SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Sort by: popularity rating release

← previous page Tools 61–70 of 125 next page →

(19) ★★★★½ Burp Suite (#13, 63)

Burp Suite is an integrated platform for attacking web applications. It contains a variety of tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All of the tools share the same framework for handling and displaying HTTP messages, persistence, authentication, proxies, logging, alerting and extensibility. There is a limited free version and also Burp Suite Professional ($299 per user per year). Read 22 reviews.

Latest release: version 1.4.01 on June 3, 2011 (12 years, 11 months ago).

(9) ★★★★½ sqlmap (#30, new!)

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features, from database fingerprinting to fetching data from the DB and even accessing the underlying file system and executing OS commands via out-of-band connections. The authors recommend using the development release from their Subversion repository. Read 11 reviews.

Latest release: version 0.9 on April 11, 2011 (13 years, 1 month ago).

no rating THC Amap (#104, 85)

Amap is a great tool for determining what application is listening on a given port. Their database isn't as large as what Nmap uses for its version detection feature, but it is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap even knows how to parse Nmap output files. This is yet another valuable tool from the great guys at THC. Review this tool.

Latest release: version 5.4 on April 1, 2011 (13 years, 1 month ago).

(13) ★★★★★ Scapy (#20, 8)

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. Note that Scapy is a very low-level tool—you interact with it using the Python programming language. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Read 16 reviews.

Latest release: version 2.2.0 on Feb. 28, 2011 (13 years, 2 months ago).

(4) ★★★★ QualysGuard (#42, 31)

QualysGuard is a popular SaaS (software as a service) vulnerability management offering. It's web-based UI offers network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking according to business risk. Internal scans are handled by Qualys appliances which communicate back to the cloud-based system. Read 5 reviews.

Latest release: version 6.18 on Feb. 25, 2011 (13 years, 2 months ago).

(10) ★★★★½ Nikto (#14, 2)

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated. Read 15 reviews.

Latest release: version 2.1.4 on Feb. 20, 2011 (13 years, 3 months ago).

no rating AIDE (#125, new!)

AIDE (Advanced Intrusion Detection Environment) is a rootkit detector, a free replacement for Tripwire. It makes cryptographic hashes of important system files and stores them in a database. It can then make reports about which files have changed. Read 1 review.

Latest release: version 0.16a1 on Feb. 16, 2011 (13 years, 3 months ago).

(6) ★★★★½ Splunk (#65, new!)

Splunk is a tool to search, report, monitor and analyze real-time streaming and historical IT data. It collects logs from a variety of sources and makes them searchable in a unified interface. Read 6 reviews.

Latest release: version 4.1.7 on Feb. 14, 2011 (13 years, 3 months ago).

(1) ★★★★★ dradis (#107, new!)

dradis is an open source framework to enable effective sharing of information among participants in a penetration test. It is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. It has plugins to read and collect the output of a variety of network scanning tools, like Nmap, Burp Suite, and Nikto. Read 1 review.

Latest release: version 2.6.1 on Feb. 11, 2011 (13 years, 3 months ago).

(5) ★★★★★ Netsparker (#75, new!)

Netsparker is a web application security scanner, with support for both detection and exploitation of vulnerabilities. It aims to be false positive–free by only reporting confirmed vulnerabilities after successfully exploiting or otherwise testing them. Read 6 reviews.

Latest release: version 1.8.3.3 on Feb. 10, 2011 (13 years, 3 months ago).

← previous page Tools 61–70 of 125 next page →

Categories