Tools for System Administrators
Software
Semaphore expects you to know Ansible. It doesn’t simplify syntax. It won’t warn you about destructive playbooks. It’s not a sandbox — it’s a safe trigger.
Airflow won’t write the logic for you. It won’t install your packages. It won’t babysit your scripts. But it gives you a structured place to put them — and a framework to treat automation as part of the system, not glue code between crontabs.
Attic walks through your files, splits the data into chunks, compresses them, encrypts them (if you want), and stores only the pieces it hasn’t already seen. When you run it again, it skips over what hasn’t changed. So, every backup looks like a full snapshot — but under the hood, it’s mostly just the deltas.
Let’s say you’re managing a bunch of machines — Linux here, some Windows there, maybe a few Macs in the mix. You don’t want agents on every box. You don’t want to deal with yet another cloud panel or be tied to a proprietary system. You just want backups that work, stay out of the way, and don’t eat up all your storage. That’s where BackupPC fits.
Some tools try to do everything. BorgBackup doesn’t. It focuses on one thing — backing up your data safely and efficiently — and does it extremely well. No cloud ties, no mystery layers, no nagging GUIs. Just a command-line interface, strong encryption, and solid, repeatable behavior.
Mail-in-a-Box tries to make that a bit less painful. It’s not a mail client, and it’s not a dashboard on top of someone else’s hosting — it’s a full-stack, all-in-one mail system you install on a single Ubuntu server. One script sets up everything: Postfix, Dovecot, Nextcloud for file sync, a DNS server (optional), Let’s Encrypt certs, spam filtering, and a management UI.
SnappyMail isn’t packed with buzzwords or corporate branding. It’s just a clean, fast webmail interface that works well with your existing mail server — and doesn’t get in your way. Originally forked from RainLoop after development there stalled, SnappyMail has taken a different path: minimal overhead, simple deployment, and no surprise dependencies.
Some setups just need mail to work — reliably, repeatably, and without handing over control to some black-box SaaS. Modoboa gives administrators a structured way to run self-hosted email, but without hiding what’s under the hood. It’s built on familiar components like Postfix and Dovecot, but wraps them in a manageable interface, along with a few smart additions for security, quotas, user management, and webmail access.
CryptPad is what happens when someone takes the idea of online collaboration and says: *what if we just didn’t see any of your data?* It’s a browser-based platform — no install, no app — but everything typed, uploaded, or shared is encrypted right there in the browser. Not after. Not optionally. It happens before anything touches the server.
FreeCommander isn’t about reinvention — it’s about getting control back. For users who handle files all day, it brings structure and speed to what’s usually a clumsy task in standard Explorer. It’s not for everyone, but for power users who want something predictable and fast, it fits right in.
KiTTY is one of those tools that doesn’t get the spotlight, but quietly earns its place on every serious Windows admin’s USB stick. It keeps the best parts of PuTTY, strips out limitations, and throws in just enough extras to make it stick. If you’re managing servers from Windows and PuTTY feels stale — KiTTY is your next step.
muCommander isn’t trying to reinvent anything. It’s just a tool — quiet, predictable, and ready when you need it. If you bounce between systems, work with remote shares, or just want something that “feels right” without being bloated… this one’s worth keeping around.
Cyberduck doesn’t try to be clever — and that’s exactly why it works. It opens a connection, shows a remote folder, and lets people move files around without needing to write a line of config. SFTP, FTP, S3, WebDAV — all handled through a simple, familiar interface that feels like using a local file manager.
VictoriaMetrics is a revolutionary tool for monitoring, scaling, managing your data. With its cutting-edge technology it proves to be superior to other monitoring software, making it unmatched at achieving efficient scalability, compatibility, and accessibility
mitmproxy is one of those tools that quietly saves hours — especially when other approaches just show you the surface. It doesn’t try to guess what’s happening — it shows you, lets you tweak it, and then keeps watching. In a field crowded with GUIs and sniffers, this one’s for when control matters more than charts.
Unicornscan isn’t here to replace Nmap. It follows a different path. It’s made for those moments when you need output — fast, at scale, and preferably without setting off alarms. It’s not something you’d use daily, but when you do need it, nothing else works quite the same.
Guacamole simplifies remote access — but setup takes some effort. It’s not a one-click install. Admins should be comfortable with web servers, firewalls, and auth systems.
MeshCentral isn’t a service — it’s a server. It’s what happens when remote access is needed, but the idea of routing everything through someone else’s cloud doesn’t sit right. Designed and maintained by Ylian Saint-Hilaire at Intel, MeshCentral is an open-source, self-hosted platform for managing remote systems — desktops, laptops, and even headless hardware — through a central web interface.
OpenWIPS-ng is not a turnkey commercial solution. There’s no wizard, no click-to-deploy, no GUI polish. It expects Wi-Fi knowledge and some Python chops.
Sysdig OSS isn’t fancy. It doesn’t draw graphs or offer a GUI. But it tells the truth — directly from the kernel. There’s no abstraction, no buffering, no log loss.
Auditd Webhook isn’t a full SIEM. It doesn’t analyze. It doesn’t store. It just forwards.
Falcon Sensor is tightly integrated with CrowdStrike’s cloud. Without console access, it doesn’t do much.
This setup doesn’t feel like a workaround — it’s more like the way containers should’ve always run on Windows. No VMs to babysit, no constant switching between OS contexts. Just one system that runs both sides well enough. It’s not flawless, but once in place, it rarely gets in the way. And that, for most people, is exactly what’s needed.
