snort!

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF and its supporting vendors. Suricata is a fork of snort.

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners.

PacketSled is next generation network forensics and breach detection.

Yang is yet another Nikto GUI; Software for analyzing and securing your servers. Yang establish diagnostics on :

The ultimate real time network visibility and active cybersecurity platform based on Big Data and Open Source. is a Operational Intelligence Platform to analyze network traffic.The first stage is in charge of collecting, in an scalable way, network data in multiple native protocols. This simplifies the inter-operativity process with all the different network elements present in your IT environment without the need for a complex ETL process.Each protocol is covered by a C program, using Zookeeper for cluster synchronization (in pay versions), and licensed under AGPL (some are proprietary due to licensing limitations). »

Network Hotfix Scanner is a free advanced hotfix check utility that scans network computers for missing hotfixes and patches, and helps you download and install them. NetHotfixScanner gives you a quick look at the hotfixes and patches installed or missed on any remote computer in your corporate network, it tells you by colored icons specific security bulletin rating ( critical, important, moderate ), title, description and bulletin URL. The tool is designed with a user-friendly interface and is easy to use. »

The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.