Home page logo
/

SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Filtering by tag:

remove filters
Sort by: popularity rating release date

← previous page Tools 76–100 of 107 next page →

(1) ★★★★ Sguil (#86, 1)

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis. Read 1 review.

Latest release: version 0.9.0 on March 28, 2014 (4 years, 2 months ago).

(1) ★★★★ Tamper Data (#88, new!)

Tamper Data is an add-on for Firefox that lets you view and modify HTTP requests before they are sent. It shows what information the web browser is sending on your behalf, such as cookies and hidden form fields. Use of this plugin can reveal web applications that trust the client not to misbehave. Read 1 review.

Latest release: version 10.1.1 on Feb. 11, 2010 (8 years, 4 months ago).

(4) ★★★★★ Firebug (#89, new!)

Firebug is an add-on for Firefox that provides access to browser internals. It features live editing of HTML and CSS, a DOM viewer, and a JavaScript debugger. Web application security testers appreciate the ability to see what's happening behind the scenes of the browser. Read 5 reviews.

Latest release: version 2.0.12 on Aug. 11, 2015 (2 years, 10 months ago).

(6) ★★★★½ inSSIDer (#90, new!)

inSSIDer is a wireless network scanner for Windows, OS X, and Android. It was designed to overcome limitations of NetStumbler, namely not working well on 64-bit Windows and Windows Vista. inSSIDer can find open wireless access points, track signal strength over time, and save logs with GPS records. Read 11 reviews.

Latest release: version 4.1.0 on Jan. 22, 2015 (3 years, 5 months ago).

no rating Nemesis (#91, 33)

The Nemesis Project is designed to be a commandline-based, portable human IP stack for UNIX/Linux (and now Windows!). The suite is broken down by protocol, and should allow for useful scripting of injected packet streams from simple shell scripts. If you enjoy Nemesis, you might also want to look at Hping as they complement each other well. Read 2 reviews.

Latest release: version 1.4beta3 on June 29, 2003 (14 years, 12 months ago).

(5) ★★★★★ KeePass (#92, new!)

KeePass is a password manager. It stores many passwords which are unlocked by one master password. The idea is to only have to remember one high-quality password, and still be able to use unique passwords for various accounts. It has a feature to automatically fill in passwords in web forms. Read 5 reviews.

Latest release: version 1.29 on April 3, 2015 (3 years, 2 months ago).

no rating GDB (#93, new!)

GDB is the GNU Project's debugger. Security folks use it to analyze unknown binaries, by getting disassemblies and stepping through a program instruction by instruction. GDB can debug programs written in Ada, C, C++, Objective-C, Pascal, and other languages. Review this tool.

Latest release: version 7.10 on Aug. 28, 2015 (2 years, 9 months ago).

(3) ★★★½ VirusTotal (#94, new!)

VirusTotal is a web service that analyzes submitted files for known viruses and other malware. It incorporates dozens of antivirus engines from different vendors, updated regularly with new signatures. Participating antivirus vendors can get alerts when a file is not detected by their product but is by someone else's. Read 5 reviews.

no rating Tripwire (#95, 58)

A file and directory integrity checker. Tripwire is a tool that aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner. Traditionally an open souce tool, Tripwire Corp is now focused on their commercial enterprise configuration control offerings. An open source Linux version can still be found at SourceForge. UNIX users may also want to consider AIDE, which has been designed to be a free Tripwire replacement. Or you may wish to investigate Radmind, rkhunter, or chkrootkit. Windows users may like RootkitRevealer from Sysinternals. Review this tool.

no rating ratproxy (#96, new!)

Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments. Review this tool.

Latest release: version 1.58 beta on May 1, 2009 (9 years, 1 month ago).

no rating ike-scan (#98, 45)

ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network. Most hosts running IKE will respond, identifying their presence. The tool then remains silent and monitors retransmission packets. These retransmission responses are recorded, displayed and matched against a known set of VPN product fingerprints. ike-scan can VPNs from manufacturers including Checkpoint, Cisco, Microsoft, Nortel, and Watchguard. Review this tool.

Latest release: version 1.9 on Jan. 24, 2007 (11 years, 5 months ago).

(1) ★★★★★ NetScanTools (#99, new!)

