AI & TechArtificial IntelligenceCybersecurityNewswireTechnology

Top open-source cybersecurity tools to watch: June 2026

Originally published on: July 1, 2026
▼ Summary

– OWASP Agent Memory Guard is an open-source runtime defense that screens an AI agent’s memory reads and writes to prevent attacks like instruction override and data theft.
– Agent Threat Rules (ATR) provides an open detection format for AI agent security threats such as prompt injection, tool poisoning, and credential theft.
– AgentGG is an open-source agentic SAST scanner that uses AI agents to read code and confirm findings before reporting them, reducing manual triage.
– DockSec is an OWASP project that combines Trivy, Hadolint, and Docker Scout with a language model to score Dockerfile security from 0-100 and suggest fixes.
– DarkMoon is an open-source AI pentesting platform that autonomously runs end-to-end security assessments and produces evidence-backed reports.

A curated roundup of open-source cybersecurity tools that have recently earned attention for strengthening security postures in various environments is presented below.

OWASP Agent Memory Guard prevents AI agents from being weaponized through their own memory. AI agents maintain memory across sessions, relying on conversation histories, vector stores, scratchpads, and RAG indexes that persist between runs. Any data written into that store becomes a privileged input the agent reads later, creating a vulnerability. An attacker who plants text in the wrong field can override instructions, extract user data, or redirect future tool calls, and because the memory persists, the effect survives across sessions. Agent Memory Guard is an open-source runtime defense layer that sits between an agent and its memory store. It screens every read and write through a pipeline of detectors and a YAML policy.

Agent Threat Rules (ATR) offers an open detection rule format for AI agent security threats. AI agents operate inside coding assistants, MCP servers, and multi-agent frameworks, and the access that enables their utility also opens paths to prompt injection, tool poisoning, and credential theft. Public CVE feeds now carry agent-execution flaws that reach production faster than the tooling built to catch them. ATR is an open detection format specifically targeting this category of attack.

AgentGG is an open-source agentic SAST scanner. Static analysis tools have traditionally spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage manually. AgentGG approaches the same task with AI agents that read the code, follow imports, walk the call graph, and confirm a finding before reporting it. The project is released under the Apache 2.0 license.

DockSec is an OWASP Incubator Project and an open-source AI-powered Docker security scanner. Created by Advait Patel, this Python tool combines three container security scanners with a language-model layer for explanation and remediation. It runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates the findings, returns a 0-100 security score, and proposes line-specific fixes.

Agent Beacon is an open-source telemetry layer for AI agents. AI coding agents such as Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, and cloud environments, where they edit files, run commands, and call outside tools. Beacon, an open-source project from Asymptote Labs, configures telemetry for those runtimes and writes a normalized record of what each agent does across local, CI, and cloud-agent surfaces.

Praxen is an open-source tool for AI agent behavior verification. Its job is simple: it checks whether an AI agent does what it claims to do. The tool takes an agent’s declared policy, looks at how the agent operates, and points out every spot where the two drift apart. It is the reference implementation of Agent Behavior Verification, a control model that hands each agent an authorized role and then confirms the controls hold that agent to it.

DarkMoon is an open-source AI pentesting platform. Penetration testing has long relied on expert time, with specialists spending days probing a network or web application manually. Manual engagements stretch across weeks, expert consultants cost thousands of dollars a day, and results vary with the tester. Automation promises to narrow those gaps. A growing set of projects now hands the work to AI agents that plan and execute autonomously. DarkMoon sits in that group, running a security assessment end to end and delivering an evidence-backed report at the finish.

To stay informed on the essential open-source cybersecurity tools, subscribe to the Help Net Security ad-free monthly newsletter.

(Source: Help Net Security)

Topics

ai agent security 95% open source cybersecurity 92% agent memory protection 88% ai threat detection 86% static analysis with ai 84% container security scanning 82% ai agent telemetry 80% agent behavior verification 78% ai penetration testing 76% owasp projects 74%