Hottest cybersecurity open-source tools of the month: February 2026 - Help Net Security

Anamarija Pogorelec, Managing Editor, Help Net Security February 26, 2026 Share Hottest cybersecurity open-source tools of the month: February 2026 This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: Open-source secure file upload scanning for Node.js Software teams building services in JavaScript are adding more layers of defense to handle untrusted file uploads. An open-source project called Pompelmi aims to insert malware scanning and policy checks directly into Node.js applications before files reach storage or business logic. Allama: Open-source AI security automation Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response. It includes integrations with 80+ types of tools and services typical in security operations, including SIEM systems, endpoint detection and response products, identity providers, and ticketing systems. OpenClaw Scanner: Open-source tool detects autonomous AI agents A new free, open source tool is available to help organizations detect where autonomous AI agents are operating across corporate environments. The OpenClaw Scanner identifies instances of OpenClaw, an autonomous AI assistant also known as MoltBot, that can execute tasks, access local files, and authenticate to internal systems without centralized oversight. Brutus: Open-source credential testing tool for offensive security Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with dependency headaches and integration gaps, Brutus ships as a single binary with zero external dependencies and native support for the JSON-based reconnaissance pipelines that define offensive security. Uptime Kuma: Open-source monitoring tool Service availability monitoring remains a daily operational requirement across IT teams, SaaS providers, and internal infrastructure groups. Many environments rely on automated checks and alerting to track outages, latency issues, and service degradation across web applications and network endpoints. Uptime Kuma is an open-source uptime monitoring project that supports this type of operational monitoring through a self-hosted deployment model. Coroot: Open-source observability and APM tool Coroot is an open-source observability and application performance monitoring tool. The core software, published in Go and accompanied by companion repositories such as coroot-node-agent, focuses on collecting telemetry data across systems. It uses extended Berkeley Packet Filter (eBPF) technology to gather metrics and trace inter-service communications without manual instrumentation of application code. Must read: 40 open-source tools redefining how security teams secure the stack GitHub CISO on security strategy and collaborating with the open-source community Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here! More about cybersecurity GitHub open source software Share