Open Source ChromeOS Security Software - Page 3
Sort By:
Security Software for ChromeOS
-
Premier Construction SoftwareRated #1 Construction Accounting Software by Forbes Advisor in 2022 & 2023. Our modern SAAS solution is designed to meet the needs of General Contractors, Developers/Owners, Homebuilders & Specialty Contractors.
-
MicroStation by Bentley Systems is the trusted computer-aided design (CAD) software built specifically for infrastructure design.MicroStation is the only computer-aided design software for infrastructure design, helping architects and engineers like you bring their vision to life, present their designs to their clients, and deliver their projects to the community.
-
1
Teardroid
It's easy to use android botnet work without port forwarding
It's easy to use Android botnet work without port forwarding, VPS, and Android Studio. Run Shell Command ( use findphno command in a run shell command to get the device phone number and use findx:pdf to find all the pdf files on the device ) It will prompt you with your Control Panel url enter your deta space control panel url without /v4 or your own server URL (without/at the end of the URL). You will also be prompted for the title and text of the notification. Enter what you want to display on the notification. Using your own keystore it's not recommended to use the default keystore you can modify the values in the Config.py file to use your own keystore with Teardroid v4. -
2
Merlin HTTP/2
Merlin is a cross-platform post-exploitation HTTP/2 Command
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go. The Merlin server is a self-contained command line program that requires no installation. You just simply download it and run it. The command-line interface only works great if it will be used by a single operator at a time. The Merlin agent can be controlled through Mythic, which features a web-based user interface that enables multiplayer support, and a slew of other features inherent to the project. -
3
Metabigor
Command-line OSINT and reconnaissance tool without API keys
Metabigor is a command-line intelligence and OSINT tool designed to perform reconnaissance and security research tasks without requiring API keys. It focuses on simplifying access to public intelligence sources so that researchers, penetration testers, and bug bounty hunters can gather information efficiently from a single interface. It enables users to discover IP ranges, domains, and infrastructure details related to organizations, domains, or autonomous systems. Metabigor integrates multiple public data sources such as certificate transparency logs, BGP routing data, reverse WHOIS services, and IP intelligence databases to help map digital infrastructure. It can also enrich IP information with service, port, and vulnerability data using Shodan InternetDB while remaining accessible without authentication keys. In addition, it provides utilities that coordinate network scanning workflows by acting as a wrapper for tools like rustscan, masscan, and nmap. -
4
Tailsnitch
A security auditor for Tailscale configurations
tailsnitch is a security auditing tool for Tailscale networks (tailnets) that scans configurations and device setups to detect risky or overly permissive settings, helping administrators maintain a secure mesh network. Written in Go and designed to be run either as a CLI or integrated into automated pipelines, tailsnitch performs dozens of checks against common access control policies, authentication key practices, network exposure issues, and device security settings. It outputs structured reports on findings with severity levels and remediation guidance, and it can generate results in formats like JSON for downstream analysis and integration with CI/CD pipelines. Tailsnitch supports authentication via the Tailscale API (including OAuth or API keys) and provides options to filter findings, run only high-severity checks, and produce compliance artifacts like SOC 2 evidence exports. -
Award-Winning Medical Office Software Designed for Your SpecialtyRXNT is an ambulatory healthcare technology pioneer that empowers medical practices and healthcare organizations to succeed and scale through innovative, data-backed, AI-powered software.
-
5
ASN
Command line ASN lookup, network recon, and traceroute tool
asn is a multifunctional network investigation and OSINT command line tool designed for analyzing Autonomous System (ASN) and IP-related data. It provides a comprehensive set of capabilities for inspecting network infrastructure, routing information, and security signals associated with IP addresses, hostnames, prefixes, and organizations. It aggregates data from multiple external services to present detailed information such as BGP statistics, RPKI validation status, IP reputation, geolocation, and prefix ownership. It can also perform AS path tracing, allowing users to observe the network route between systems and identify Internet Exchange Points or anomalies in the path. In addition to its command line usage, asn can run as a web-based traceroute server or as a self-hosted lookup API that returns JSON-formatted data for automated workflows. This flexibility allows the tool to support manual investigations, incident response, and automated network analysis pipelines. -
6
Exposure Notifications Server
Exposure Notification Reference Server | Covid19 Exposure Notification
Exposure Notifications Server is an open source reference implementation developed by Google to support the COVID-19 Exposure Notifications API, designed for use by public health authorities around the world. The server provides a secure and privacy-preserving backend system that enables governments and organizations to deploy exposure notification applications for Android and iOS devices. It handles essential backend functions, including receiving and validating temporary exposure keys from users who have tested positive, storing those keys, and generating downloadable key files for mobile devices to check for potential exposure matches. The system integrates cryptographic signing for authenticity, supports configurable data retention policies, and ensures user privacy by design—no personally identifiable information is stored or transmitted. Built to be platform-agnostic, it can be deployed on any infrastructure or cloud service. -
7
Laravel Sentinel
A framework agnostic authentication & authorization system
Sentinel is a PHP 8.1+ framework agnostic fully-featured authentication & authorization system. It also provides additional features such as user roles and additional security features. -
8
Splunk Attack Range
Tool to simulate attacks and collect the data
Attack Range Log The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
9
Chromepass
Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features. Decrypt Google Chrome, Chromium, Edge, Brave, Opera and Vivaldi saved paswords and cookies. Send a file with the login/password combinations and cookies remotely (http server or email) Undetectable by AV if done correctly. Custom icon, custom error message, customize port. The new client build methodology practically ensures a 0% detection rate, even without AV-evasion tactics. If this becomes false in the future, some methods will be implemented to improve AV evasion. The dependencies are checked and installed automatically, so you can just skip to Usage. It's recommended that you use a clean VM, just to make sure there are no conflicts. If you don't have the dependencies and your internet isn't fast, this will take a while. -
The AI workplace management platformBy combining AI workflows, predictive intelligence, and automated insights, OfficeSpace gives leaders a complete view of how their spaces are used and how people work. Facilities, IT, HR, and Real Estate teams use OfficeSpace to optimize space utilization, enhance employee experience, and reduce portfolio costs with precision.
