{"id":22773,"date":"2021-07-24T20:54:21","date_gmt":"2021-07-24T20:54:21","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=22773"},"modified":"2021-09-04T08:45:25","modified_gmt":"2021-09-04T08:45:25","slug":"top-51-free-open-source-tools-for-system-network-dns-http-ssl-security-for-software-engineers","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/top-51-free-open-source-tools-for-system-network-dns-http-ssl-security-for-software-engineers\/","title":{"rendered":"Top 51 free open source tools for system network, DNS, HTTP, SSL & Security for software engineers"},"content":{"rendered":"\n

Network<\/h2>\n\n\n\n

  \ud83d\udd38 PuTTY<\/strong><\/a> – is an SSH and telnet client, developed originally by Simon Tatham.
  \ud83d\udd38 Mosh<\/strong><\/a> – is a SSH wrapper designed to keep a SSH session alive over a volatile connection.
  \ud83d\udd38 Eternal Terminal<\/strong><\/a> – enables mouse-scrolling and tmux commands inside the SSH session.
  \ud83d\udd38 nmap<\/strong><\/a> – is a free and open source (license) utility for network discovery and security auditing.
  \ud83d\udd38 zmap<\/strong><\/a> – is a fast single packet network scanner designed for Internet-wide network surveys.
  \ud83d\udd38 Rust Scan<\/strong><\/a> – to find all open ports faster than Nmap.
  \ud83d\udd38 masscan<\/strong><\/a> – is the fastest Internet port scanner, spews SYN packets asynchronously.
  \ud83d\udd38 pbscan<\/strong><\/a> – is a faster and more efficient stateless SYN scanner and banner grabber.
  \ud83d\udd38 hping<\/strong><\/a> – is a command-line oriented TCP\/IP packet assembler\/analyzer.
  \ud83d\udd38 mtr<\/strong><\/a> – is a tool that combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single tool.
  \ud83d\udd38 mylg<\/strong><\/a> – utility which combines the functions of the different network probes in one diagnostic tool.
  \ud83d\udd38 netcat<\/strong><\/a> – utility which reads and writes data across network connections, using the TCP\/IP protocol.
  \ud83d\udd38 tcpdump<\/strong><\/a> – is a powerful command-line packet analyzer.
  \ud83d\udd38 tshark<\/strong><\/a> – is a tool that allows us to dump and analyze network traffic (wireshark cli).
  \ud83d\udd38 Termshark<\/strong><\/a> – is a simple terminal user-interface for tshark.
  \ud83d\udd38 ngrep<\/strong><\/a> – is like GNU grep applied to the network layer.
  \ud83d\udd38 netsniff-ng<\/strong><\/a> – is a Swiss army knife for your daily Linux network plumbing if you will.
  \ud83d\udd38 sockdump<\/strong><\/a> – dump unix domain socket traffic.
  \ud83d\udd38 stenographer<\/strong><\/a> – is a packet capture solution which aims to quickly spool all packets to disk.
  \ud83d\udd38 tcpterm<\/strong><\/a> – visualize packets in TUI.
  \ud83d\udd38 bmon<\/strong><\/a> – is a monitoring and debugging tool to capture networking related statistics and prepare them visually.
  \ud83d\udd38 iptraf-ng<\/strong><\/a> – is a console-based network monitoring program for Linux that displays information about IP traffic.
  \ud83d\udd38 vnstat<\/strong><\/a> – is a network traffic monitor for Linux and BSD.
  \ud83d\udd38 iPerf3<\/strong><\/a> – is a tool for active measurements of the maximum achievable bandwidth on IP networks.
  \ud83d\udd38 ethr<\/strong><\/a> – is a Network Performance Measurement Tool for TCP, UDP & HTTP.
  \ud83d\udd38 Etherate<\/strong><\/a> – is a Linux CLI based Ethernet and MPLS traffic testing tool.
  \ud83d\udd38 echoip<\/strong><\/a> – is a IP address lookup service.
  \ud83d\udd38 Nemesis<\/strong><\/a> – packet manipulation CLI tool; craft and inject packets of several protocols.
  \ud83d\udd38 packetfu<\/strong><\/a> – a mid-level packet manipulation library for Ruby.
  \ud83d\udd38 Scapy<\/strong><\/a> – packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.
  \ud83d\udd38 impacket<\/strong><\/a> – is a collection of Python classes for working with network protocols.
  \ud83d\udd38 ssh-audit<\/strong><\/a> – is a tool for SSH server auditing.
  \ud83d\udd38 aria2<\/strong><\/a> – is a lightweight multi-protocol & multi-source command-line download utility.
  \ud83d\udd38 iptables-tracer<\/strong><\/a> – observe the path of packets through the iptables chains.
  \ud83d\udd38 inception<\/strong><\/a> – a highly configurable tool to check for whatever you like against any number of hosts.<\/p>\n\n\n\n

