Home page logo
/

SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Sort by: popularity rating release date

← previous page Tools 76–100 of 125 next page →

(3) ★★★ HP WebInspect (#76, 36)

WebInspect is a web application security assessment tool that helps identify known and unknown vulnerabilities within the Web application layer. It can also help check that a Web server is configured properly, and attempts common web attacks such as parameter injection, cross-site scripting, directory traversal, and more. It was produced by Spidynamics, which is now part of HP. Read 3 reviews.

Latest release: version 9.10 on June 27, 2011 (3 years, 5 months ago).

no rating BeEF (#77, new!)

BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers. It is designed to make the creation of new exploit modules easy. Read 3 reviews.

Latest release: version 0.4.5.0 on April 25, 2014 (8 months ago).

(1) ★★★★★ Argus (#78, 5)

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information. There is also another open source network monitoring program named Argus. Read 1 review.

Latest release: version 3.7 on Feb. 1, 2013 (1 year, 10 months ago).

(3) ★★★★★ OpenBSD PF (#79, 22)

Like Netfilter and ipfilter on other platforms, OpenBSD users love PF, their firewall tool. It handles network address translation, normalizing TCP/IP traffic, providing bandwidth control, and packet prioritization. It also offers some eccentric features, such as passive OS detection. Coming from the same guys who created OpenBSD, you can trust that it has been well audited and coded to avoid the sort of security holes we have seen in other  packet  filters. Read 3 reviews.

Latest release: version 5.3 on May 1, 2012 (2 years, 7 months ago).

no rating ClamAV (#80, 6)

ClamAV is a powerful AntiVirus scanner focused towards integration with mail servers for attachment scanning. It provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via the Internet. Clam AntiVirus is based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date. The project was acquired by Sourcefire in 2007. Review this tool.

Latest release: version 0.98.3 on May 7, 2014 (7 months, 2 weeks ago).

(1) ★★★★★ Nipper (#81, new!)

Nipper (short for Network Infrastructure Parser, previously known as CiscoParse) audits the security of network devices such as switches, routers, and firewalls. It works by parsing and analyzing device configuration file which the Nipper user must supply. This was an open source tool until its developer (Titania) released a commercial version and tried to hide their old GPL releases (including the GPLv2 version 0.10 source tarball). Read 1 review.

Latest release: version 1.3.

(1) ★★★ NetworkMiner (#82, new!)

NetworkMiner is a Network Forensic Analysis Tool for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse pcap files for off-line analysis and to regenerate/reassemble transmitted files and certificates from pcap files. In contrast to other sniffers like Wireshark, NetworkMiner's display focuses on hosts and their attributes rather than raw packets. Read 1 review.

Latest release: version 1.0 on Feb. 5, 2011 (3 years, 10 months ago).

no rating Wikto (#83, 1)

Wikto is a tool that checks for flaws in webservers. It provides much the same functionality as Nikto but adds various interesting pieces of functionality, such as a Back-End miner and close Google integration. Wikto is written for the MS .NET environment and registration is required to download the binary and/or source code. Review this tool.

Latest release: version 2.1.0.0 on Dec. 14, 2008 (6 years ago).

no rating P0f (#84, 51)

P0f is able to identify the operating system of a target host simply by examining captured packets even when the device in question is behind an overzealous packet firewall. P0f does not generate ANY additional network traffic, direct or indirect. No name lookups, no mysterious probes, no ARIN queries, nothing. In the hands of advanced users, P0f can detect firewall presence, NAT use, existence of load balancers, and more! Review this tool.

Latest release: version 2.0.8 on Sept. 6, 2006 (8 years, 3 months ago).

(2) ★★★★★ NoScript (#85, new!)

NoScript is an add-on for Firefox that blocks JavaScript, Java, Flash, and other plugin content (allowing you to selectively re-enable them for certain sites). It also offers cross-site scripting protection. This is mainly designed to keep web users safe, but security testers can also use the add-on to see what scripts a site is using. One caution is that the NoScript author Giorgio Maone has been caught inserting hidden code into NoScript which disabled users' ad-blocking software so that ads would still show up on the NoScript web site. He did post a lengthy apology. Read 3 reviews.

Latest release: version 2.6.8.13 on Jan. 22, 2014 (11 months ago).

(1) ★★★★ Sguil (#86, 1)

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis. Read 1 review.

Latest release: version 0.7.0 on March 26, 2008 (6 years, 9 months ago).

(3) ★★★★★ Samurai Web Testing Framework (#87, new!)

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. Samurai includes many other tools featured in this list, such as WebScarab, ratproxy, w3af, Burp Suite, and BeEF. Read 4 reviews.

Latest release: version 0.9.9 on Aug. 13, 2011 (3 years, 4 months ago).

(1) ★★★★ Tamper Data (#88, new!)

