Home page logo
/

SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Filtering by tag:

remove filters
Sort by: popularity rating release date

← previous page Tools 26–50 of 81 next page →

(1) ★★★★★ VMware (#43, 46)

VMware virtualization software lets you run one operating system within another. This is quite useful for security researchers who commonly need to test code, exploits, etc on multiple platforms. It only runs on Windows and Linux as the host OS, but pretty much any x86 or x86_64 OS will run inside the virtualized environment. It is also useful for setting up sandboxes. You can browse from within a VMware window so the even if you are infected with malware, it cannot reach your host OS. And recovering the guest OS is as simple as loading a "snapshot" from prior to the infection. VMware player (executes, but can't create OS images) and VMWare Server (partitions a physical server machine into multiple virtual machines) were recently released for free. An open-source alternative is VirtualBox. Xen is a Linux-specific virtualization system. Read 1 review.

Latest release: version 12.0.0 on Aug. 24, 2015 (1 year, 10 months ago).

(1) ★★★★★ OllyDbg (#44, 49)

OllyDbg is a 32-bit assembler level analyzing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg features an intuitive user interface, advanced code analysis capable of recognizing procedures, loops, API calls, switches, tables, constants and strings, an ability to attach to a running program, and good multi-thread support. OllyDbg is free to download and use but no source code is provided. Read 1 review.

Latest release: version 2.01 on Sept. 27, 2013 (3 years, 9 months ago).

(2) ★★★ Ntop (#45, 9)

Ntop shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode, it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Read 2 reviews.

Latest release: version 4.0.3 on Oct. 24, 2010 (6 years, 8 months ago).

(3) ★★★ MBSA (#46, 54)

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Apparently MBSA on average scans over 3 million computers each week. Read 3 reviews.

Latest release: version 2.3 on Nov. 12, 2013 (3 years, 7 months ago).

(2) ★★★★ AppScan (#47, 51)

AppScan provides security testing throughout the application development lifecycle, easing unit testing and security assurance early in the development phase. Appscan scans for many common vulnerabilities, such as cross site scripting, HTTP response splitting, parameter tampering, hidden field manipulation, backdoors/debug options, buffer overflows and more. AppScan was merged into IBM's Rational division after IBM purchased its original developer (Watchfire) in 2007. Read 2 reviews.

Latest release: version 8.5 on Nov. 15, 2011 (5 years, 7 months ago).

(2) ★★★★½ OSSIM (#48, new!)

Alienvault OSSIM stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant network/security administrators with a detailed view over each and every aspect of networks, hosts, physical access devices, and servers. OSSIM incorporates several other tools, including Nagios and OSSEC HIDS. Read 2 reviews.

Latest release: version 5.0.3 on June 2, 2015 (2 years ago).

(1) ★★★★★ Canvas (#51, 37)

Canvas is a commercial vulnerability exploitation tool from Dave Aitel's ImmunitySec. It includes more than 370 exploits and is less expensive than Core Impact or the commercial versions of Metasploit. It comes with full source code, and occasionally even includes zero-day exploits. Read 1 review.

Latest release: version 6.73 on Oct. 26, 2011 (5 years, 8 months ago).

(1) ★★★★★ Tor (#53, 6)

Tor is a network of virtual tunnels designed to improve privacy and security on the Internet by routing your requests through a series of intermediate machines. It uses a normal proxy server interface so that ordinary Internet applications like web browsers and chat programs can be configured to use it. In addition to helping preserve users' anonymity, Tor can help evade firewall restrictions. Tor's hidden services allow users publish web sites and other services without revealing their identity or location. For a free cross-platform GUI, users recommend Vidalia. Remember that Tor exit nodes are sometimes run by malicious parties and can sniff your traffic, so avoid authenticating using insecure network protocols (such as non-SSL web sites and mail servers). That is always dangerous, but particularly bad when routing through Tor. Read 1 review.

Latest release: version 0.2.6.10 on July 12, 2015 (1 year, 11 months ago).

no rating Retina (#54, 29)

Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research. Read 1 review.

(3) ★★★★ Firefox (#55, new!)

Firefox is a web browser, a descendant of Mozilla. It emerged as a serious competitor to Internet Explorer, with improved security as one of its features. While Firefox no longer has a stellar security record, security professionals still appreciate it for its wide selection of security-related add-ons, including Tamper Data, Firebug, and NoScript. Read 3 reviews.

Latest release: version 40.0.3 on Aug. 27, 2015 (1 year, 10 months ago).

no rating OpenVPN (#56, 36)

OpenVPN is an open-source SSL VPN package which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN uses OpenSSL as its primary cryptographic library. Review this tool.

Latest release: version 2.3.8 on Aug. 4, 2015 (1 year, 10 months ago).

(2) ★★★★½ L0phtCrack (#57, 30)

L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009. For free alternatives, consider ophcrack, Cain and Abel, or John the Ripper. Read 3 reviews.

