SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

Filtering by tag:

remove filters
Sort by: popularity rating release date

← previous page Tools 71–80 of 94 next page →

(1) ★★★★★ KisMAC (#97, 42)

This popular wireless stumbler for Mac OS X offers many of the features of its namesake Kismet, though the codebase is entirely different. Unlike console-based Kismet, KisMAC offers a pretty GUI and was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import and logging, and even some decryption and deauthentication attacks. Read 1 review.

Latest release: version 0.3.3 on Feb. 7, 2011 (13 years, 3 months ago).

no rating ike-scan (#98, 45)

ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network. Most hosts running IKE will respond, identifying their presence. The tool then remains silent and monitors retransmission packets. These retransmission responses are recorded, displayed and matched against a known set of VPN product fingerprints. ike-scan can VPNs from manufacturers including Checkpoint, Cisco, Microsoft, Nortel, and Watchguard. Review this tool.

Latest release: version 1.9 on Jan. 24, 2007 (17 years, 4 months ago).

no rating cURL (#100, new!)

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, authentication, and more. libcurl provides these capabilities to other programs. Review this tool.

Latest release: version 7.44.0 on Aug. 12, 2015 (8 years, 9 months ago).

(2) ★★★½ The Sleuth Kit (#101, new!)

The Sleuth Kit (previously known as TSK) is a collection of UNIX-based command line file and volume system forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown. A graphical interface to the tools called Autopsy is available. Read 2 reviews.

Latest release: version 4.0.1 on Nov. 13, 2012 (11 years, 6 months ago).

(4) ★★★★ Websecurify (#102, new!)

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. Read 4 reviews.

Latest release: version 1.0.2 on Jan. 15, 2012 (12 years, 4 months ago).

no rating Knoppix (#103, 43)

Knoppix consists of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. Knoppix can be used as a productive Linux system for the desktop, educational CD, rescue system, or as many Nmap survey takers attest, a portable security tool. For a security-specific Linux distribution see BackTrack. Review this tool.

Latest release: version 7.2.0 on June 24, 2013 (10 years, 11 months ago).

no rating THC Amap (#104, 85)

Amap is a great tool for determining what application is listening on a given port. Their database isn't as large as what Nmap uses for its version detection feature, but it is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap even knows how to parse Nmap output files. This is yet another valuable tool from the great guys at THC. Review this tool.

Latest release: version 5.4 on April 1, 2011 (13 years, 1 month ago).

no rating RainbowCrack (#105, 56)

The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished. Read 1 review.

Latest release: version 1.61 on April 25, 2015 (9 years ago).

no rating Grendel-Scan (#106, new!)

Grendel-Scan is an open-source web application security testing tool. It has automated testing module for detecting common web application vulnerabilities, and features geared at aiding manual penetration tests. Review this tool.

Latest release: version 1.1.

(1) ★★★★★ dradis (#107, new!)

dradis is an open source framework to enable effective sharing of information among participants in a penetration test. It is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. It has plugins to read and collect the output of a variety of network scanning tools, like Nmap, Burp Suite, and Nikto. Read 1 review.

Latest release: version 2.6.1 on Feb. 11, 2011 (13 years, 3 months ago).

← previous page Tools 71–80 of 94 next page →

Categories