aptly

aptly is a swiss army knife for Debian repository management: it allows you to mirror remote repositories, manage local package repositories, take snapshots, pull new versions of packages along with dependencies, publish as Debian repository.

     

linux packaging artifacts open-source

Archiva

Apache Archiva™ is an extensible repository management software that helps taking care of your own personal or enterprise-wide build artifact repository.

     

linux windows osx bsd solaris open-source artifacts

Artifactory

JFrog’s Artifactory open source project was created to speed up development cycles using binary repositories. It’s the world’s most advanced repository manager, creating a single place for teams to manage all their binary artifacts efficiently.

     

linux windows open-source artifacts packaging

Assimilation System Management Suite

The Assimilation Suite discovers systems, services, network connections, configuration and dependencies, IP and MAC addresses. This all goes into a continually updated graph-based configuration management database (CMDB). This is then compared and scored against best practices, services and servers are monitored - all with near-zero configuration - in a way that scales to hundreds of thousands of servers. It also provides visualization tools, APIs for sending alerts to humans and other systems, and a variety of canned reports (queries) to aid in securing and managing systems, hooking into ChatOps, and creating plans for triaging your security issues

     

linux open-source commercial C shell python config CMDB service-discovery monitoring visualization security hardening

Bastillion

Bastillion is an open-source web-based SSH console that centrally manages administrative access to systems. A bastion host for administrators with features that promote infrastructure security, including key management and auditing.

     

linux open-source security

Beats

Lightweight Data Shippers. Beats is the platform for single-purpose data shippers. They send data from hundreds or thousands of machines and systems to Logstash or Elasticsearch.

     

linux windows osx open-source metrics logging monitoring

Bosun

Bosun is an open-source, MIT licensed, monitoring and alerting system by Stack Exchange. It has an expressive domain specific language for evaluating alerts and creating detailed notifications. It also lets you test your alerts against history for a faster development experience.

     

linux windows osx open-source visualization metrics

ChartMuseum

Host your own Helm Chart Repository ChartMuseum is an open-source, easy to deploy, Helm Chart Repository server.

     

linux open-source packaging artifacts

Checkov

Infrastructure as Code security scanner supporting Kubernetes, Helm, Terraform, CloudFormation, ARM templates and more.

     

linux windows osx open-source security

DashMachine

DashMachine is a free & open-source webapp for putting all of your existing webapps, pages, and bookmarks in one place.

     

linux open-source free commercial visualization

FastForward

Flexible operating-system event and metric forwarding agent. Receives input and forwards output using plugins.

     

linux windows osx open-source metrics monitoring ruby

Fig

A package management tool, similar to Ivy/APT, but language agnostic, faster and works well with both executables and libraries.

     

linux windows osx open-source packaging ruby

FPM

Effing Package Managers (FPM) is a single tool that can generate rpm, deb, solaris, osx (pkg) and many other packages. It supports multiple inputs (directory, gem, egg, deb, etc) and can produce multiple outputs (rpm, deb, solaris, etc). It relieves the pain out of creating various kinds of packages.

     

linux osx open-source packaging ruby

Gauntlt

Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.

     

linux open-source security hardening ruby

Grafana

The most popular technology used to compose observability dashboards with everything from Prometheus & Graphite metrics, to logs and application data

     

linux open-source monitoring visualization

Graphite

Graphite is a visualization tool for statistics configured from various sources. You can create customizable reports and dashboards, and it is one of the preferred backends for Statsd

     

linux open-source monitoring python visualization

Harbor

Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.

     

linux open-source security hardening

Hardening Framework

The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.

     

linux open-source security hardening chef puppet ansible

Herd

A bittorrent based file distribution system based on Twitter’s Murder. It uses BitTorrent to push artifacts and code very fast across thousands of servers.

     

linux windows osx open-source packaging python

InfluxDB

InfluxDB is a time series, metrics, and analytics database. It’s written in Go and has no external dependencies. InfluxDB is targeted at use cases for DevOps, metrics, sensor data, and real-time analytics.

     

linux open-source monitoring go metrics

Jenkins X

Jenkins X provides pipeline automation, built-in GitOps and preview environments to help teams collaborate and accelerate their software delivery at any scale.

     

linux windows osx open-source ci cd artifacts packaging provisioning

KairosDB

KairosDB is a fast distributed scalable time series database written on top of Cassandra. RESTful JSON-based query/results. Includes flot-based visualization.

     

linux windows osx open-source metrics visualization java cassandra

Kibana

Kibana is a modern, beautiful visualization tool that works seamlessly with Logstash and ElasticSearch. It features a no-code setup, realtime analytics, and much more.

     

linux windows osx open-source monitoring nodejs visualization

ntopng

'ntopng' provides an easy to understand, intuitive interface with a world of options and features to monitor your network.

     

linux bsd solaris open-source free commercial networking metrics

ossec

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows

     

open-source security hardening linux windows solaris osx bsd

Zed Attack Proxy (ZAP)

A penetration testing tool for finding vulnerabilities in web applications, from OWASP

     

linux windows osx open-source security

Prometheus

Prometheus is an open-source systems monitoring and alerting toolkit built at SoundCloud.

     

linux open-source go metrics monitoring

Pulp

A platform for managing software package repositories

     

linux open-source packaging python

Simp

Compliance automation

     

linux open-source security

SSH KeyBox

An open-source jump box solution with auditing capabilities

     

linux open-source cloud monitoring security java

System Integrety Management Platform

SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.

     

config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework

TeamPass

TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.

     

linux windows osx bsd solaris open-source security

testssl.sh

A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.

     

linux osx open-source security shell

Vagrant Cachier

A Vagrant plugin that helps you reduce the amount of coffee you drink while waiting for boxes to be provisioned by sharing a common package cache among similiar VM instances.

     

linux windows osx open-source virt artifacts ruby

Vault

Manage Secrets and Protect Sensitive Data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.

     

linux windows osx bsd solaris open-source comercial security

Vaurien

A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events

     

linux windows osx open-source security python

Veewee

veewee is a great tool for building Virtual Machine images (aka base boxes). It automates most of the steps and allows you to easily create readymade images for VirtualBox/Vagrant, VMWare Fusion, KVM and Parallels. No longer need to shy away from building custom VM images!

     

linux osx windows open-source virt packaging ruby

Verdaccio

Verdaccio is an open-source local repository for NPM packages. It provides private-access packages, caching, and overriding public packages.

     

linux windows osx bsd solaris open-source free packaging artifacts

Vizceral

Netflix Vizceral is a component for displaying traffic data on a webgl canvas. If a graph of nodes and edges with data about traffic volume is provided, it will render a traffic graph animating the connection volume between nodes. This component can take multiple traffic graphs and will generate a 'global' graph showing all incoming traffic into each of the 'regions', with support for cross-region traffic. There are three levels of information, global, regional, and service-level, with clicking or double-clicking on a node bringing you one level deeper.

     

linux open-source monitoring visualization