5 Cybersecurity Tools to Use for Free and Donate to Via Kivach

In this era, we’re exploring cyberspace almost as much as the physical world, so we need to pay attention to our security online as well. A lot of potential threats, including malware and exploits, are hiding around our favorite digital spaces and applications. Luckily, there are also a lot of cybersecurity tools available, and we can use some of them for free.

Numerous open-source developers have taken the time (and often their own funds) to build these tools for everyone, so, they’d surely appreciate a contribution —in the form of time if you’re another developer or writer, or in the form of donations for everybody else. Kivach, an Obyte-based cascading-donation platform, can make your crypto gifts flow across several repositories and reduce any kind of censorship or high fees.

Therefore, if you want to donate to an open-source project available on GitHub, you can use Kivach as a decentralized, globally available, unstoppable, as well as faster and cheaper option. This application only asks for the GitHub profile to send some cryptocurrencies, even if the recipient doesn’t have a wallet yet.

In this new episode of our Kivach series, we’ll discover some handy cybersecurity tools available on GitHub to download and use for free. Let’s start!

OWASP ModSecurity

ModSecurity, born out of Trustwave's SpiderLabs in 2002, is a powerful application firewall (WAF) engine that provides robust protection against a spectrum of web-based attacks. Initially developed as an Apache HTTP Server module, it has since expanded to offer filtering capabilities across diverse platforms like Microsoft IIS and Nginx. Its event-based programming language facilitates HTTP traffic monitoring, logging, and real-time analysis, ensuring heightened security for web applications.

In other words, this software is like a digital guardian for websites, protecting them from harmful attacks that could otherwise wreak havoc. Website owners can use it to keep their online spaces safe and secure at every moment, since the app is always on the lookout, analyzing all the traffic. If it spots anything fishy, it jumps into action, blocking those harmful attacks in real time and keeping a record of everything that happens.

In February 2024, Trustwave entrusted the custodianship of the software to the Open Worldwide Application Security Project (OWASP) —an NGO dedicated to improving cybersecurity through open-source development. This way, ModSecurity is now fully in the hands of its community. It’s possible to contribute to its development via GitHub or donate through its website with fiat currencies. To send them some crypto coins, you can use Kivach, where they appear as spiderlabs/owasp-modsecurity-crs.

Qubes OS

Have you ever thought that your commercial operating system (OS), like Windows or MacOS, couldn’t be entirely secure or private by itself? The team of Qubes certainly did it, and that’s why they launched this security-focused OS in 2012, led by Marek Marczykowski-Górecki. Over the years, the project has garnered support from a wide range of users, including journalists, activists, whistleblowers, researchers, and renowned security experts like Edward Snowden and Micah Lee.

Unlike traditional operating systems, Qubes OS relies on a concept called compartmentalization, where different parts of the system are isolated from each other like rooms in a building. This isolation helps prevent cyberattacks by limiting the damage that can be caused if one part of the system is compromised.

Other key features of Qubes OS include its support for multiple operating systems simultaneously, disposable virtual machines that self-destruct when shut down, a specialized proxy, device isolation for secure handling of network cards and USB controllers, and integration with Whonix for anonymous browsing using Tor.

Funding for Qubes OS primarily comes from community support and donations. This ensures that the software remains free, secure, and open-source. Besides credit cards or PayPal, they accept Bitcoin, Ethereum, and Monero. You can also donate to them via Kivach.

Nikto

Launched in 2001 by Chris Sullo, Nikto is a popular open-source web server scanner. It works to conduct thorough examinations of web servers, scrutinizing over 6,700 potentially perilous files/programs and identifying outdated versions of over 1,250 servers, among other tasks. Its comprehensive testing extends to scrutinizing server configurations, detecting the presence of multiple index files, and endeavoring to identify installed web servers and software.

