Home page logo
/

SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Sort by: popularity rating release

Tools 1–25 of 125 next page →

(3) ★★★★ Firefox (#55, new!)

Firefox is a web browser, a descendant of Mozilla. It emerged as a serious competitor to Internet Explorer, with improved security as one of its features. While Firefox no longer has a stellar security record, security professionals still appreciate it for its wide selection of security-related add-ons, including Tamper Data, Firebug, and NoScript. Read 3 reviews.

Latest release: version 29.0.1 on May 9, 2014 (5 months, 2 weeks ago).

no rating ClamAV (#80, 6)

ClamAV is a powerful AntiVirus scanner focused towards integration with mail servers for attachment scanning. It provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via the Internet. Clam AntiVirus is based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date. The project was acquired by Sourcefire in 2007. Review this tool.

Latest release: version 0.98.3 on May 7, 2014 (5 months, 2 weeks ago).

no rating GDB (#93, new!)

GDB is the GNU Project's debugger. Security folks use it to analyze unknown binaries, by getting disassemblies and stepping through a program instruction by instruction. GDB can debug programs written in Ada, C, C++, Objective-C, Pascal, and other languages. Review this tool.

Latest release: version 7.7.1 on May 5, 2014 (5 months, 2 weeks ago).

no rating OpenVPN (#56, 36)

OpenVPN is an open-source SSL VPN package which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN uses OpenSSL as its primary cryptographic library. Review this tool.

Latest release: version 2.3.4 on May 2, 2014 (5 months, 3 weeks ago).

(5) ★★★★★ Nagios (#69, 2)

Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method). Read 6 reviews.

Latest release: version 4.0.6 on April 29, 2014 (5 months, 3 weeks ago).

(22) ★★★½ OpenVAS (#19, new!)

OpenVAS is a vulnerability scanner that was forked from the last free version of Nessus after that tool went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. The project seemed dead for a while, but development has restarted. Read 26 reviews.

Latest release: version 7.0 on April 25, 2014 (5 months, 4 weeks ago).

no rating BeEF (#77, new!)

BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers. It is designed to make the creation of new exploit modules easy. Read 3 reviews.

Latest release: version 0.4.5.0 on April 25, 2014 (5 months, 4 weeks ago).

(1) ★★★★★ Snort (#5, 2)

This network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

While Snort itself is free and open source, parent company SourceFire offers their VRT-certified rules for $499 per sensor per year and a complementary product line of software and appliances with more enterprise-level features. Sourcefire also offers a free 30-day delayed feed. Read 2 reviews.

Latest release: version 2.9.6.1 on April 23, 2014 (6 months ago).

(17) ★★★★★ Wireshark (#1, 1)

Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source multi-platform network protocol analyzer. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tshark is included. One word of caution is that Wireshark has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences). Read 30 reviews.

Latest release: version 1.10.7 on April 22, 2014 (6 months ago).

no rating VMware (#43, 46)

VMware virtualization software lets you run one operating system within another. This is quite useful for security researchers who commonly need to test code, exploits, etc on multiple platforms. It only runs on Windows and Linux as the host OS, but pretty much any x86 or x86_64 OS will run inside the virtualized environment. It is also useful for setting up sandboxes. You can browse from within a VMware window so the even if you are infected with malware, it cannot reach your host OS. And recovering the guest OS is as simple as loading a "snapshot" from prior to the infection. VMware player (executes, but can't create OS images) and VMWare Server (partitions a physical server machine into multiple virtual machines) were recently released for free. An open-source alternative is VirtualBox. Xen is a Linux-specific virtualization system. Review this tool.

Latest release: version 10.0.2 on April 17, 2014 (6 months, 1 week ago).

no rating Stunnel (#117, 38)

The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote servers. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries. Review this tool.

Latest release: version 5.01 on April 8, 2014 (6 months, 2 weeks ago).

(5) ★★★★ Cain and Abel (#6, 3)

UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using dictionary, brute-force and cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented. Read 9 reviews.

Latest release: version 4.9.56 on April 7, 2014 (6 months, 2 weeks ago).

no rating OpenSSL (#50, 9)

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. Apart from being a component of many crypto programs, OpenSSL comes with a lot of command-line tools for encryption, hashing, certificate handling, and more. Review this tool.

Latest release: version 1.0.1g on April 7, 2014 (6 months, 2 weeks ago).

(2) ★★★★★ KeePass (#92, new!)

KeePass is a password manager. It stores many passwords which are unlocked by one master password. The idea is to only have to remember one high-quality password, and still be able to use unique passwords for various accounts. It has a feature to automatically fill in passwords in web forms. Read 2 reviews.

Latest release: version 1.27 on April 6, 2014 (6 months, 2 weeks ago).

