The Top 10 Most Popular Security Projects on GitHub

Open source is winning. It's winning slowly, but it's winning. In the infosec community, despite many companies locking their code in proprietary software, there are plenty of open source projects that security professionals can use.

A good place to start searching for cool open source security-related projects is GitHub. You can use the site's search feature to find useful tools, but there's one place where you can find the most popular security-related projects, and that's the GitHub Showcases sections, a place on GitHub that very few people know of.

Introduced in 2014, Showcases organizes the most popular projects in categories. Projects get listed in Showcases based on their number of stars, meaning the list is constantly updated with today's most popular projects.

Showcases includes a "Security" category that includes 24 projects. These are the top ten most popular open source security-related projects on GitHub at the moment:

1. osquery - from Facebook

“  osquery exposes an operating system as a high-performance relational database. This allows you to write SQL-based queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.  ”

2. Metasploit Framework - from Rapid7

“  The Metasploit Framework is a tool for developing and executing exploit code against a remote target machine.  ”

3. Infer - from Facebook

“  Facebook Infer is a static analysis tool - if you give Infer some Objective-C, Java, or C code, it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to people's phones, and help prevent crashes or poor performance.  ”

4. Brakeman - from PresidentBeef

“  Brakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities.  ”

5. Radare2 - from the Radare Porject

“  Radare is a forensics tool and a scriptable command line hexadecimal editor able to open disk files, which also has support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb servers, ...  ”

6. OS X Auditor - from Jean-Philippe Teissier

“  OS X Auditor is a free Mac OS X computer forensics tool that parses various types of files for suspicious content.  ”

7. BeEF - from BeEF Project

“  BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.  ”

8. Cuckoo - from Cuckoo Sandbox Project

“  Cuckoo Sandbox is an automated dynamic malware analysis system. What does that mean? It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.  ”

9. Scumblr - from Netflix

“  Scumblr is a web application that allows performing periodic searches and storing / taking actions on the identified results.  ”

10. Moloch - from AOL

“  Moloch is an open source, large scale packet capturing, indexing and database system. A simple web interface is provided for PCAP browsing, searching, and exporting. APIs are exposed that allow PCAP data and JSON-formatted session data to be downloaded directly. Simple security is implemented by using HTTPS and HTTP digest password support or by using apache in front. Moloch is not meant to replace an IDS but instead work along side them to store and index all the network traffic in standard PCAP format, providing fast access. Moloch is built to be deployed across many systems and can scale to handle tens of gigabits/sec of traffic.  ”