-
10
ClatScope
OSINT reconnaissance tool for IP, domain, email, and username lookups
ClatScope is a Python-based OSINT (open source intelligence) utility designed to gather and analyze publicly available information from multiple online sources. It is primarily aimed at investigators, cybersecurity professionals, penetration testers, and researchers who need a centralized platform for reconnaissance tasks. It integrates with numerous public APIs and internet services to retrieve detailed data about IP addresses, domains, email addresses, phone numbers, usernames, and other digital identifiers. By combining these sources, ClatScope automates the process of collecting intelligence that would normally require multiple separate tools or manual searches. It operates through a menu-driven command line interface that allows users to choose from many reconnaissance functions and receive formatted results directly in the terminal. ClatScope supports dozens of OSINT operations, including domain analysis, breach checks, and account discovery. -
11
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
12
Mitaka
Browser extension for fast OSINT searches and IOC investigation
Mitaka is a browser extension designed to streamline Open Source Intelligence (OSINT) investigations by enabling quick searches and scans directly from the browser. It allows security researchers, analysts, and investigators to easily examine various indicators of compromise (IoCs) such as IP addresses, domains, URLs, hashes, email addresses, and more. Instead of manually copying and pasting suspicious indicators into multiple intelligence platforms, users can simply highlight a value on any webpage and access multiple OSINT services through a context menu. Mitaka automatically detects the type of indicator and generates appropriate search options for relevant threat intelligence services. Mitaka also includes a refanging capability that converts obfuscated indicators, such as example[.]com or hxxp://example.com, into valid formats that can be analyzed immediately. -
13
jCasbin
An authorization library that supports access control models
An authorization library that supports access control models like ACL, RBAC, ABAC for Golang, Java, C/C++, Node.js, Javascript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter) and Elixir. In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. Besides memory and file, Casbin policy can be stored into lots of places. Currently, dozens of databases are supported, from MySQL, Postgres, Oracle to MongoDB, Redis, Cassandra, AWS S3. jCasbin is a powerful and efficient open-source access control library for Java projects. It provides support for enforcing authorization based on various access control models. -
14
IntelOwl
Centralized platform for automated threat intelligence analysis
IntelOwl is an open source platform designed to manage and enrich threat intelligence data at scale. It provides a centralized environment where security analysts can gather information about suspicious files and observables such as IP addresses, domains, URLs, or hashes using a single API request. The platform integrates numerous online intelligence sources and advanced malware analysis tools, enabling users to obtain comprehensive threat intelligence without manually querying multiple services. IntelOwl was created to automate repetitive investigation tasks typically performed by security operations center (SOC) analysts, helping teams focus on deeper analysis and incident response. The system features a modular architecture built around plugins that allow new analyzers, connectors, and integrations to be added easily. These plugins can collect data from external intelligence platforms or generate insights using internal analysis tools such as YARA or static malware analyzers. -
15
Laravel Notify
Flexible Flash notifications for Laravel
Laravel Notify is a package that lets you add custom notifications to your project. A diverse range of notification designs is available. -
16
OpenZeppelin Contracts
OpenZeppelin Contracts is a library for secure smart contracts
A library for secure smart contract development. Build on a solid foundation of community-vetted code. OpenZeppelin Contracts uses semantic versioning to communicate backward compatibility of its API and storage layout. To keep your system secure, you should always use the installed code as-is, and neither copy-paste it from online sources nor modify it yourself. The library is designed so that only the contracts and functions you use are deployed, so you don't need to worry about it needlessly increasing gas costs. Reduce the risk of vulnerabilities in your applications by using standard, tested, community-reviewed code. -
17
VENOM C2 shellcode
C2 shellcode generator/compiler/handler
The script will use msfvenom (metasploit) to generate shellcode in different formats ( C# | python | ruby | dll | msi | hta-psh | doc | apk | macho | elf | deb | mp4 | etc ) injects the shellcode generated into one template (example: python) "the python function will execute the shellcode into ram" and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file. It also starts a handler to receive the remote connection (shell or meterpreter) venom 1.0.11 (malicious_server) was build to take advantage of apache2 webserver to deliver payloads (LAN) using a fake webpage writen in html to be hable to trigger payload downloads, the user just needs to send the link provided to target host. -
18
secator
Automated framework for running pentesting tools and workflows
