Top 4 Application-Specific Scanners
After the tremendously successful 2000 and 2003
security tools surveys, Insecure.Org is delighted to
release this 2006 survey. I (Fyodor) asked users
from the nmap-hackers
mailing list to share their favorite tools, and 3,243 people
responded. This allowed me to expand the list to 100 tools, and even
subdivide them into categories. This is the category page for application-specific scanners -- the full network security list is available here. Anyone in the security field
would be well advised to go over the list and investigate tools they
are unfamiliar with. I discovered several powerful new tools this
way. I also point newbies to this site whenever they write
me saying “I don't know where to start”.
Respondents were allowed to list open source or commercial tools on
any platform. Commercial tools are noted as such in the list below.
No votes for the Nmap Security
Scanner were counted because the survey was taken on a Nmap
mailing list. This audience also biases the list slightly
toward “attack” hacking tools rather than defensive ones.
Each tool is described by one ore more attributes:
 | Did not appear on the 2003 list |
 | Generally costs money. A free limited/demo/trial version may be available. |
 | Works natively on Linux |
 | Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants |
 | Works natively on Apple Mac OS X |
 | Works natively on Microsoft Windows |
 | Features a command-line interface |
 | Offers a GUI (point and click) interface |
 | Source code available for inspection. |
Please send updates and suggestions (or better tool logos) to Fyodor. If your tool is featured or you think your site visitors might enjoy this list, you are welcome to use our link banners.
Here is the list, starting with the most popular:
#1
|
THC Amap : An application fingerprinting scanner
Amap is a great tool for determining what application is listening on a given port. Their database isn't as large as what Nmap uses for its version detection feature, but it is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap even knows how to parse Nmap output files. This is yet another valuable tool from the great guys at THC.
|
#2
|
Nbtscan : Gathers NetBIOS info from Windows networks
NBTscan is a program for scanning IP networks for NetBIOS name information. It sends a NetBIOS status query to each address in supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address.
|
#3
|
Ike-scan : VPN detector/scanner
Ike-scan exploits transport characteristics in the Internet Key Exchange (IKE) service, the mechanism used by VPNs to establish a connection between a server and a remote client. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network. Most hosts running IKE will respond, identifying their presence. The tool then remains silent and monitors retransmission packets. These retransmission responses are recorded, displayed and matched against a known set of VPN product fingerprints. Ike-scan can VPNs from manufacturers including Checkpoint, Cisco, Microsoft, Nortel, and Watchguard.
|
#4
|
SPIKE Proxy : HTTP Hacking
Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and directory traversal detection.
|
Show All Top 100 Network Security Tools
Or view by category:
Application-Specific Scanners | Password Crackers | Encryption Tools | Disassemblers | Firewalls | Intrusion Detection Systems | Netcats | OS Detection Tools | Packet Crafting Tools | Port Scanners | Rootkit Detectors | Security-Oriented Operating Systems | Packet Sniffers | Vulnerability Exploitation Tools | Traceroute Tools | Traffic Monitoring Tools | Vulnerability Scanners | Web Vulnerability Scanners | Wireless Tools
|
Intro