Network (DNS)<\/h1>\n\n\n\n

  \ud83d\udd38 dnsdiag<\/strong><\/a> – is a DNS diagnostics and performance measurement tools.
  \ud83d\udd38 fierce<\/strong><\/a> – is a DNS reconnaissance tool for locating non-contiguous IP space.
  \ud83d\udd38 subfinder<\/strong><\/a> – is a subdomain discovery tool that discovers valid subdomains for websites.
  \ud83d\udd38 sublist3r<\/strong><\/a> – is a fast subdomains enumeration tool for penetration testers.
  \ud83d\udd38 amass<\/strong><\/a> – is tool that obtains subdomain names by scraping data sources, crawling web archives, and more.
  \ud83d\udd38 namebench<\/strong><\/a> – provides personalized DNS server recommendations based on your browsing history.
  \ud83d\udd38 massdns<\/strong><\/a> – is a high-performance DNS stub resolver for bulk lookups and reconnaissance.
  \ud83d\udd38 knock<\/strong><\/a> – is a tool to enumerate subdomains on a target domain through a wordlist.
  \ud83d\udd38 dnsperf<\/strong><\/a> – DNS performance testing tools.
  \ud83d\udd38 dnscrypt-proxy 2<\/strong><\/a> – a flexible DNS proxy, with support for encrypted DNS protocols.
  \ud83d\udd38 dnsdbq<\/strong><\/a> – API client providing access to passive DNS database systems.
  \ud83d\udd38 grimd<\/strong><\/a> – fast dns proxy, built to black-hole internet advertisements and malware servers.<\/p>\n\n\n\n