In simpler terms, Nikto's job is to carefully examine every nook and cranny of these web servers to uncover any potential risks or vulnerabilities. It's like scanning the entire house to make sure there are no unlocked doors or windows that hackers could exploit. However, it's worth noting that not every finding uncovered by Nikto is cause for alarm. Some checks serve to provide informative insights, alerting users to elements that might not necessarily pose a security threat but could still benefit from attention.

The project is currently maintained by Sullo and David Lodge, besides a community of volunteers on GitHub. Sullo accepts donations via Patreon, which could be kind of expensive and non-private for contributors —not to mention the fees taken from Sullo by the platform. You can donate some coins via Kivach instead, where the project appears as sullo/nikto.

Sanesecurity (& ClamAV)

Sanesecurity is an organization that has been actively involved in enhancing the effectiveness of ClamAV, a free and open-source antivirus toolkit (owned by Cisco). Since its inception in 2006, Sanesecurity has been providing ClamAV with hourly updated malware signatures aimed at improving its detection capabilities, particularly concerning macro malware, JavaScript malware, phishing attempts, spam, and other forms of emailed ransomware.

These signatures are unique identifiers or characteristics that help the antivirus software recognize and detect specific instances of malware. They’re meticulously crafted by the dedicated team at Sanesecurity, are of professional quality, and undergo regular updates throughout the day to ensure their relevance and efficacy. This way, Sanesecurity plays a pivotal role in enriching ClamAV's native capabilities.

Unlike commercial entities, Sanesecurity operates as a community-driven initiative, with the sole objective of enhancing ClamAV's functionality (often criticized without this kind of add-on) and bolstering web community security. The team behind Sanesecurity is comprised of volunteers who contribute their time and expertise to produce and maintain these signatures in their spare time.

To sustain their efforts, Sanesecurity relies on donations from users who benefit from their signatures. Donations can be made in fiat money through PayPal or credit card, with options for one-time contributions or monthly/yearly subscriptions. On the other hand, Kivach is a decentralized and inexpensive option to send them funds. They appear there as Sanesecurity/bad3cx.

x64dbg

This one is aimed at programmers and researchers, but it’s equally useful and free in the realm of cybersecurity. In case you don’t know, a debugger is a software tool used by developers and analysts to examine and manipulate the behavior of computer programs during execution. It allows users to step through the code line by line, inspect variables and memory contents, set breakpoints to pause execution at specific points and analyze program state to identify bugs or understand how the program operates.

x64dbg is an open-source binary debugger specifically designed for Windows operating systems. It’s tailored for malware analysis and reverse engineering tasks, particularly for analyzing executable files for which the source code isn’t available. With an intuitive and user-friendly interface, x64dbg offers a comprehensive set of features, including full-featured debugging of both DLL and EXE files, a plugin system, disassembly of code, memory mapping, symbol and thread views, and a graph view to visualize program flow.

As an open-source project under active development, x64dbg encourages community contributions and donations through GitHub Sponsors. Of course, it’s also available on Kivach as x64dbg/x64dbg.

Tell them you donated!

Likely, the recipients of your donations via Kivach don’t know about it until you tell them, so don’t forget to communicate with them. To claim a donation on this platform, they’ll need to download the Obyte wallet and verify their GitHub profile with a simple attestation in the same app. Then, they should be able to receive and transfer any cryptocurrency sent in the name of that profile.

If you want to discover other interesting projects to use for free and optionally donate to, please check our previous chapters in this series.

• Kivach Donations: 5 GitHub projects it has helped so far
• How You Can Support Key Open-Source Initiatives With Kivach
• 5 Open-source Projects You Can Support With Kivach — and Cryptocurrencies
• 5 Open-source Projects You Can Support with Kivach and Cryptos, Episode III
• 5 Open-Source Projects You Can Donate to via Kivach, Episode IV: Privacy Tools
• 5 Open-source Blogging and Writing Tools to Donate to via Kivach (Ep V)
• 5 Open-Source Tools You Can Donate to via Kivach, Episode VI: Decentralized Services
• 5 Open-Source Projects to Donate via Kivach, Episode VII: Games to Play for Free!

Featured Vector Image by Freepik