Best Open Source Security Tools of 2015 (and 2016)

Best Open Source Security Tools

Always looking for a better tool to help you in your work? If there is one website who knows what is happening in the field of security tools, it is ToolsWatch. The site covers new tools, and promotes existing projects when they release a new version.

Image of ToolsWatch about top 10 of open source security tools in 2015

Every year ToolsWatch ask their readers to vote for their favorite security tool. Here are the recent results of 2015:

  • 01 – OWASP ZAP – Zed Attack Proxy Project (+1↑)
  • 02 – Lynis (+1↑)
  • 03 – Haka (NEW)
  • 04 – Faraday (NEW)
  • 05 – BeEF – The Browser Exploitation Framework (-1↓)
  • 06 – Burp Suite (NEW)
  • 07 – PeStudio (-1↓)
  • 08 – Nmap (+2↑)
  • 09 – IDA Pro (NEW)
  • 10 – OWASP Offensive (Web) Testing Framework (-3↓)

As you can see the list contains a wide variety of tools. Most can be used on Linux systems, including our own security scanner Lynis!

See the details of the open source security tools of 2015 for more details.

More Open Source?

As an open source author, I regularly ask other developers how they think open source is impacting the world. Not so surprisingly, most have similar answers: Companies are no longer afraid of the risks of using open source projects, nor testing things out. In that area we see that some open source projects are more tailored to a particular niche, beating big commercial solutions. There is definitely a market for smaller open source projects, to fulfill the needs left by the big guys.

The Niche of Security Tools

The promotion of open source security tools is a niche in itself. Not many companies or initiatives like ToolsWatch cover them. This might be actually a good thing. Knowledge will be gathered at a few places, instead of scattered around the web. With this central location, people in need for a security tool can quicker find what they need.


We thank ToolsWatch for doing their yearly vote, and our voters for getting us a nice second place!

One more thing...

Keep learning

So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.

See training package

Lynis Enterprise screenshot to help with system hardeningSecurity scanning with Lynis and Lynis Enterprise

Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.



  • RonanRonan

    Thanks for the list Michael, great to see ZAP up there. Checking out a bunch of the others that you mentioned. Lots of new ones!

    Most of the things we’ve been using at have been AWS specific (like Netflix’s open Security Monkey project) on top of our own continuous integration testing – trying to automate more and more.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.