Network (HTTP)<\/h1>\n\n\n\n

  \ud83d\udd38 curl<\/strong><\/a> – is a command line tool and library for transferring data with URLs.
  \ud83d\udd38 kurly<\/strong><\/a> – is an alternative to the widely popular curl program, written in Golang.
  \ud83d\udd38 HTTPie<\/strong><\/a> – is an user-friendly HTTP client.
  \ud83d\udd38 wuzz<\/strong><\/a> – is an interactive cli tool for HTTP inspection.
  \ud83d\udd38 h2spec<\/strong><\/a> – is a conformance testing tool for HTTP\/2 implementation.
  \ud83d\udd38 h2t<\/strong><\/a> – is a simple tool to help sysadmins to hardening their websites.
  \ud83d\udd38 htrace.sh<\/strong><\/a> – is a simple Swiss Army knife for http\/https troubleshooting and profiling.
  \ud83d\udd38 httpstat<\/strong><\/a> – is a tool that visualizes curl statistics in a way of beauty and clarity.
  \ud83d\udd38 httplab<\/strong><\/a> – is an interactive web server.
  \ud83d\udd38 Lynx<\/strong><\/a> – is a text browser for the World Wide Web.
  \ud83d\udd38 Browsh<\/strong><\/a> – is a fully interactive, real-time, and modern text-based browser.
  \ud83d\udd38 HeadlessBrowsers<\/strong><\/a> – a list of (almost) all headless web browsers in existence.
  \ud83d\udd38 ab<\/strong><\/a> – is a single-threaded command line tool for measuring the performance of HTTP web servers.
  \ud83d\udd38 siege<\/strong><\/a> – is an http load testing and benchmarking utility.
  \ud83d\udd38 wrk<\/strong><\/a> – is a modern HTTP benchmarking tool capable of generating significant load.
  \ud83d\udd38 wrk2<\/strong><\/a> – is a constant throughput, correct latency recording variant of wrk.
  \ud83d\udd38 vegeta<\/strong><\/a> – is a constant throughput, correct latency recording variant of wrk.
  \ud83d\udd38 bombardier<\/strong><\/a> – is a fast cross-platform HTTP benchmarking tool written in Go.
  \ud83d\udd38 gobench<\/strong><\/a> – http\/https load testing and benchmarking tool.
  \ud83d\udd38 hey<\/strong><\/a> – HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll\/boom.
  \ud83d\udd38 boom<\/strong><\/a> – is a script you can use to quickly smoke-test your web app deployment.
  \ud83d\udd38 SlowHTTPTest<\/strong><\/a> – is a tool that simulates some Application Layer Denial of Service attacks by prolonging HTTP.
  \ud83d\udd38 gobuster<\/strong><\/a> – is a free and open source directory\/file & DNS busting tool written in Go.
  \ud83d\udd38 ssllabs-scan<\/strong><\/a> – command-line reference-implementation client for SSL Labs APIs.
  \ud83d\udd38 http-observatory<\/strong><\/a> – Mozilla HTTP Observatory cli version.<\/p>\n\n\n\n

SSL<\/h1>\n\n\n\n

  \ud83d\udd38 openssl<\/strong><\/a> – is a robust, commercial-grade, and full-featured toolkit for the TLS and SSL protocols.
  \ud83d\udd38 gnutls-cli<\/strong><\/a> – client program to set up a TLS connection to some other computer.
  \ud83d\udd38 sslyze <\/strong><\/a>– fast and powerful SSL\/TLS server scanning library.
  \ud83d\udd38 sslscan<\/strong><\/a> – tests SSL\/TLS enabled services to discover supported cipher suites.
  \ud83d\udd38 testssl.sh<\/strong><\/a> – testing TLS\/SSL encryption anywhere on any port.
  \ud83d\udd38 cipherscan<\/strong><\/a> – a very simple way to find out which SSL ciphersuites are supported by a target.
  \ud83d\udd38 spiped<\/strong><\/a> – is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.
  \ud83d\udd38 Certbot<\/strong><\/a> – is EFF’s tool to obtain certs from Let’s Encrypt and (optionally) auto-enable HTTPS on your server.
  \ud83d\udd38 mkcert<\/strong><\/a> – simple zero-config tool to make locally trusted development certificates with any names you’d like.
  \ud83d\udd38 certstrap<\/strong><\/a> – tools to bootstrap CAs, certificate requests, and signed certificates.
  \ud83d\udd38 Sublert<\/strong><\/a> – is a security and reconnaissance tool to automatically monitor new subdomains.
  \ud83d\udd38 mkchain<\/strong><\/a> – open source tool to help you build a valid SSL certificate chain.<\/p>\n\n\n\n

Security<\/h1>\n\n\n\n

  \ud83d\udd38 SELinux<\/strong><\/a> – provides a flexible Mandatory Access Control (MAC) system built into the Linux kernel.
  \ud83d\udd38 AppArmor<\/strong><\/a> – proactively protects the operating system and applications from external or internal threats.
  \ud83d\udd38 grapheneX<\/strong><\/a> – Automated System Hardening Framework.
  \ud83d\udd38 DevSec Hardening Framework<\/strong><\/a> – Security + DevOps: Automatic Server Hardening.<\/p>\n\n\n\n

