SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

← previous page Tools 31–40 of 81 next page →

(3) ★★★★½ OSSIM (#48, new!)

Alienvault OSSIM stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant network/security administrators with a detailed view over each and every aspect of networks, hosts, physical access devices, and servers. OSSIM incorporates several other tools, including Nagios and OSSEC HIDS. Read 3 reviews.

Latest release: version 5.0.3 on June 2, 2015 (8 years, 10 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • ids

(1) ★★★★★ Canvas (#51, 37)

Canvas is a commercial vulnerability exploitation tool from Dave Aitel's ImmunitySec. It includes more than 370 exploits and is less expensive than Core Impact or the commercial versions of Metasploit. It comes with full source code, and occasionally even includes zero-day exploits. Read 1 review.

Latest release: version 6.73 on Oct. 26, 2011 (12 years, 5 months ago).

• • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • sploits

(1) ★★★★★ Tor (#53, 6)

Tor is a network of virtual tunnels designed to improve privacy and security on the Internet by routing your requests through a series of intermediate machines. It uses a normal proxy server interface so that ordinary Internet applications like web browsers and chat programs can be configured to use it. In addition to helping preserve users' anonymity, Tor can help evade firewall restrictions. Tor's hidden services allow users publish web sites and other services without revealing their identity or location. For a free cross-platform GUI, users recommend Vidalia. Remember that Tor exit nodes are sometimes run by malicious parties and can sniff your traffic, so avoid authenticating using insecure network protocols (such as non-SSL web sites and mail servers). That is always dangerous, but particularly bad when routing through Tor. Read 1 review.

Latest release: version 0.2.6.10 on July 12, 2015 (8 years, 9 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • crypto

(1) ★★★ Retina (#54, 29)

Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research. Read 2 reviews.

• • 
• • 
  • 
  • 
• • vuln-scanners

(4) ★★★★½ Firefox (#55, new!)

Firefox is a web browser, a descendant of Mozilla. It emerged as a serious competitor to Internet Explorer, with improved security as one of its features. While Firefox no longer has a stellar security record, security professionals still appreciate it for its wide selection of security-related add-ons, including Tamper Data, Firebug, and NoScript. Read 4 reviews.

Latest release: version 40.0.3 on Aug. 27, 2015 (8 years, 7 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • browser
  • general

(2) ★★★ OpenVPN (#56, 36)

OpenVPN is an open-source SSL VPN package which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN uses OpenSSL as its primary cryptographic library. Read 2 reviews.

Latest release: version 2.3.8 on Aug. 4, 2015 (8 years, 8 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • crypto

(1) ★★★★ L0phtCrack (#57, 30)

L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009. For free alternatives, consider ophcrack, Cain and Abel, or John the Ripper. Read 1 review.

Latest release: version 6.0.11 on Jan. 9, 2011 (13 years, 3 months ago).

• • 
  • 
• • 
  • 
  • 
• • pass-audit

(2) ★★★★★ Yersinia (#59, 7)

Yersinia is a low-level protocol attack tool useful for penetration testing. It is capable of many diverse attacks over multiple protocols, such as becoming the root role in the Spanning Tree (Spanning Tree Protocol), creating virtual CDP (Cisco Discovery Protocol) neighbors, becoming the active router in a HSRP (Hot Standby Router Protocol) scenario, faking DHCP replies, and other low-level attacks. Read 3 reviews.

Latest release: version 0.7.1 on Jan. 26, 2007 (17 years, 2 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • packet-crafters

(4) ★★★★★ Fiddler (#60, new!)

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language. Read 4 reviews.

Latest release: version 4.5.1.5 on July 23, 2015 (8 years, 9 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
• • web-proxy

(1) ★ SolarWinds (#62, 16)

SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more. Read 2 reviews.

• • 
  • 
• • 
  • 
  • 
• • pass-audit
  • traffic-monitors

← previous page Tools 31–40 of 81 next page →

Categories

• Antimalware (3)
• Application-specific scanners (3)
• Web browser–related (4)
• Encryption tools (8)
• Debuggers (5)
• Firewalls (2)
• Forensics (4)
• Fuzzers (4)
• General-purpose tools (8)
• Intrusion detection systems (6)
• Packet crafting tools (6)
• Password auditing (12)
• Port scanners (4)
• Rootkit detectors (5)
• Security-oriented operating systems (5)
• Packet sniffers (14)
• Vulnerability exploitation tools (11)
• Traffic monitoring tools (10)
• Vulnerability scanners (11)
• Web proxies (4)
• Web vulnerability scanners (20)
• Wireless tools (5)