Latest release: version 6.0.11 on Jan. 9, 2011 (6 years, 5 months ago).

(2) ★★★★★ Yersinia (#59, 7)

Yersinia is a low-level protocol attack tool useful for penetration testing. It is capable of many diverse attacks over multiple protocols, such as becoming the root role in the Spanning Tree (Spanning Tree Protocol), creating virtual CDP (Cisco Discovery Protocol) neighbors, becoming the active router in a HSRP (Hot Standby Router Protocol) scenario, faking DHCP replies, and other low-level attacks. Read 2 reviews.

Latest release: version 0.7.1 on Jan. 26, 2007 (10 years, 5 months ago).

(3) ★★★★½ Fiddler (#60, new!)

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Read 3 reviews.

Latest release: version 4.5.1.5 on July 23, 2015 (1 year, 11 months ago).

no rating SolarWinds (#62, 16)

SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more. Review this tool.

no rating EtherApe (#64, 21)

Featuring link layer, IP, and TCP modes, EtherApe displays network activity graphically with a color coded protocols display. Hosts and links change in size with traffic. It supports Ethernet, WLAN, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network. Review this tool.

Latest release: version 0.9.13 on May 5, 2013 (4 years, 1 month ago).

(2) ★★★½ Angry IP Scanner (#66, 15)

Angry IP Scanner is a small open source Java application which performs host discovery ("ping scan") and port scans. The old 2.x release was Windows-only, but the new 3.X series runs on Linux, Mac, or Windows as long as Java is installed. Version 3.X omits the vampire zebra logo. As with all connect()-based scanners, performance on Windows XP SP2 and newer be poor due to limitations added to tcpip.sys. The FAQ provides details and workarounds. A short review was posted to nmap-dev in 2008. Read 4 reviews.

Latest release: version 3.0-beta4 on March 23, 2009 (8 years, 3 months ago).

(2) ★★★½ NetWitness NextGen (#67, new!)

NetWitness NextGen is a network security monitor. The heart of the monitor is the Decoder subsystem that records network traffic for analysis. The Investigator is a protocol analyzer meant to be run on captured traffic. Read 2 reviews.

Latest release: version 9.0.5.4 on March 17, 2010 (7 years, 3 months ago).

(5) ★★★★★ Secunia PSI (#68, new!)

Secunia PSI (Personal Software Inspector) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins that expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus programs. Secunia PSI checks only the machine it is running on, while its commercial sibling Secunia CSI (Corporate Software Inspector) scans multiple machines on a network. Read 5 reviews.

Latest release: version 2.0 on Jan. 10, 2011 (6 years, 5 months ago).

(5) ★★★★★ Nagios (#69, 2)

Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method). Read 7 reviews.

Latest release: version 4.0.8 on Aug. 12, 2014 (2 years, 10 months ago).

(4) ★★★½ Immunity Debugger (#70, new!)

Immunity Debugger is a debugger whose design reflects the need to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility. Read 6 reviews.

Latest release: version 1.80 on Dec. 6, 2010 (6 years, 6 months ago).

(2) ★★★ Superscan (#71, 49)

Superscan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone (now part of McAfee). It includes a variety of additional networking tools such as ping, traceroute, HTTP HEAD, and whois. Some functionality has been crippled by restrictions imposed by Microsoft in Windows XP SP2 and newer releases. This tool is not really maintained (the latest release was in 2004). Read 4 reviews.

Latest release: version 4.0 on March 11, 2004 (13 years, 3 months ago).

no rating Helix (#73, 21)

Helix is a Ubuntu live CD customized for computer forensics. Helix has been designed very carefully to not touch the host computer in any way and it is forensically sound. Helix will not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics. Downloading of the live CD is only provided as a complement to membership in the e-fense members-only forum. An unsupported, older, no-cost version is available as well. Review this tool.

Latest release: version 2009R3 on Dec. 23, 2009 (7 years, 6 months ago).

(6) ★★★★★ Malwarebytes' Anti-Malware (#74, new!)

Malwarebytes' Anti-Malware is a malware scanner for Windows. The authors claim to use a variety of technologies to find malware undetectable by other malware scanners. There is a free trial with limited options and a supported full version with the ability to run scheduled scans. Read 7 reviews.

Latest release: version 2.1.8.1057 on June 29, 2015 (1 year, 12 months ago).

(4) ★★★★★ Netsparker (#75, new!)

Netsparker is a web application security scanner, with support for both detection and exploitation of vulnerabilities. It aims to be false positive–free by only reporting confirmed vulnerabilities after successfully exploiting or otherwise testing them. Read 4 reviews.

Latest release: version 1.8.3.3 on Feb. 10, 2011 (6 years, 4 months ago).

← previous page Tools 26–50 of 81 next page →

Categories

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]