<\/p>\n\n\n\n

TOR<\/h1>\n\n\n\n

  \ud83d\udd38 Nipe<\/strong><\/a> – script to make Tor Network your default gateway.
  \ud83d\udd38 multitor<\/strong><\/a> – a tool that lets you create multiple TOR instances with a load-balancing.<\/p>\n\n\n\n

Network<\/h1>\n\n\n\n

  \ud83d\udd38 Wireshark<\/strong><\/a> – is the world\u2019s foremost and widely-used network protocol analyzer.
  \ud83d\udd38 Ettercap<\/strong><\/a> – is a comprehensive network monitor tool.
  \ud83d\udd38 EtherApe<\/strong><\/a> – is a graphical network monitoring solution.
  \ud83d\udd38 Packet Sender<\/strong><\/a> – is a networking utility for packet generation and built-in UDP\/TCP\/SSL client and servers.
  \ud83d\udd38 Ostinato<\/strong><\/a> – is a packet crafter and traffic generator.
  \ud83d\udd38 JMeter\u2122<\/strong><\/a> – open source software to load test functional behavior and measure performance.
  \ud83d\udd38 locust<\/strong><\/a> – scalable user load testing tool written in Python.<\/p>\n\n\n\n

Browsers<\/h1>\n\n\n\n

  \ud83d\udd38 SSL\/TLS Capabilities of Your Browser<\/strong><\/a> – test your browser’s SSL implementation.
  \ud83d\udd38 Can I use<\/strong><\/a> – provides up-to-date browser support tables for support of front-end web technologies.
  \ud83d\udd38 Panopticlick 3.0<\/strong><\/a> – is your browser safe against tracking?
  \ud83d\udd38 Privacy Analyzer<\/strong><\/a> – see what data is exposed from your browser.
  \ud83d\udd38 Web Browser Security<\/strong><\/a> – it’s all about Web Browser fingerprinting.
  \ud83d\udd38 How’s My SSL?<\/strong><\/a> – help a web server developer learn what real world TLS clients were capable of.
  \ud83d\udd38 sslClientInfo<\/strong><\/a> – client test (incl TLSv1.3 information).<\/p>\n\n\n\n

SSL\/Security<\/h1>\n\n\n\n

  \ud83d\udd38 SSLLabs Server Test<\/strong><\/a> – performs a deep analysis of the configuration of any SSL web server.
  \ud83d\udd38 SSLLabs Server Test (DEV)<\/strong><\/a> – performs a deep analysis of the configuration of any SSL web server.
  \ud83d\udd38 ImmuniWeb\u00ae SSLScan<\/strong><\/a> – test SSL\/TLS (PCI DSS, HIPAA and NIST).
  \ud83d\udd38 SSL Check<\/strong><\/a> – scan your website for non-secure content.
  \ud83d\udd38 SSL Scanner<\/strong><\/a> – analyze website security.
  \ud83d\udd38 CryptCheck<\/strong><\/a> – test your TLS server configuration (e.g. ciphers).
  \ud83d\udd38 urlscan.io<\/strong><\/a> – service to scan and analyse websites.
  \ud83d\udd38 Report URI<\/strong><\/a> – monitoring security policies like CSP and HPKP.
  \ud83d\udd38 CSP Evaluator<\/strong><\/a> – allows developers and security experts to check if a Content Security Policy.
  \ud83d\udd38 Useless CSP<\/strong><\/a> – public list about CSP in some big players (might make them care a bit more).
  \ud83d\udd38 Why No HTTPS?<\/strong><\/a> – top 100 websites by Alexa rank not automatically redirecting insecure requests.
  \ud83d\udd38 TLS Cipher Suite Search<\/strong><\/a>– cipher suite search engine.
  \ud83d\udd38 cipherli.st<\/strong><\/a> – strong ciphers for Apache, Nginx, Lighttpd, and more.*<\/strong>
  \ud83d\udd38 dhtool<\/strong><\/a> – public Diffie-Hellman parameter service\/tool.
  \ud83d\udd38 badssl.com<\/strong><\/a> – memorable site for testing clients against bad SSL configs.
  \ud83d\udd38 tlsfun.de<\/strong><\/a> – registered for various tests regarding the TLS\/SSL protocol.
  \ud83d\udd38 CAA Record Helper<\/strong><\/a> – generate a CAA policy.
  \ud83d\udd38 Common CA Database<\/strong><\/a> – repository of information about CAs, and their root and intermediate certificates.
  \ud83d\udd38 CERTSTREAM<\/strong><\/a> – real-time certificate transparency log update stream.
  \ud83d\udd38 crt.sh<\/strong><\/a> – discovers certificates by continually monitoring all of the publicly known CT.
  \ud83d\udd38 Hardenize<\/strong><\/a> – deploy the security standards.
  \ud83d\udd38 Cipher suite compatibility<\/strong><\/a> – test TLS cipher suite compatibility.
  \ud83d\udd38 urlvoid<\/strong><\/a> – this service helps you detect potentially malicious websites.
  \ud83d\udd38 security.txt<\/strong><\/a> – a proposed standard (generator) which allows websites to define security policies.
  \ud83d\udd38 ssl-config-generator<\/strong><\/a> – help you follow the Mozilla Server Side TLS configuration guidelines.<\/p>\n\n\n\n

