Open source security tools and software

Open source security tools offer numerous benefits to enterprise security, but they can also come with their own vulnerabilities. Here you'll find news, expert advice, learning tools and white papers on Snort, Nmap, Nessus and other popular open source security tools.

New & Notable

Download this free guide

Free Guide: Root Causes of the Cybersecurity Skills Shortage

Our editorial director sat down with David Shearer, CEO of (ISC)², for a Q&A where they discussed what is (and isn’t) contributing to the cybersecurity skills shortage in the United States and how to fix the problem.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Open source security tools and software News

March 28, 2019 28 Mar'19
Ghidra update squashes serious bugs in NSA reverse-engineering tool

The NSA answered lingering questions around what kind of support it would provide for Ghidra after releasing the tool as open source with a patch that fixed serious bugs.
March 15, 2019 15 Mar'19
Despite reservations about NSA's Ghidra, experts see value

The NSA's reverse-engineering tool, Ghidra, was released to the public and despite some initial concerns experts are generally bullish on the prospects for the free software.
March 06, 2019 06 Mar'19
NSA releases Ghidra open source reverse-engineering tool

The National Security Agency launched its highly anticipated reverse-engineering tool, Ghidra. The free software offers features found in high-end commercial products.
February 25, 2019 25 Feb'19
WinRAR bug found and patched after 19 years

A WinRAR bug that affects every version of the app over the past 19 years was discovered and patched. But it's unclear if the millions of the app's users will get the needed fix.

View All News

Open source security tools and software Get Started

Bring yourself up to speed with our introductory content

How to put AI security to work in your organization

Countering cyberthreats through human effort alone is impossible; you need to add AI and machine learning products to your security program. Here's how to get started. Continue Reading
Mimikatz tutorial: How it hacks Windows passwords, credentials

In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords. Continue Reading
Secure Shell (SSH)

SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network. Continue Reading

View All Get Started

Evaluate Open source security tools and software Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Challenges and benefits of using the Mitre ATT&CK framework

Taking the first step might be the biggest hurdle to using the Mitre ATT&CK cybersecurity framework. Find out more about the benefits, challenges and how to get started. Continue Reading
Should I use GitHub's new private repositories?

Is GitHub's new private repositories service robust enough to serve the needs of enterprises? Nick Lewis examines what works -- and what doesn't. Continue Reading
How can OSS-Fuzz and other vulnerability scanners help developers?

Google's OSS-Fuzz is an open source vulnerability scanner. Expert Matthew Pascucci looks at how developers can take advantage of this tool and others like it. Continue Reading

View All Evaluate

Manage Open source security tools and software

Learn to apply best practices and optimize your operations.

AI, machine learning in cybersecurity focused on behavior

Artificial intelligence, and machine learning in particular, is being fruitfully employed in IT security tools. Learn where this advanced technology works best now. Continue Reading
How layered security can help and hinder application security

The growth of technology includes the growth of layered security. Join expert Kevin Beaver as he explains the pros and cons of layered defenses for application security. Continue Reading
Can a decentralized open source community properly address security?

SearchSecurity talks with UC Berkeley Professor Steven Weber about the open source community, the security challenges facing it and the prospect of software liability. Continue Reading

View All Manage

Problem Solve Open source security tools and software Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How does a WordPress SEO malware injection work and how can enterprises prevent it?

Security expert Nick Lewis explains how to prevent WordPress SEO malware injection attacks that rank the attacker's search engine results higher than legitimate webpages. Continue Reading
Wireshark tutorial: Using Wireshark to sniff network traffic

Learn to use the Wireshark protocol analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer to inspect and analyze network traffic. Continue Reading
How can attackers exploit a buffer underflow vulnerability?

A buffer underflow was found to be caused by a vulnerability in strongSwan's open source VPN. Learn how this is possible and how attackers can exploit it with Judith Myerson. Continue Reading

View All Problem Solve