(4) ★★★★★ Malwarebytes' Anti-Malware (#74, new!)

Malwarebytes' Anti-Malware is a malware scanner for Windows. The authors claim to use a variety of technologies to find malware undetectable by other malware scanners. There is a free trial with limited options and a supported full version with the ability to run scheduled scans. Read 5 reviews.

Latest release: version 2.0.1.1004 on April 4, 2014 (6 months, 2 weeks ago).

(6) ★★★★½ Metasploit (#2, 3)

Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is Metasploitable, an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers.

Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($3,000 per year per user), and a full-featured Pro edition ($15,000 per user per year). Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).

The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs. Read 10 reviews.

Latest release: version 4.9 on March 26, 2014 (6 months, 4 weeks ago).

no rating cURL (#100, new!)

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, authentication, and more. libcurl provides these capabilities to other programs. Review this tool.

Latest release: version 7.36.0 on March 26, 2014 (6 months, 4 weeks ago).

(4) ★★★★★ Firebug (#89, new!)

Firebug is an add-on for Firefox that provides access to browser internals. It features live editing of HTML and CSS, a DOM viewer, and a JavaScript debugger. Web application security testers appreciate the ability to see what's happening behind the scenes of the browser. Read 4 reviews.

Latest release: version 1.12.7 on March 5, 2014 (7 months, 2 weeks ago).

(1) ★★★★★ Tor (#53, 6)

Tor is a network of virtual tunnels designed to improve privacy and security on the Internet by routing your requests through a series of intermediate machines. It uses a normal proxy server interface so that ordinary Internet applications like web browsers and chat programs can be configured to use it. In addition to helping preserve users' anonymity, Tor can help evade firewall restrictions. Tor's hidden services allow users publish web sites and other services without revealing their identity or location. For a free cross-platform GUI, users recommend Vidalia. Remember that Tor exit nodes are sometimes run by malicious parties and can sniff your traffic, so avoid authenticating using insecure network protocols (such as non-SSL web sites and mail servers). That is always dangerous, but particularly bad when routing through Tor. Read 1 review.

Latest release: version 0.2.4.21 on Feb. 28, 2014 (7 months, 3 weeks ago).

(3) ★★★★½ Fiddler (#60, new!)

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Read 3 reviews.

Latest release: version 4.4.6.1 on Feb. 20, 2014 (8 months ago).

(1) ★★ EnCase (#120, new!)

EnCase is a suite of computer forensics software, commonly used by law enforcement. Its wide use has made it a de-facto standard in forensics. It is made to collect data from a computer in a forensically sound manner (employing checksums to help detect tampering). Read 2 reviews.

Latest release: version 7.09.02 on Feb. 4, 2014 (8 months, 2 weeks ago).

(2) ★★★★★ NoScript (#85, new!)

NoScript is an add-on for Firefox that blocks JavaScript, Java, Flash, and other plugin content (allowing you to selectively re-enable them for certain sites). It also offers cross-site scripting protection. This is mainly designed to keep web users safe, but security testers can also use the add-on to see what scripts a site is using. One caution is that the NoScript author Giorgio Maone has been caught inserting hidden code into NoScript which disabled users' ad-blocking software so that ads would still show up on the NoScript web site. He did post a lengthy apology. Read 3 reviews.

Latest release: version 2.6.8.13 on Jan. 22, 2014 (9 months ago).

(5) ★★★★½ inSSIDer (#90, new!)

inSSIDer is a wireless network scanner for Windows, OS X, and Android. It was designed to overcome limitations of NetStumbler, namely not working well on 64-bit Windows and Windows Vista. inSSIDer can find open wireless access points, track signal strength over time, and save logs with GPS records. Read 10 reviews.

Latest release: version 3.1.2.1 on Dec. 18, 2013 (10 months, 1 week ago).

no rating IDA Pro (#33, 12)

Disassembly is a big part of security research. It will help you dissect that Microsoft patch to discover the silently fixed bugs they don't tell you about, or more closely examine a server binary to determine why your exploit isn't working. Many debuggers are available, but IDA Pro has become the de-facto standard for the analysis of hostile code and vulnerability research. This interactive, programmable, extensible, multi-processor disassembler has a graphical interface on Windows and console interfaces on Linux and Mac OS X. Review this tool.

Latest release: version 6.5.131217 on Dec. 17, 2013 (10 months, 1 week ago).

(3) ★★★★½ OSSIM (#48, new!)

Alienvault OSSIM stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant network/security administrators with a detailed view over each and every aspect of networks, hosts, physical access devices, and servers. OSSIM incorporates several other tools, including Nagios and OSSEC HIDS. Read 3 reviews.

Latest release: version 4.4 on Dec. 13, 2013 (10 months, 1 week ago).

Tools 1–25 of 125 next page →

Categories

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]