The Internet is chock full of open source tools that can help both every day computer users and administrators beef up their security.
For those that don’t know, open source means that the program can be used, modified, and shared for free by the public! Nothing says cozy like free.
Here you will find some of my favorite open source tools and finds from all over the interwebs. I’ve broken them down into different categories such as operating systems, admin tools, and end users tools.
Check back regularly for updates!
Kali – Kali is one of the most popular open source operating systems for security professionals. Kali comes preloaded with tons of useful penetration testings tools. Kali is offered by Offensive Security. Documentation regarding the OS, training, certifications and the download for the OS itself can all be found on their website.
Tails – Tails is another open source operating system, but it’s quite different from Kali. Tails is a live operating system that doesn’t stay permanently on your computer’s hard drive like other operating systems. Instead, you can to boot it from any computer using a USB drive or DVD. Tails boasts anonymity and privacy as it leaves no trace. If you ever need to navigate the thralls of the dark web, Tails is great this for this. It even comes preinstalled with TOR browser. Of course, I know all my cozy readers are lawful citizens and would only navigate to the dark web for research purposes and other above board scenarios.
Mint – Linux Mint, while not specifically related to cybersecurity, is just a great every day operating system. If you have an old computer lying around that has some outdated version of Windows on it, you can upgrade it by installing an open source operating system like this one! Why is this a good idea from a security standpoint? Answer: When operating systems stop being supported by the manufacturer (for example, Windows XP and Windows 7 are no longer supported by Microsoft) then they no longer receive the needed security patches. Windows licenses can be pricey, and it probably doesn’t make sense to upgrade an 8 year old computer to Windows 10. However, if the hardware still works, then it might seem silly to throw away. Solution – install an open source operating system that is still supported and will put out the necessary security updates. You might find that you prefer it over Windows and change all of your computers over to Linux!
Antivirus & Anti-malware Software
I want to start this section by saying this: antivirus software is something that is worth spending money on. Free options are better than having no antivirus at all, but for the extra $40 – $60 a year, upgrading from the free version will always be my first choice.
Sophos – Sophos is a top-notch cybersecurity company in my opinion. I have experience with them from both an enterprise and personal level and they really knock it out of the park. Sophos has a free antivirus download for personal use, but as I mentioned before I recommend dropping that extra $42 a year for the premium subscription.
Malwarebytes – It’s an important designation that Malwarebytes is not an antivirus. Rather, malwarebytes, as the name suggests, is an anti-malware product. Malwarebytes is a product that was created after it became apparent that antivirus programs weren’t able to protect fully against malware. Many new antivirus programs, especially paid versions, have built in anti-malware programs. If yours does not, malwarebytes may be a good option. For example, the Sophos free edition doesn’t include anti-malware, but it could be paired with the Malwarebytes free edition. Malwarebytes Premium can be purchased for $39.99 per year on their website.
Solarwinds IP Address Tracker – Listen guys, I’ve used a LOT of IP address scanners in my day and this is by far the most user friendly. After downloading the free tool you can simply enter the range of IPs you need to scan and it will show you which are used and in many cases which type of device is using that IP.
Wireshark – I’ll admit that Wireshark probably isn’t a program that you’re going to be able to jump in and hit the ground running with. It’s a complex and extremely powerful packet capture tool. There are full courses dedicated to using Wireshark and for good reason. With that being said, understanding how to use Wireshark can help you not only protect your network, but also quickly troubleshoot any networking issues that occur.
Emotet-Blocker – If you’ve read my blog post about Emotet, then you know it’s nothing to mess around with! Cybersecurity organization CyberReason created a free tool available on GitHub to help protect against the Emotet malware. According to the GitHub page, Emotet-blocker works by “grabbing the mutex that emotet 1st stage binary gains in advance and prevents further activities by it which reduces the chance of an attack on Windows devices.”
The Emotet-blocker GitHub page also makes it clear that “this tool is to reduce the risk of infection against a certain variant of Emotet 1st stage executable and
is not able to guarantee the effectiveness against the future variants because the Emotet developer is possible to change it.