NetScanTools is a collection of over 40 network utilities for Windows, designed with an easy user interface in mind. It includes DNS tools, a ping and port scanner, traceroute, and other utilities. It comes in bundles with more or fewer tools based on the price. Read 3 reviews.

Latest release: version 11.30 on May 8, 2012 (6 years, 1 month ago).

no rating cURL (#100, new!)

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, authentication, and more. libcurl provides these capabilities to other programs. Review this tool.

Latest release: version 7.44.0 on Aug. 12, 2015 (2 years, 10 months ago).

(2) ★★★½ The Sleuth Kit (#101, new!)

The Sleuth Kit (previously known as TSK) is a collection of UNIX-based command line file and volume system forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown. A graphical interface to the tools called Autopsy is available. Read 2 reviews.

Latest release: version 4.0.1 on Nov. 13, 2012 (5 years, 7 months ago).

(4) ★★★★ Websecurify (#102, new!)

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. Read 4 reviews.

Latest release: version 1.0.2 on Jan. 15, 2012 (6 years, 5 months ago).

no rating THC Amap (#104, 85)

Amap is a great tool for determining what application is listening on a given port. Their database isn't as large as what Nmap uses for its version detection feature, but it is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap even knows how to parse Nmap output files. This is yet another valuable tool from the great guys at THC. Review this tool.

Latest release: version 5.4 on April 1, 2011 (7 years, 2 months ago).

no rating RainbowCrack (#105, 56)

The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished. Read 1 review.

Latest release: version 1.61 on April 25, 2015 (3 years, 1 month ago).

no rating Grendel-Scan (#106, new!)

Grendel-Scan is an open-source web application security testing tool. It has automated testing module for detecting common web application vulnerabilities, and features geared at aiding manual penetration tests. Review this tool.

Latest release: version 1.1.

(1) ★★★★★ dradis (#107, new!)

dradis is an open source framework to enable effective sharing of information among participants in a penetration test. It is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. It has plugins to read and collect the output of a variety of network scanning tools, like Nmap, Burp Suite, and Nikto. Read 2 reviews.

Latest release: version 2.6.1 on Feb. 11, 2011 (7 years, 4 months ago).

(1) ★★★★ DumpSec (#109, new!)

DumpSec is a security auditing program for Microsoft Windows NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information. Read 2 reviews.

Latest release: version 2.8.6 on June 3, 2010 (8 years ago).

(1) ★★★★★ NBTScan (#111, 72)

NBTScan is a program for scanning IP networks for NetBIOS name information (similar to what the Windows nbtstat tool provides against single hosts). It sends a NetBIOS status query to each address in a supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address. The original nbtscan was written by Alla Bezroutchko. Steve Friedl has written an alternate implementation. Read 2 reviews.

Latest release: version 1.5.1 on June 1, 2003 (15 years ago).

(1) ★★★★★ DirBuster (#112, new!)

DirBuster searches for hidden pages and directories on a web server. Sometimes developers will leave a page accessible, but unlinked; DirBuster is meant to find these potential vulnerabilities. This is a Java application developed by OWASP. Read 2 reviews.

Latest release: version 2.0-RC1 on March 3, 2009 (9 years, 3 months ago).

(1) ★★★★ WinDbg (#113, new!)

WinDbg is a graphical debugger from Microsoft. It is actually just one component of the Debugging Tools for Windows package, which also includes the KD, CDB, and NTSD debuggers. Its claim to fame is debugging memory dumps produced after a crash. It can even debug in kernel mode. Read 1 review.

Latest release: version 10.0.10075.9 on April 29, 2015 (3 years, 1 month ago).

no rating Wfuzz (#114, new!)

Wfuzz is a tool for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.), bruteforcing form parameters (user/password), fuzzing, and more. Review this tool.

Latest release: version 2.0 on Aug. 4, 2011 (6 years, 10 months ago).

(2) ★½ ArcSight SIEM platform (#115, new!)

ArcSight provides a suite of tools for SIEM—security information and event management. The best-known seems to be ArcSight Enterprise Security Manager (ESM), described as the "brain" of the SIEM platform. It is a log analyzer and correlation engine designed to sift out important network events. The ESM itself is a standalone appliance, and the management programs run on Linux, Windows, AIX, and Solaris. For open-source alternatives see OSSEC HIDS and OSSIM. Read 2 reviews.

← previous page Tools 76–100 of 107 next page →

Categories

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]