Tools for System Administrators
Software
If you’ve ever wanted a configuration system that respects your intelligence — one that doesn’t abstract away everything useful — Cdist is probably worth a try. It’s not for everyone, but for seasoned admins who want control, clarity, and zero hidden state? It hits the sweet spot.
It’s like managing servers with a sharpened shell script — only smarter, and a whole lot more scalable.
Scoop isn’t trying to be everything — it’s trying to be useful. And for many power users and sysadmins on Windows, it nails that perfectly. It doesn’t mess with the registry, it doesn’t beg for admin rights, and it’s built around concepts professionals actually care about: version control, scripting, portability, and clarity. Once you get used to it, installing software the old way feels… slow.
There comes a point — usually after the fifth or sixth time clicking through the same exact menu — when you start thinking: There’s got to be a better way to do this. That’s where Pulover’s Macro Creator quietly steps in.
You know that feeling when tools get in your way more than they help? Woodpecker CI avoids that trap. It’s a self-hosted, container-native CI/CD system — designed for engineers who like their pipelines predictable, their tools minimal, and their infrastructure under their control.
Attic walks through your files, splits the data into chunks, compresses them, encrypts them (if you want), and stores only the pieces it hasn’t already seen. When you run it again, it skips over what hasn’t changed. So, every backup looks like a full snapshot — but under the hood, it’s mostly just the deltas.
Let’s say you’re managing a bunch of machines — Linux here, some Windows there, maybe a few Macs in the mix. You don’t want agents on every box. You don’t want to deal with yet another cloud panel or be tied to a proprietary system. You just want backups that work, stay out of the way, and don’t eat up all your storage. That’s where BackupPC fits.
Some tools try to do everything. BorgBackup doesn’t. It focuses on one thing — backing up your data safely and efficiently — and does it extremely well. No cloud ties, no mystery layers, no nagging GUIs. Just a command-line interface, strong encryption, and solid, repeatable behavior.
Mail-in-a-Box tries to make that a bit less painful. It’s not a mail client, and it’s not a dashboard on top of someone else’s hosting — it’s a full-stack, all-in-one mail system you install on a single Ubuntu server. One script sets up everything: Postfix, Dovecot, Nextcloud for file sync, a DNS server (optional), Let’s Encrypt certs, spam filtering, and a management UI.
SnappyMail isn’t packed with buzzwords or corporate branding. It’s just a clean, fast webmail interface that works well with your existing mail server — and doesn’t get in your way. Originally forked from RainLoop after development there stalled, SnappyMail has taken a different path: minimal overhead, simple deployment, and no surprise dependencies.
Some setups just need mail to work — reliably, repeatably, and without handing over control to some black-box SaaS. Modoboa gives administrators a structured way to run self-hosted email, but without hiding what’s under the hood. It’s built on familiar components like Postfix and Dovecot, but wraps them in a manageable interface, along with a few smart additions for security, quotas, user management, and webmail access.
CryptPad is what happens when someone takes the idea of online collaboration and says: *what if we just didn’t see any of your data?* It’s a browser-based platform — no install, no app — but everything typed, uploaded, or shared is encrypted right there in the browser. Not after. Not optionally. It happens before anything touches the server.
FreeCommander isn’t about reinvention — it’s about getting control back. For users who handle files all day, it brings structure and speed to what’s usually a clumsy task in standard Explorer. It’s not for everyone, but for power users who want something predictable and fast, it fits right in.
KiTTY is one of those tools that doesn’t get the spotlight, but quietly earns its place on every serious Windows admin’s USB stick. It keeps the best parts of PuTTY, strips out limitations, and throws in just enough extras to make it stick. If you’re managing servers from Windows and PuTTY feels stale — KiTTY is your next step.
muCommander isn’t trying to reinvent anything. It’s just a tool — quiet, predictable, and ready when you need it. If you bounce between systems, work with remote shares, or just want something that “feels right” without being bloated… this one’s worth keeping around.
Cyberduck doesn’t try to be clever — and that’s exactly why it works. It opens a connection, shows a remote folder, and lets people move files around without needing to write a line of config. SFTP, FTP, S3, WebDAV — all handled through a simple, familiar interface that feels like using a local file manager.
