SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Sort by: popularity rating release date

← previous page Tools 41–50 of 125 next page →

(19) ★★★★½ Burp Suite (#13, 63)

Burp Suite is an integrated platform for attacking web applications. It contains a variety of tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All of the tools share the same framework for handling and displaying HTTP messages, persistence, authentication, proxies, logging, alerting and extensibility. There is a limited free version and also Burp Suite Professional ($299 per user per year). Read 22 reviews.

Latest release: version 1.4.01 on June 3, 2011 (12 years, 10 months ago).

(10) ★★★★½ Netcat (#8, 4)

This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool to use directly or easily drive by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections.

The original Netcat was released by Hobbit in 1995, but it hasn't been maintained despite its popularity. It can sometimes even be hard to find a copy of the v1.10 source code. The flexibility and usefulness of this tool prompted the Nmap Project to produce Ncat, a modern reimplementation which supports SSL, IPv6, SOCKS and http proxies, connection brokering, and more. Other takes on this classic tool include the amazingly versatile Socat, OpenBSD's nc, Cryptcat, Netcat6, pnetcat, SBD, and so-called GNU Netcat. Read 13 reviews.

Latest release: version 1.10 on March 20, 1996 (28 years ago).

(7) ★★★★½ Core Impact (#29, 15)

Core Impact isn't cheap (be prepared to spend at least $30,000), but it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. Other good options include Metasploit and Canvas. Read 11 reviews.

Latest release: version 12 on Aug. 8, 2011 (12 years, 7 months ago).

(9) ★★★★½ Metasploit (#2, 3)

Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is Metasploitable, an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers.

Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($5,000 per year per user), and a full-featured Pro edition. Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).

The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs. Read 15 reviews.

Latest release: version 4.11 on Dec. 18, 2014 (9 years, 3 months ago).

(2) ★★★★½ tcpdump (#9, 1)

Tcpdump is the network sniffer we all used before (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI and parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with less security risk. It also requires fewer system resources. While Tcpdump doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. tcpdump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap and many other tools. Read 3 reviews.

Latest release: version 4.7.4 on April 22, 2015 (8 years, 11 months ago).

(2) ★★★★½ NetStumbler (#25, 7)

Netstumbler is the best known Windows tool for finding open wireless access points ("wardriving"). They also distribute a WinCE version for PDAs and such named MiniStumbler. The tool is currently free but Windows-only and no source code is provided. It uses a more active approach to finding WAPs than passive sniffers such as Kismet or KisMAC. Read 2 reviews.

Latest release: version 0.4.0 on April 1, 2004 (20 years ago).

(2) ★★★★½ TrueCrypt (#31, 66)

The authors of TrueCrypt abandoned the project in May 2014. While many still use the software, there are several forks and alternatives that are striving to take its lofty place.
TrueCrypt is an excellent open source disk encryption system for Windows, Mac, and Linux systems. Users can encrypt entire filesystems, which are then on-the-fly encrypted/decrypted as needed without user intervention beyond initially entering their passphrase. A clever hidden volume feature allows you to hide a second layer of particularly sensitive content with plausible deniability about whether it even exists. Then if you are forced to give up your passphrase, you give them the first-level secret. That only allows them access to the innocuous material you have there, without proving that a second level key even exists. Read 5 reviews.

Latest release: version 7.2 on May 28, 2014 (9 years, 10 months ago).

(2) ★★★★½ skipfish (#39, new!)

skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments. Read 2 reviews.

Latest release: version 2.10b on Dec. 4, 2012 (11 years, 3 months ago).

(6) ★★★★½ Splunk (#65, new!)

Splunk is a tool to search, report, monitor and analyze real-time streaming and historical IT data. It collects logs from a variety of sources and makes them searchable in a unified interface. Read 6 reviews.

Latest release: version 4.1.7 on Feb. 14, 2011 (13 years, 1 month ago).

(6) ★★★★½ SAINT Security Suite (#110, 19)

SAINT is a commercial vulnerability assessment and penetration system. It was originally developed in the late 1990's as free UNIX tool based on the open source SATAN scanner. Later it went commercial and broadened into a whole suite of tools for vulnerability detection, exploitation, and asset management. It is available on multiple platforms, including appliances (SAINTbox) and cloud-hosted (SAINTcloud). Top competitors include Nessus, Nexpose, and QualysGuard. Read 12 reviews.

Latest release: version 9.8 on May 1, 2020 (3 years, 11 months ago).

← previous page Tools 41–50 of 125 next page →

Categories