The 5 Most Popular Security Tools You Should Know // Explained in 180 seconds

I came across a resource that shows the most popular and fastest growing open source security projects on GitHub. In this Explained video, we’re going to look at the top 5 most popular projects from that list. At the end of the article, I’ll share the link so that you can see all of the top 100 projects.

The most commonly used languages to create these tools

Before we get started, it’s interesting to note that the most commonly used language for these projects, by quite a big margin, is Python!

After that, it’s a close race between Go and JavaScript, and finally, C and TypeScript.

Top cybersecurity open source project languages used

Most common categories

The projects are also broken down by category, and the top 2 are: Identity and Application Security at 18% each.

After that, we have Cloud Security (15%), then Network Security (13%), and finally, Vulnerability Management.

Top categories for cybersecurity open source tools

With that out of the way, let’s dive in with the fifth most popular open-source security tool: Cilium.

#5 – Cilium

Cilium is a Cloud Security tool that “provides secure network connectivity between app services deployed using containers like Docker or Kubernetes.”

Cilium eBPF-based Networking, Observability, Security

Cilium consists of an agent running on all cluster nodes and servers in your environment. It provides networking, security, and observability to the workloads running on that node. Workloads can be containerized or running natively on the system.

It’s really not surprising to see a container and Kubernetes project in the top 5, because of how many organizations are using containers.

#4 – Mitmproxy

The next tool, in spot #4, is Mitmproxy, which stands for Man-in-the-middle proxy. If you’re familiar with MITM attacks, then you probably know where this is going…

…this is an interactive intercepting HTTP proxy for penetration testers and software developers that is capable of supporting TLS connections.

This project also includes a web-based interface called mitmweb, and a command-line version called mitmdump which is like tcpdump, but for HTTP.

Once installed, we can use it to:

Intercept requests
Modify requests
Replay requests
Etc…

This is essentially a much more portable and simpler version of using the Burp or OWASP ZAP proxy feature. The primary benefit here is how flexible of a tool this is, which means you can use it for a variety of use cases…and obviously, a lot of people see that value because this project has 31,000 stars

#3 – OpenSSL

This next one is a tool that I’m sure you’ve heard of if you’ve ever worked with web applications or anything requiring TLS.

OpenSSL is a tool that is and has been massively popular because it’s a Cryptography and TLS Toolkit that you can use to create and manage certificates and encryption of all kinds.

In short, you can think of this as a swiss army knife for cryptographic tasks, testing, and analysis.

#2 – Vault

In the second spot, we have a secrets management tool from HashiCorp called Vault. Vault fits in the Identity category because it’s a tool for creating and managing secrets, encrypting as a service, and access management.

You can use it for API keys, passwords, certificates, and a whole bunch more. You can even use it to generate dynamic instead of static secrets. This means you can use it to generate secrets on-demand for databases or even cloud resources, for example.

I made a full video explaining what Vault is and how it works in the Explained series, so check that video out if you’re interested.

#1 – Metasploit-Framework

Finally, in spot number one, I don’t think too many of us will be surprised…we have the Metasploit-Framework.

Metasploit is an exploitation framework used for pentesting that’s maintained by Rapid7 and the open source community.

Anyone who has any remote interest in pentesting will have heard of Metasploit, because the Internet is flooded with tutorials on how to use this framework…and for good reason: it’s a super powerful and impressive framework that can do a lot.

It’s so powerful, in fact, that you can even use it to write your very own exploits, or use community exploits.

If you’re interested in learning more about Metasploit, my recommendation would be to start with their documentation: https://docs.metasploit.com/

After that, check out YouTube tutorials — there are plenty out there to get you going.

Conclusion

As promised, here’s the entire list of 100 different top projects: https://opensourcesecurityindex.io/

By the way, this list is constantly changing. Even from the time that I found this resource to the time that I wrote this, two of the top 5 moved around. So by the time you read this article, the top 5 may have changed!

If you enjoyed this post, check out our playlist and subscribe for more content like this. Let me know in the comments below which of these tools you hadn’t heard of that you’re very interested in learning more about!

Thanks for reading, and see you next time.