HTTP Headers & Web Linters<\/h1>\n\n\n\n

  \ud83d\udd38 Security Headers<\/strong><\/a> – analyse the HTTP response headers (with rating system to the results).
  \ud83d\udd38 Observatory by Mozilla<\/strong><\/a> – set of tools to analyze your website.
  \ud83d\udd38 webhint<\/strong><\/a> – is a linting tool that will help you with your site’s accessibility, speed, security, and more.<\/p>\n\n\n\n

DNS<\/h1>\n\n\n\n

  \ud83d\udd38 ViewDNS<\/strong><\/a> – one source for free DNS related tools and information.
  \ud83d\udd38 DNSLookup<\/strong><\/a> – is an advanced DNS lookup tool.
  \ud83d\udd38 DNSlytics<\/strong><\/a> – online DNS investigation tool.
  \ud83d\udd38 DNS Spy<\/strong><\/a> – monitor, validate and verify your DNS configurations.
  \ud83d\udd38 Zonemaster<\/strong><\/a> – helps you to control how your DNS works.
  \ud83d\udd38 Leaf DNS<\/strong><\/a> – comprehensive DNS tester.
  \ud83d\udd38 Find subdomains online<\/strong><\/a> – find subdomains for security assessment penetration test.
  \ud83d\udd38 DNSdumpster<\/strong><\/a> – dns recon & research, find & lookup dns records.
  \ud83d\udd38 DNS Table online<\/strong><\/a> – search for DNS records by domain, IP, CIDR, ISP.
  \ud83d\udd38 intoDNS<\/strong><\/a> – DNS and mail server health checker.
  \ud83d\udd38 DNS Bajaj<\/strong><\/a> – check the delegation of your domain.
  \ud83d\udd38 BuddyDNS Delegation LAB<\/strong><\/a> – check, trace and visualize delegation of your domain.
  \ud83d\udd38 dnssec-debugger<\/strong><\/a> – DS or DNSKEY records validator.
  \ud83d\udd38 PTRarchive.com<\/strong><\/a> – this site is responsible for the safekeeping of historical reverse DNS records.
  \ud83d\udd38 xip.io<\/strong><\/a> – wildcard DNS for everyone.
  \ud83d\udd38 nip.io<\/strong><\/a> – dead simple wildcard DNS for any IP Address.
  \ud83d\udd38 dnslookup (ceipam)<\/strong><\/a> – one of the best DNS propagation checker (and not only).
  \ud83d\udd38 What’s My DNS<\/strong><\/a> – DNS propagation checking tool.
  \ud83d\udd38 DNSGrep<\/strong><\/a> – quickly searching large DNS datasets.<\/p>\n\n\n\n