Tamper Data is an add-on for Firefox that lets you view and modify HTTP requests before they are sent. It shows what information the web browser is sending on your behalf, such as cookies and hidden form fields. Use of this plugin can reveal web applications that trust the client not to misbehave. Read 1 review.

Latest release: version 10.1.1 on Feb. 11, 2010 (4 years, 10 months ago).

(4) ★★★★★ Firebug (#89, new!)

Firebug is an add-on for Firefox that provides access to browser internals. It features live editing of HTML and CSS, a DOM viewer, and a JavaScript debugger. Web application security testers appreciate the ability to see what's happening behind the scenes of the browser. Read 4 reviews.

Latest release: version 1.12.7 on March 5, 2014 (9 months, 3 weeks ago).

(5) ★★★★½ inSSIDer (#90, new!)

inSSIDer is a wireless network scanner for Windows, OS X, and Android. It was designed to overcome limitations of NetStumbler, namely not working well on 64-bit Windows and Windows Vista. inSSIDer can find open wireless access points, track signal strength over time, and save logs with GPS records. Read 10 reviews.

Latest release: version 3.1.2.1 on Dec. 18, 2013 (1 year ago).

no rating Nemesis (#91, 33)

The Nemesis Project is designed to be a commandline-based, portable human IP stack for UNIX/Linux (and now Windows!). The suite is broken down by protocol, and should allow for useful scripting of injected packet streams from simple shell scripts. If you enjoy Nemesis, you might also want to look at Hping as they complement each other well. Review this tool.

Latest release: version 1.4beta3 on June 29, 2003 (11 years, 5 months ago).

(3) ★★★★★ KeePass (#92, new!)

KeePass is a password manager. It stores many passwords which are unlocked by one master password. The idea is to only have to remember one high-quality password, and still be able to use unique passwords for various accounts. It has a feature to automatically fill in passwords in web forms. Read 3 reviews.

Latest release: version 1.27 on April 6, 2014 (8 months, 2 weeks ago).

no rating GDB (#93, new!)

GDB is the GNU Project's debugger. Security folks use it to analyze unknown binaries, by getting disassemblies and stepping through a program instruction by instruction. GDB can debug programs written in Ada, C, C++, Objective-C, Pascal, and other languages. Review this tool.

Latest release: version 7.7.1 on May 5, 2014 (7 months, 2 weeks ago).

(3) ★★★½ VirusTotal (#94, new!)

VirusTotal is a web service that analyzes submitted files for known viruses and other malware. It incorporates dozens of antivirus engines from different vendors, updated regularly with new signatures. Participating antivirus vendors can get alerts when a file is not detected by their product but is by someone else's. Read 3 reviews.

no rating Tripwire (#95, 58)

A file and directory integrity checker. Tripwire is a tool that aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner. Traditionally an open souce tool, Tripwire Corp is now focused on their commercial enterprise configuration control offerings. An open source Linux version can still be found at SourceForge. UNIX users may also want to consider AIDE, which has been designed to be a free Tripwire replacement. Or you may wish to investigate Radmind, rkhunter, or chkrootkit. Windows users may like RootkitRevealer from Sysinternals. Review this tool.

no rating ratproxy (#96, new!)

Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments. Read 1 review.

Latest release: version 1.58 beta on May 1, 2009 (5 years, 7 months ago).

(1) ★★★★★ KisMAC (#97, 42)

This popular wireless stumbler for Mac OS X offers many of the features of its namesake Kismet, though the codebase is entirely different. Unlike console-based Kismet, KisMAC offers a pretty GUI and was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import and logging, and even some decryption and deauthentication attacks. Read 1 review.

Latest release: version 0.3.3 on Feb. 7, 2011 (3 years, 10 months ago).

no rating ike-scan (#98, 45)

ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network. Most hosts running IKE will respond, identifying their presence. The tool then remains silent and monitors retransmission packets. These retransmission responses are recorded, displayed and matched against a known set of VPN product fingerprints. ike-scan can VPNs from manufacturers including Checkpoint, Cisco, Microsoft, Nortel, and Watchguard. Review this tool.

Latest release: version 1.9 on Jan. 24, 2007 (7 years, 11 months ago).

no rating NetScanTools (#99, new!)

NetScanTools is a collection of over 40 network utilities for Windows, designed with an easy user interface in mind. It includes DNS tools, a ping and port scanner, traceroute, and other utilities. It comes in bundles with more or fewer tools based on the price. Read 1 review.

Latest release: version 11.30 on May 8, 2012 (2 years, 7 months ago).

no rating cURL (#100, new!)

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, authentication, and more. libcurl provides these capabilities to other programs. Review this tool.

Latest release: version 7.36.0 on March 26, 2014 (9 months ago).

← previous page Tools 76–100 of 125 next page →

Categories

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]