SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Sort by: popularity rating release date

← previous page Tools 61–70 of 125 next page →

(1) ★★★★ Medusa (#49, new!)

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It supports many protocols: AFP, CVS, FTP, HTTP, IMAP, rlogin, SSH, Subversion, and VNC to name a few. Other online crackers are THC Hydra and Ncrack. Read 1 review.

Latest release: version 2.0 on Feb. 9, 2010 (14 years, 3 months ago).

(1) ★★★★ L0phtCrack (#57, 30)

L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009. For free alternatives, consider ophcrack, Cain and Abel, or John the Ripper. Read 1 review.

Latest release: version 6.0.11 on Jan. 9, 2011 (13 years, 4 months ago).

(2) ★★★★ sslstrip (#61, new!)

sslstrip is an SSL stripping proxy, designed to make unencrypted HTTP sessions look as much as possible like HTTPS sessions. It converts https links to http or to https with a known private key. It even provides a padlock favicon for the illusion of a secure channel. Many HTTPS sites are normally accessed from a redirect on an HTTP page, and many users don't notice when their connection isn't upgraded. Read 2 reviews.

Latest release: version 0.7 on Dec. 18, 2009 (14 years, 4 months ago).

(1) ★★★★ Sguil (#86, 1)

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis. Read 1 review.

Latest release: version 0.9.0 on March 28, 2014 (10 years, 1 month ago).

(1) ★★★★ Tamper Data (#88, new!)

Tamper Data is an add-on for Firefox that lets you view and modify HTTP requests before they are sent. It shows what information the web browser is sending on your behalf, such as cookies and hidden form fields. Use of this plugin can reveal web applications that trust the client not to misbehave. Read 1 review.

Latest release: version 10.1.1 on Feb. 11, 2010 (14 years, 3 months ago).

(2) ★★★★ Socat (#108, 37)

A utility similar to the venerable Netcat that works over a number of protocols and through a files, pipes, devices (terminal or modem, etc.), sockets (Unix, IP4, IP6 - raw, UDP, TCP), a client for SOCKS4, proxy CONNECT, or SSL, etc. It provides forking, logging, and dumping, different modes for interprocess communication, and many more options. It can be used, for example, as a TCP relay (one-shot or daemon), as a daemon-based socksifier, as a shell interface to Unix sockets, as an IP6 relay, for redirecting TCP-oriented programs to a serial line, or to establish a relatively secure environment (su and chroot) for running client or server shell scripts with network connections. Read 2 reviews.

Latest release: version 2.0.0-b4 on Aug. 2, 2010 (13 years, 9 months ago).

(1) ★★★★ DumpSec (#109, new!)

DumpSec is a security auditing program for Microsoft Windows NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information. Read 2 reviews.

Latest release: version 2.8.6 on June 3, 2010 (13 years, 11 months ago).

(1) ★★★★ WinDbg (#113, new!)

WinDbg is a graphical debugger from Microsoft. It is actually just one component of the Debugging Tools for Windows package, which also includes the KD, CDB, and NTSD debuggers. Its claim to fame is debugging memory dumps produced after a crash. It can even debug in kernel mode. Read 1 review.

Latest release: version 10.0.10075.9 on April 29, 2015 (9 years ago).

(3) ★★★★ Wapiti (#121, new!)

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans; i.e., it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. Read 4 reviews.

Latest release: version 2.2.1 on Dec. 29, 2009 (14 years, 4 months ago).

(30) ★★★★ OpenVAS (#19, new!)

OpenVAS is a vulnerability scanner that was forked from the last free version of Nessus after that tool went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. The project seemed dead for a while, but development has restarted. Read 35 reviews.

Latest release: version 8.0 on April 2, 2015 (9 years, 1 month ago).

← previous page Tools 61–70 of 125 next page →

Categories