Net-tools<\/h1>\n\n\n\n

  \ud83d\udd38 Netcraft<\/strong><\/a> – detailed report about the site, helping you to make informed choices about their integrity.*<\/strong>
  \ud83d\udd38 RIPE NCC Atlas<\/strong><\/a> – a global, open, distributed Internet measurement platform.
  \ud83d\udd38 Robtex<\/strong><\/a> – uses various sources to gather public information about IP numbers, domain names, host names, etc.
  \ud83d\udd38 Security Trails<\/strong><\/a> – APIs for Security Companies, Researchers and Teams.
  \ud83d\udd38 Online Curl<\/strong><\/a> – curl test, analyze HTTP Response Headers.
  \ud83d\udd38 Online Tools for Developers<\/strong><\/a> – HTTP API tools, testers, encoders, converters, formatters, and other tools.
  \ud83d\udd38 Ping.eu<\/strong><\/a> – online Ping, Traceroute, DNS lookup, WHOIS and others.
  \ud83d\udd38 Network-Tools<\/strong><\/a> – network tools for webmasters, IT technicians & geeks.
  \ud83d\udd38 BGPview<\/strong><\/a> – search for any ASN, IP, Prefix or Resource name.
  \ud83d\udd38 Is BGP safe yet?<\/strong><\/a> – check BGP (RPKI) security of ISPs and other major Internet players.
  \ud83d\udd38 Riseup<\/strong><\/a> – provides online communication tools for people and groups working on liberatory social change.
  \ud83d\udd38 VirusTotal<\/strong><\/a> – analyze suspicious files and URLs to detect types of malware.<\/p>\n\n\n\n

Privacy<\/h1>\n\n\n\n

  \ud83d\udd38 privacytools.io<\/strong><\/a> – provides knowledge and tools to protect your privacy against global mass surveillance.
  \ud83d\udd38 DNS Privacy Test Servers<\/strong><\/a> – DNS privacy recursive servers list (with a ‘no logging’ policy).<\/p>\n\n\n\n

Encoders\/Decoders and Regex testing<\/h1>\n\n\n\n

  \ud83d\udd38 URL Encode\/Decode<\/strong><\/a> – tool from above to either encode or decode a string of text.
  \ud83d\udd38 Uncoder<\/strong><\/a> – the online translator for search queries on log data.
  \ud83d\udd38 Regex101<\/strong><\/a> – online regex tester and debugger: PHP, PCRE, Python, Golang and JavaScript.
  \ud83d\udd38 RegExr<\/strong><\/a> – online tool to learn, build, & test Regular Expressions (RegEx \/ RegExp).
  \ud83d\udd38 RegEx Testing<\/strong><\/a> – online regex testing tool.
  \ud83d\udd38 RegEx Pal<\/strong><\/a> – online regex testing tool + other tools.
  \ud83d\udd38 The Cyber Swiss Army Knife<\/strong><\/a> – a web app for encryption, encoding, compression and data analysis<\/p>\n\n\n\n

.<\/p>\n\n\n\n

Passwords<\/h1>\n\n\n\n

  \ud83d\udd38 have i been pwned?<\/strong><\/a> – check if you have an account that has been compromised in a data breach.
  \ud83d\udd38 dehashed<\/strong><\/a> – is a hacked database search engine.
  \ud83d\udd38 Leaked Source<\/strong><\/a> – is a collaboration of data found online in the form of a lookup.<\/p>\n\n\n\n

CVE\/Exploits databases<\/h1>\n\n\n\n

  \ud83d\udd38 CVE Mitre<\/strong><\/a> – list of publicly known cybersecurity vulnerabilities.
  \ud83d\udd38 CVE Details<\/strong><\/a> – CVE security vulnerability advanced database.
  \ud83d\udd38 Exploit DB<\/strong><\/a> – CVE compliant archive of public exploits and corresponding vulnerable software.
  \ud83d\udd38 0day.today<\/strong><\/a> – exploits market provides you the possibility to buy\/sell zero-day exploits.
  \ud83d\udd38 sploitus<\/strong><\/a> – the exploit and tools database.
  \ud83d\udd38 cxsecurity<\/strong><\/a> – free vulnerability database.
  \ud83d\udd38 Vulncode-DB<\/strong><\/a> – is a database for vulnerabilities and their corresponding source code if available.
  \ud83d\udd38 cveapi<\/strong><\/a> – free API for CVE data.<\/p>\n\n\n\n

