44 Open-Source Security Tools

Open-Source
Security Tools

Enterprise security shouldn't require a seven-figure budget.

PhalanxCyber puts 44 security tools, 5,800+ detection rules, and coverage across 20+ compliance frameworks into the hands of every security team — from startups to the Fortune 500. Application code, cloud infrastructure, SaaS, network, threat detection, red teaming, risk quantification — all in one open-source platform.

Built by a cybersecurity professional with 25 years of hands-on engineering, operations, and consulting experience. Not by a product team chasing ARR.

Open-source. Not-for-profit. Forever.

Browse Tools View on GitHub
0 Security Tools
0 Security Rules
0 Security Domains
0 Frameworks Mapped
$0 Licence Cost

Aligned to Industry Standards

NIST CSF 2.0 MITRE ATT&CK OWASP Top 10 CIS Benchmarks PCI-DSS v4.0 ISO 27001 SOX HIPAA GDPR / NIS2 / DORA CSA CCM IEC 62443 SOC 2 OWASP API Top 10 OWASP LLM Top 10 CIS K8s Benchmark AWS Well-Architected Azure WAF SAP Security Baseline NIST CSF 2.0 MITRE ATT&CK OWASP Top 10 CIS Benchmarks PCI-DSS v4.0 ISO 27001 SOX HIPAA GDPR / NIS2 / DORA CSA CCM IEC 62443 SOC 2 OWASP API Top 10 OWASP LLM Top 10 CIS K8s Benchmark AWS Well-Architected Azure WAF SAP Security Baseline
Why Open Source

Commercial Tools vs Phalanx Cyber

Enterprise security tools shouldn't cost six figures. Every line of code is open, auditable, and free.

Capability Commercial Tools Phalanx Cyber
SAST (Java, Python, PHP, JS)Included6 scanners, 200+ rules
DAST & API SecurityIncluded58 + 112 checks
Cloud Posture (AWS, Azure, GCP)Included3 cloud + MultiCloud
SaaS Posture (M365, ServiceNow, SAP)Add-on ($$$)7 SSPM scanners
Kubernetes SecurityIncludedKSPM + CIS Benchmark
Network Security (Cisco, Palo, Fortinet)Separate product3 firewall scanners
Detection EngineeringSeparate SIEMYAML + SPL rules
Red Teaming & ATT&CKNot includedWindows + Linux + AD
AI/LLM SecurityRoadmapOWASP LLM Top 10 + AI-SPM
OT/ICS SecurityNot includedIEC 62443 scanner
Source Code TransparencyProprietary100% open-source
Annual License Cost$100K – $500K+$0 forever
Platform Architecture

9 Security Domains. One Unified Collection.

Every tool is a standalone Python scanner — zero vendor lock-in, zero infrastructure. Run anywhere Python runs.

Application Security

SAST, DAST, API, LLM, SAP ABAP, AI-SPM

6 tools

Cloud Security

AWS, Azure, GCP, MultiCloud, CDR

5 tools

SaaS / SSPM

M365, ServiceNow, SAP SF, Tableau, Oracle EBS

7 tools

Infrastructure

Cisco, Palo Alto, Fortinet, K8s, OT/ICS, CIS

9 tools

Threat Detection

Detection rules, CrowdStrike EDR, Red Team validation

3 tools

Red Teaming

Windows, RHEL, Active Directory ATT&CK scenarios

3 tools

Attack Surface

External attack surface discovery and mapping

1 tool

Governance & Risk

CRQ, CTEM, TPRM, Responsible AI, Risk Ops

5 tools

Zero Dependencies

Pure Python stdlib. No agents. No cloud. Run anywhere.

pip install & go
Open-Source Tools

Browse the Collection

Every tool is open-source, free to use, and built with Python. Filter by domain, search by name, or explore the details.