SecTools.Org: Top 125 Network Security Tools
For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).
We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!
The Social Engineer Toolkit incorporates many useful social-engineering attacks all in one interface. The main purpose of SET is to automate and improve on many of the social-engineering attacks out there. It can automatically generate exploit-hiding web pages or email messages, and can use Metasploit payloads to, for example, connect back with a shell once the page is opened. Read 74 reviews.
Yersinia is a low-level protocol attack tool useful for penetration testing. It is capable of many diverse attacks over multiple protocols, such as becoming the root role in the Spanning Tree (Spanning Tree Protocol), creating virtual CDP (Cisco Discovery Protocol) neighbors, becoming the active router in a HSRP (Hot Standby Router Protocol) scenario, faking DHCP replies, and other low-level attacks. Read 3 reviews.
Latest release: version 0.7.1 on Jan. 26, 2007 (15 years, 8 months ago).
Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Read 4 reviews.
Latest release: version 184.108.40.206 on July 23, 2015 (7 years, 2 months ago).
sslstrip is an SSL stripping proxy, designed to make unencrypted HTTP sessions look as much as possible like HTTPS sessions. It converts https links to http or to https with a known private key. It even provides a padlock favicon for the illusion of a secure channel. Many HTTPS sites are normally accessed from a redirect on an HTTP page, and many users don't notice when their connection isn't upgraded. Read 2 reviews.
Latest release: version 0.7 on Dec. 18, 2009 (12 years, 9 months ago).
ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop. Review this tool.
Latest release: version 1.45 on Nov. 28, 2006 (15 years, 10 months ago).
Featuring link layer, IP, and TCP modes, EtherApe displays network activity graphically with a color coded protocols display. Hosts and links change in size with traffic. It supports Ethernet, WLAN, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network. Review this tool.
Latest release: version 0.9.13 on May 5, 2013 (9 years, 5 months ago).
(3) ★★½ Angry IP Scanner (#66, 15)
Angry IP Scanner is a small open source Java application which performs host discovery ("ping scan") and port scans. The old 2.x release was Windows-only, but the new 3.X series runs on Linux, Mac, or Windows as long as Java is installed. Version 3.X omits the vampire zebra logo. As with all connect()-based scanners, performance on Windows XP SP2 and newer be poor due to limitations added to tcpip.sys. The FAQ provides details and workarounds. A short review was posted to nmap-dev in 2008. Read 4 reviews.
Latest release: version 3.0-beta4 on March 23, 2009 (13 years, 6 months ago).
(6) ★★★★½ Secunia PSI (#68, new!)
Secunia PSI (Personal Software Inspector) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins that expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus programs. Secunia PSI checks only the machine it is running on, while its commercial sibling Secunia CSI (Corporate Software Inspector) scans multiple machines on a network. Read 6 reviews.
Latest release: version 2.0 on Jan. 10, 2011 (11 years, 9 months ago).
Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method). Read 8 reviews.
Latest release: version 4.0.8 on Aug. 12, 2014 (8 years, 1 month ago).
(4) ★★★½ Immunity Debugger (#70, new!)
Immunity Debugger is a debugger whose design reflects the need to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility. Read 6 reviews.
Latest release: version 1.80 on Dec. 6, 2010 (11 years, 10 months ago).
- Antimalware (3)
- Application-specific scanners (3)
- Web browser–related (4)
- Encryption tools (8)
- Debuggers (5)
- Firewalls (2)
- Forensics (4)
- Fuzzers (4)
- General-purpose tools (8)
- Intrusion detection systems (6)
- Packet crafting tools (6)
- Password auditing (12)
- Port scanners (4)
- Rootkit detectors (5)
- Security-oriented operating systems (5)
- Packet sniffers (14)
- Vulnerability exploitation tools (11)
- Traffic monitoring tools (10)
- Vulnerability scanners (11)
- Web proxies (4)
- Web vulnerability scanners (20)
- Wireless tools (5)