Crypto<\/h1>\n\n\n\n

  \ud83d\udd38 Keybase<\/strong><\/a> – it’s open source and powered by public-key cryptography.<\/p>\n\n\n\n

PGP Keyservers<\/h1>\n\n\n\n

  \ud83d\udd38 SKS OpenPGP Key server<\/strong><\/a> – services for the SKS keyservers used by OpenPGP.<\/p>\n\n\n\n

HTTP(s) Services<\/h1>\n\n\n\n

  \ud83d\udd38 Varnish Cache<\/strong><\/a> – HTTP accelerator designed for content-heavy dynamic web sites.
  \ud83d\udd38 Nginx<\/strong><\/a> – open source web and reverse proxy server that is similar to Apache, but very light weight.
  \ud83d\udd38 OpenResty<\/strong><\/a> – is a dynamic web platform based on NGINX and LuaJIT.
  \ud83d\udd38 Tengine<\/strong><\/a> – a distribution of Nginx with some advanced features.
  \ud83d\udd38 Caddy Server<\/strong><\/a> – is an open source, HTTP\/2-enabled web server with HTTPS by default.
  \ud83d\udd38 HAProxy<\/strong><\/a> – the reliable, high performance TCP\/HTTP load balancer.<\/p>\n\n\n\n

DNS Services<\/h1>\n\n\n\n

  \ud83d\udd38 Unbound<\/strong><\/a> – validating, recursive, and caching DNS resolver (with TLS).
  \ud83d\udd38 Knot Resolver<\/strong><\/a> – caching full resolver implementation, including both a resolver library and a daemon.
  \ud83d\udd38 PowerDNS<\/strong><\/a> – is an open source authoritative DNS server, written in C++ and licensed under the GPL.<\/p>\n\n\n\n

Other Services<\/h1>\n\n\n\n

  \ud83d\udd38 3proxy<\/strong><\/a> – tiny free proxy server.<\/p>\n\n\n\n

Security\/hardening<\/h1>\n\n\n\n

  \ud83d\udd38 Emerald Onion<\/strong><\/a> – is a 501(c)(3) nonprofit organization and transit internet service provider (ISP).
  \ud83d\udd38 pi-hole<\/strong><\/a> – the Pi-hole\u00ae is a DNS sinkhole that protects your devices from unwanted content.
  \ud83d\udd38 maltrail<\/strong><\/a> – malicious traffic detection system.
  \ud83d\udd38 security_monkey<\/strong><\/a> – monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
  \ud83d\udd38 firecracker<\/strong><\/a> – secure and fast microVMs for serverless computing.
  \ud83d\udd38 streisand<\/strong><\/a> – sets up a new server running your choice of WireGuard, OpenSSH, OpenVPN, and more.<\/p>\n\n\n\n

Tools<\/h1>\n\n\n\n

  \ud83d\udd38 CapAnalysis<\/strong><\/a> – web visual tool to analyze large amounts of captured network traffic (PCAP analyzer).
  \ud83d\udd38 netbox<\/strong><\/a> – IP address management (IPAM) and data center infrastructure management (DCIM) tool.<\/p>\n\n\n\n

<\/a>\u25aa\ufe0f Labs<\/h1>\n\n\n\n

  \ud83d\udd38 NRE Labs<\/strong><\/a> – learn automation by doing it. Right now, right here, in your browser.<\/p>\n\n\n\n

<\/a>\u25aa\ufe0f Other<\/h1>\n\n\n\n

  \ud83d\udd38 LBNL’s Network Research Group<\/strong><\/a> – home page of the Network Research Group (NRG).<\/p>\n\n\n\n

\n