ENNAENNA
Free & Open Source

Open-Source Alternatives

Free, open-source replacements for the commercial security tools you know. Same capabilities, no license fees.

Maltego

5 alternatives

Maltego is a commercial OSINT and link analysis platform for visual investigation. These open-source tools provide similar graph-based intelligence gathering and entity relationship mapping.

SpiderFootRecon-ngtheHarvesterBBOTsn0int
osintlink-analysisinvestigation

Burp Suite Pro

7 alternatives

Burp Suite Pro is the industry-standard web application security testing platform. These open-source tools cover similar functionality for web scanning, proxying, and vulnerability discovery.

CaidoNucleiffufsqlmapDalFox+2 more
web-securityproxyscanning

Cobalt Strike

5 alternatives

Cobalt Strike is a commercial adversary simulation and red team C2 framework. These open-source alternatives provide similar command and control, payload generation, and post-exploitation capabilities.

SliverHavocMythicCovenantEmpire
c2red-teampost-exploitation

Tenable Nessus

6 alternatives

Nessus is a commercial vulnerability scanner widely used in enterprise environments. These open-source tools provide vulnerability scanning, configuration auditing, and compliance checking.

OpenVASNucleiTrivyGrypeLynis+1 more
vulnerability-scanningcomplianceaudit

Chainalysis Reactor

6 alternatives

Chainalysis Reactor is a commercial blockchain investigation platform used by law enforcement and financial institutions. These open-source tools provide transaction tracing, wallet clustering, and blockchain analytics.

GraphSenseTrueBlocksBlockScoutBitcoin Core CLICryo+1 more
blockchaincrypto-forensicstracing

IDA Pro

7 alternatives

IDA Pro is the gold standard commercial disassembler and decompiler for reverse engineering. These open-source tools provide disassembly, decompilation, and binary analysis capabilities.

GhidraRadare2CutterRizinImHex+2 more
reverse-engineeringdisassemblydecompilation

Splunk Enterprise

6 alternatives

Splunk is a commercial SIEM and log management platform. These open-source tools provide log analysis, threat detection, timeline analysis, and security monitoring.

WazuhSigmaosqueryTimesketchHayabusa+1 more
siemloggingdetection

Acunetix

8 alternatives

Acunetix is a commercial web vulnerability scanner focused on automated detection of SQL injection, XSS, and other web flaws. These open-source tools cover similar automated web app scanning.

NucleiNiktosqlmapXSStrikeDalFox+3 more
web-scanningsql-injectionxss

Cellebrite UFED

7 alternatives

Cellebrite UFED is a commercial mobile forensics platform for extracting data from smartphones. These open-source tools provide mobile device forensics, app analysis, and spyware detection.

MVTMobSFFridaObjectionAPKLeaks+2 more
mobile-forensicsandroidios

Qualys Cloud Platform

7 alternatives

Qualys is a commercial cloud-based vulnerability management and compliance platform. These open-source tools provide cloud security scanning, asset discovery, and configuration auditing.

ProwlerScoutSuiteCloudFoxSteampipeTrivy+2 more
cloud-securitycomplianceasset-management