SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

← previous page Tools 51–60 of 94 next page →

(3) ★★½ Superscan (#71, 49)

Superscan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone (now part of McAfee). It includes a variety of additional networking tools such as ping, traceroute, HTTP HEAD, and whois. Some functionality has been crippled by restrictions imposed by Microsoft in Windows XP SP2 and newer releases. This tool is not really maintained (the latest release was in 2004). Read 4 reviews.

Latest release: version 4.0 on March 11, 2004 (20 years, 1 month ago).

• • 
  • 
• • 
  • 
  • 
• • port-scanners

no rating sqlninja (#72, new!)

sqlininja exploits web applications that use Microsoft SQL Server as a database backend. Its focus is on getting a running shell on the remote host. sqlninja doesn't find an SQL injection in the first place, but automates the exploitation process once one has been discovered. Review this tool.

Latest release: version 0.2.6-r1 on April 29, 2012 (11 years, 12 months ago).

• • 
• • 
  • 
  • 
  • 
  • 
  • 
• • sploits

(1) ★★★★★ BeEF (#77, new!)

BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers. It is designed to make the creation of new exploit modules easy. Read 4 reviews.

Latest release: version 0.4.5.0 on April 25, 2014 (10 years ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • sploits

(2) ★★★★★ Argus (#78, 5)

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information. There is also another open source network monitoring program named Argus. Read 3 reviews.

Latest release: version 3.7 on Feb. 1, 2013 (11 years, 2 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • traffic-monitors

(3) ★★★★★ OpenBSD PF (#79, 22)

Like Netfilter and ipfilter on other platforms, OpenBSD users love PF, their firewall tool. It handles network address translation, normalizing TCP/IP traffic, providing bandwidth control, and packet prioritization. It also offers some eccentric features, such as passive OS detection. Coming from the same guys who created OpenBSD, you can trust that it has been well audited and coded to avoid the sort of security holes we have seen in other  packet  filters. Read 4 reviews.

Latest release: version 5.3 on May 1, 2012 (11 years, 12 months ago).

• • 
  • 
• • 
  • 
  • 
• • firewalls

no rating ClamAV (#80, 6)

ClamAV is a powerful AntiVirus scanner focused towards integration with mail servers for attachment scanning. It provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via the Internet. Clam AntiVirus is based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date. The project was acquired by Sourcefire in 2007. Review this tool.

Latest release: version 0.98.7 on April 28, 2015 (9 years ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • antimalware

(1) ★★★ NetworkMiner (#82, new!)

NetworkMiner is a Network Forensic Analysis Tool for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse pcap files for off-line analysis and to regenerate/reassemble transmitted files and certificates from pcap files. In contrast to other sniffers like Wireshark, NetworkMiner's display focuses on hosts and their attributes rather than raw packets. Read 1 review.

Latest release: version 1.0 on Feb. 5, 2011 (13 years, 2 months ago).

• • 
• • 
  • 
  • 
  • 
  • 
• • sniffers

(1) ★★★★★ Wikto (#83, 1)

Wikto is a tool that checks for flaws in webservers. It provides much the same functionality as Nikto but adds various interesting pieces of functionality, such as a Back-End miner and close Google integration. Wikto is written for the MS .NET environment and registration is required to download the binary and/or source code. Read 1 review.

Latest release: version 2.1.0.0 on Dec. 14, 2008 (15 years, 4 months ago).

• • 
• • 
  • 
  • 
  • 
• • web-scanners

no rating P0f (#84, 51)

P0f is able to identify the operating system of a target host simply by examining captured packets even when the device in question is behind an overzealous packet firewall. P0f does not generate ANY additional network traffic, direct or indirect. No name lookups, no mysterious probes, no ARIN queries, nothing. In the hands of advanced users, P0f can detect firewall presence, NAT use, existence of load balancers, and more! Review this tool.

Latest release: version 2.0.8 on Sept. 6, 2006 (17 years, 7 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • sniffers
  • traffic-monitors

(2) ★★★★★ NoScript (#85, new!)

NoScript is an add-on for Firefox that blocks JavaScript, Java, Flash, and other plugin content (allowing you to selectively re-enable them for certain sites). It also offers cross-site scripting protection. This is mainly designed to keep web users safe, but security testers can also use the add-on to see what scripts a site is using. One caution is that the NoScript author Giorgio Maone has been caught inserting hidden code into NoScript which disabled users' ad-blocking software so that ads would still show up on the NoScript web site. He did post a lengthy apology. Read 3 reviews.

Latest release: version 2.6.9.36 on Aug. 20, 2015 (8 years, 8 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • browser

← previous page Tools 51–60 of 94 next page →

Categories

• Antimalware (3)
• Application-specific scanners (3)
• Web browser–related (4)
• Encryption tools (8)
• Debuggers (5)
• Firewalls (2)
• Forensics (4)
• Fuzzers (4)
• General-purpose tools (8)
• Intrusion detection systems (6)
• Packet crafting tools (6)
• Password auditing (12)
• Port scanners (4)
• Rootkit detectors (5)
• Security-oriented operating systems (5)
• Packet sniffers (14)
• Vulnerability exploitation tools (11)
• Traffic monitoring tools (10)
• Vulnerability scanners (11)
• Web proxies (4)
• Web vulnerability scanners (20)
• Wireless tools (5)