This stack isn’t trying to be fancy. It collects logs, and it shows logs. But when that’s all that’s needed — it’s more than enough. There’s setup time, yes. But once it runs, it stays reliable. Which, in production, counts for more than flash.
Once running, it tends to stay out of the way… until something goes wrong. And then it becomes indispensable.
Shinken was born out of a simple frustration: classic Nagios couldn’t scale, and patching it didn’t get any easier. Instead of rewriting everything from scratch, the idea was to keep what worked — the config model, the plugins — and build a more flexible, distributed backend around it. In practice, that meant splitting up responsibilities into modules that could run on different machines, and moving the whole thing to Python.
VictoriaMetrics is a revolutionary tool for monitoring, scaling, managing your data. With its cutting-edge technology it proves to be superior to other monitoring software, making it unmatched at achieving efficient scalability, compatibility, and accessibility
LibreNMS is a cutting-edge tool designed to maintain and support network suitable for corporate and personal use. It’s advanced set of functional ensures impeccable results in network management including hardware and software tracking. With no secrets kept it allows full accessibility to what is happening under the hood with its open-source code.
If you’re looking to keep tabs on system performance — in real time, historically, and across a range of environments — this trio has you covered. Glances handles the metrics collection, InfluxDB stores the data efficiently, and Grafana brings it all to life with flexible, powerful visualizations. Simple, open-source, and surprisingly scalable.
mitmproxy is one of those tools that quietly saves hours — especially when other approaches just show you the surface. It doesn’t try to guess what’s happening — it shows you, lets you tweak it, and then keeps watching. In a field crowded with GUIs and sniffers, this one’s for when control matters more than charts.
Unicornscan isn’t here to replace Nmap. It follows a different path. It’s made for those moments when you need output — fast, at scale, and preferably without setting off alarms. It’s not something you’d use daily, but when you do need it, nothing else works quite the same.
MeshCentral isn’t a service — it’s a server. It’s what happens when remote access is needed, but the idea of routing everything through someone else’s cloud doesn’t sit right. Designed and maintained by Ylian Saint-Hilaire at Intel, MeshCentral is an open-source, self-hosted platform for managing remote systems — desktops, laptops, and even headless hardware — through a central web interface.
Snort 3 isn’t trying to be flashy. It doesn’t need to be. It’s a laser-focused network watchdog built for professionals who understand the value of seeing traffic for what it really is — and stopping it before it becomes a problem. For teams who’d rather build something robust than buy into another black-box platform, Snort still delivers where it counts.
OSSEC doesn’t advertise itself. No dashboards, no web GUI, no flashy interface. But it watches. It keeps an eye on your logs, system files, and odd behavior. It’s the sort of tool you install, forget about for a while — and then it catches something weird in /var/log/auth.log, and suddenly you remember why it’s there.
Wazuh isn’t just another SIEM. It’s not a shiny dashboard glued to a log collector. It’s a security platform that goes deep into endpoints — files, processes, configs — and tells you when something drifts out of line. Then it correlates that with known rules, compliance policies, or threat intel, and lets you act.
CrowdSec is an open-source intrusion detection and prevention system (IDS/IPS) that goes beyond simple rule-matching. Designed for today’s distributed infrastructures — cloud, containers, hybrid environments — it monitors system and application logs in real time, identifies suspicious behavior, and can automatically mitigate threats by blocking malicious IPs.
K3s and MicroK8s both solve the same problem: how to run Kubernetes without needing a datacenter. They trade some flexibility for simplicity — and in most small setups, that’s a good trade. Pick K3s if minimalism and embedded use matter more. Go with MicroK8s if you want something that behaves more like a trimmed-down copy of production clusters. Either way, the install takes minutes — and the learning that follows is the same.
This setup doesn’t feel like a workaround — it’s more like the way containers should’ve always run on Windows. No VMs to babysit, no constant switching between OS contexts. Just one system that runs both sides well enough. It’s not flawless, but once in place, it rarely gets in the way. And that, for most people, is exactly what’s needed.
There are times when a full hypervisor stack is overkill. For quick test environments, throwaway lab setups, or legacy system emulation, VirtualBox still proves useful. It’s not modern in the cloud-native sense, and it doesn’t pretend to be. But it runs reliably on most desktops, doesn’t ask for a license, and gets out of the way.