We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!
This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool to use directly or easily drive by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections.
While there are many advanced high-tech tools out there to assist in security auditing, don't forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that Windows omits whois and uses the name tracert). They can be very handy in a pinch, although more advanced functionality is available from Hping and Netcat.
Read 5 reviews.
While many canned security tools are available on this site for handling common tasks, scripting languages allow you to write your own (or modify existing ones) when you need something more custom. Quick, portable scripts can test, exploit, or even fix systems. Archives like CPAN are filled with modules such as Net::RawIP and protocol implementations to make your tasks even easier. Many security tools use scripting languages heavily for extensibility. For example Scapy interaction is through a Python interpreter, Metasploit modules are written in Ruby, and Nmap's scripting engine uses Lua.
Review this tool.
While it is far more than a security tool, Google's massive database is a gold mine for security researchers and penetration testers. You can use it to dig up information about a target company by using directives such as “site:target-domain.com” and find employee names, sensitive information that they wrongly thought was hidden, vulnerable software installations, and more. Similarly, when a bug is found in yet another popular webapp, Google can often provide a list of vulnerable servers worldwide within seconds. Check out the Google Hacking Database and Johnny Long's excellent book: Google Hacking for Penetration Testers.
Read 2 reviews.
VMware virtualization software lets you run one operating system within another. This is quite useful for security researchers who commonly need to test code, exploits, etc on multiple platforms. It only runs on Windows and Linux as the host OS, but pretty much any x86 or x86_64 OS will run inside the virtualized environment. It is also useful for setting up sandboxes. You can browse from within a VMware window so the even if you are infected with malware, it cannot reach your host OS. And recovering the guest OS is as simple as loading a "snapshot" from prior to the infection. VMware player (executes, but can't create OS images) and VMWare Server (partitions a physical server machine into multiple virtual machines) were recently released for free. An open-source alternative is VirtualBox. Xen is a Linux-specific virtualization system.
Review this tool.
Latest release: version 10.0.2 on April 17, 2014 (1 year ago).
Firefox is a web browser, a descendant of Mozilla. It emerged as a serious competitor to Internet Explorer, with improved security as one of its features. While Firefox no longer has a stellar security record, security professionals still appreciate it for its wide selection of security-related add-ons, including Tamper Data, Firebug, and NoScript.
Read 3 reviews.
Latest release: version 29.0.1 on May 9, 2014 (11 months, 3 weeks ago).
curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, authentication, and more. libcurl provides these capabilities to other programs.
Review this tool.
Latest release: version 7.36.0 on March 26, 2014 (1 year, 1 month ago).
A utility similar to the venerable Netcat that works over a number of protocols and through a files, pipes, devices (terminal or modem, etc.), sockets (Unix, IP4, IP6 - raw, UDP, TCP), a client for SOCKS4, proxy CONNECT, or SSL, etc. It provides forking, logging, and dumping, different modes for interprocess communication, and many more options. It can be used, for example, as a TCP relay (one-shot or daemon), as a daemon-based socksifier, as a shell interface to Unix sockets, as an IP6 relay, for redirecting TCP-oriented programs to a serial line, or to establish a relatively secure environment (su and chroot) for running client or server shell scripts with network connections.
Read 2 reviews.
Latest release: version 2.0.0-b4 on Aug. 2, 2010 (4 years, 8 months ago).