file and select stop securing and remove from the list option. Besides encryption and decryption, you can import and export public sharing key and export AxCript secret ID and sharing key pair.

Note: In this free version of AxCrypt, various advanced features like secured folders, anonymous rename, secure delete, inactivity signout, etc. are locked. You need to buy its premium version to unlock all features of this open source encryptor.

TruPax

TruPax is another one of open source encryption software for Windows. Through this software, you can encrypt files and folders of size up to 1TB. For encryption, it uses AES-256 encryption algorithm and SHA-512 hash algorithm. It encrypts data in a single volume or container, which you can also mount and decrypt using software like TrueCrypt or VeraCrypt. Before performing the encryption, you can modify various available options which affect various container properties like Free Space (to add additional space to the container), Label (to give a name to the output encrypted container), Write-Protected (to make container read-only), Wipe Afterwards (to securely remove the original files after creation of the encrypted container), etc.

How to encrypt data using TruPax:

• First, add files and folders that you want to encrypt using the File menu.
• After that, make appropriate changes to container properties from the right side of the interface.
• Lastly, press the Make Volume Button and provide the output path, volume name, and password to start the encryption.

The decryption process is also quite straightforward. First, go to File > Extract option and select the encrypted container. After that, select the output patch and provide the correct password to decrypt files.

ProxyCrypt

ProxyCrypt is another software in this list of open source encryption software. It is mainly used for the encryption and management of the virtual drives. Using this software, you can import all your important data and files to a virtual disk or volume that you can encrypt and unmount or hide from other users for more security.

Let’s take a look at how to encrypt and hide data in this open source encryption software:

• The first step is to create a container. To do that, go to its Create Container section and select a Volume or Drive Letter (G:, I:, H:, etc.) and Volume Name & Location. After that, specify the size of the drive that you want to create and press the Create Button. A small window will immediately open up in which you need to specify the password. After specifying the password, press Enter.
• A new volume or drive will appear on the This PC of your computer. Put all the data that you want to encrypt in the newly created volume.
• Lastly, again launch this software and go to its Mount/Unmount section and select the newly created volume and press the Unmount button to encrypt and hide the volume.

In order to decrypt the data, you need to press the Mount button from Mount/Unmount section. As you do that, a small window with password verification will open. By providing the correct password, you can access all of your data from the volume.

PeaZip

PeaZip is a free open source encryption and file archiver software for Windows. Using it, you can easily compress and encrypt files of almost every type and at a very fast rate. Plus, this software can also integrate itself with Windows Explorer that allows quick encryption and compression of files.

Now to encrypt files, launch this software and press the Add button. After that, drop all the files and folders to its interface. Now, select output compression file type (ZIP, 7Z, ARC, PEA, GZip, etc.), Compression speed (Fast, Normal, Ultra, etc.), Volume of the output file, etc. from the interface. After that, press the Enter Password/Keyfile button and specify the password. From this option, you can also enable Encrypt file names option to hide the original filenames. Lastly, press OK to start the compression and Encryption.

In this file encryption software, you can find many other handy features like Password Manager, File Manager, Bookmark Organizer, File Extractor, etc.

CipherShed

CipherShed is the next open source encryption software in this list. It is a free of charge software through which you can keep your data secure and private. This software is created on the platform of the now discontinued TrueCrypt Project. Similar to TrueCrypt, it also provides various Encryption Algorithms (AES, Serpent, Twofish, Twofish-Serpent, etc.) and Hash Algorithms (RIPEMD-160, SHA-512, and Whirlpool). In this software, you can’t directly encrypt data like other similar software. Instead, you need to first create an encrypted drive where you can add all data that you want to secure.

Let’s take a brief look at the process of data encryption:

• First, create and setup a new drive by pressing the Create Volume Button. In the setup, you need to go through steps like specifying the size of the new drive, selection of encryption and hash algorithms, setting up of password, etc. At the end of the setup, press OK to create the drive.
• Along with other system drives, you can also view the newly created drive in This PC of your system.
• Now, move all the data that you want to keep secure from unauthorized users to this newly created drive.
• After that, again open this software and press the Dismount all button to hide and encrypt drive along with the data.

The decryption process is simpler than encryption, as you just need to mount the drive again by pressing the Mount button and by entering right password.

This freeware also comes with a Tools Menu in which you can find many handy tools like Test Vectors, Key File Generators, Benchmark, Backup & Restore Volume Header, etc.

AES Crypt

AES Crypt is a lightweight and open source encryption software for Windows. It is also one of the basic and easiest to use encryption software. However, it still provides highly secure encryption to your media, documents, folders, etc. because it uses a powerful 256-bit encryption algorithm.

The encryption process is straightforward, just select one or more files and open the right-click menu. From this menu, select the AES Crypt option and then specify a password and press OK to start the encryption. Similarly, if you open the right-click menu after selecting an encrypted file, you get an AES Decrypt option. Select AES Decrypt and provide the right password to view and access the data.

It is an ideal software for those who seek a simple and effective encryption software.