Secator is a task and workflow runner designed to streamline security assessments by integrating many well-known penetration testing and reconnaissance tools into a unified framework. It acts as a centralized automation platform that helps security professionals run tasks, workflows, and scans more efficiently from a single command-line interface. It supports dozens of established security tools and organizes them into structured workflows, enabling users to perform complex reconnaissance and vulnerability discovery processes with minimal manual effort. By standardizing input parameters and output formats across different tools, Secator simplifies how results are collected and processed during security testing. Secator is built to improve productivity for penetration testers, bug bounty hunters, and security researchers who frequently chain multiple tools together during assessments. -
19
uBlock
uBlock: a fast, lightweight, and lean blocker for Chrome, Firefox
uBlock: a fast, lightweight, and lean blocker for Chrome, Firefox, and Safari. Available on the Chrome Web Store or for manual installation. Available to install from the homepage. Available for install from the homepage or from the App Store. Available on the Firefox Add-ons site, or for manual installation. Opera shares Chrome's underlying engine, so you can install uBlock simply by grabbing the latest release for Chrome.To benefit from uBlock's higher efficiency, it's advised that you don't use other blockers at the same time (such as AdBlock or Adblock Plus). uBlock will do as well or better than most popular ad blockers. It's important to note that blocking ads is not theft. Don't fall for this creepy idea. The ultimate logical consequence of blocking = theft is the criminalisation of the inalienable right to privacy. -
20
CamDesk
The Desktop Webcam Widget
CamDesk is a free, open source, desktop webcam widget, that was created as home surveillance application. Although others have used it for demonstrations even with CamStudio, and QuickTime Player for screen casting. -
21
Portable PGP is a fully featured lightweight java based PGP tool. It allows to encrypt,decrypt,sign and verify text and files with a nice and absolutely straight graphical interface.
-
22
American Fuzzy Lop
American fuzzy lop - a security-oriented fuzzer
AFL (American Fuzzy Lop) is a widely used graybox fuzzer that discovers bugs by mutating inputs and steering execution using lightweight instrumentation. Instead of random mutations alone, it uses coverage feedback to evolve input corpora, pushing programs into deeper and more interesting code paths. Its workflow emphasizes quick start: point it at a target binary with compile-time instrumentation (or use QEMU-based mode when recompilation isn’t possible), seed it with a small corpus, and let it iterate. AFL is known for finding serious security issues in complex software due to its corpus minimization, queue management, and deterministic mutation stages that balance breadth and depth. It provides crash triage helpers and test case minimization so developers can reproduce and fix issues quickly. The design deliberately optimizes for robustness and speed on commodity hardware, which helped it become a standard part of many security testing pipelines. -
23
Hemmelig
Keep your sensitive information out of chat logs, emails, and more
Hemmelig is a privacy-focused secret sharing service that lets users securely share sensitive information like passwords, API keys, private notes, or confidential links using client-side encryption so that the server never sees unencrypted data. It operates with a zero-knowledge architecture: all encryption and decryption happen in the browser, and only encrypted blobs are transmitted to and stored on the server, reducing the risk of leaks or unauthorized access. Users can generate shareable links with optional expiration times, view limits, and password protection to tailor how and when secrets are consumed, and links automatically expire or self-destruct after use to prevent reuse or exposure. The platform supports easy deployment via Docker or hosted options, making it practical for individuals, teams, or enterprises that want to safeguard secrets without relying on third-party storage. -
24
Laravel Passport
Laravel Passport provides OAuth2 server support to Laravel
Laravel Passport is an OAuth2 server and API authentication package that is simple and enjoyable to use. Laravel Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp. Before getting started, you may wish to determine if your application would be better served by Laravel Passport or Laravel Sanctum. If your application absolutely needs to support OAuth2, then you should use Laravel Passport. However, if you are attempting to authenticate a single-page application, or mobile application, or issue API tokens, you should use Laravel Sanctum. Laravel Sanctum does not support OAuth2; however, it provides a much simpler API authentication development experience. -
25
Locker Password Manager
Open source secure password manager
Locker is a password manager that goes beyond the mere concept of password management. Whatever your previous password manager provided, we offer even more. Store passwords, passkeys and personal data in one encrypted vault. Manage effectively with categories and folders. Save your passwords with a click, login and checkout made effortlessly with auto-saving and auto-fill features from passwords, payment details to two-factor authentication passcodes. Locker password manager is available anytime on any platform and device, whether it is a web browser, extensions, mobile apps or desktop apps. Share passwords and sensitive data with your friends and colleagues quickly and securely. Or share items with anyone, even if they don't use Locker.
