SecTools.Org: Top 125 Network Security Tools

For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner, Ncat network connector, and Nping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

← previous page Tools 11–20 of 93 next page →

(2) ★★★★★ OpenSSH/PuTTY/SSH (#12, 2)

SSH (Secure Shell) is the now ubiquitous program for logging into or executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network, replacing the hideously insecure telnet/rlogin/rsh alternatives. Most UNIX users run the open source OpenSSH server and client. Windows users often prefer the free PuTTY client, which is also available for many mobile devices, and WinSCP. Other Windows users prefer the nice terminal-based port of OpenSSH that comes with Cygwin. There are dozens of other free and proprietary clients to consider as well. Read 2 reviews.

• • 
  • 
  • 
  • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • crypto

(19) ★★★★½ Burp Suite (#13, 63)

Burp Suite is an integrated platform for attacking web applications. It contains a variety of tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All of the tools share the same framework for handling and displaying HTTP messages, persistence, authentication, proxies, logging, alerting and extensibility. There is a limited free version and also Burp Suite Professional ($299 per user per year). Read 22 reviews.

Latest release: version 1.4.01 on June 3, 2011 (12 years, 10 months ago).

• • 
• • 
  • 
  • 
  • 
  • 
• • web-scanners

(10) ★★★★½ Nikto (#14, 2)

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated. Read 15 reviews.

Latest release: version 2.1.4 on Feb. 20, 2011 (13 years, 2 months ago).

• • 
• • 
  • 
  • 
  • 
  • 
  • 
• • web-scanners

(3) ★★★★★ Hping (#15, 9)

This handy little utility assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. Hping is particularly useful when trying to traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities. This often allows you to map out firewall rule sets. It is also great for learning more about TCP/IP and experimenting with IP protocols. Unfortunately, it hasn't been updated since 2005. The Nmap Project created and maintains Nping, a similar program with more modern features such as IPv6 support, and a unique echo mode. Read 4 reviews.

Latest release: version hping3-20051105 on Nov. 5, 2005 (18 years, 5 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • packet-crafters

(5) ★★★★★ Ettercap (#16, 5)

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. Read 8 reviews.

Latest release: version 0.8.2-Ferri on March 14, 2015 (9 years, 1 month ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • sniffers
  • traffic-monitors

(15) ★★★½ w3af (#18, new!)

W3af is an extremely popular, powerful, and flexible framework for finding and exploiting web application vulnerabilities. It is easy to use and extend and features dozens of web assessment and exploitation plugins. In some ways it is like a web-focused Metasploit. Read 18 reviews.

Latest release: version 1.1 on Oct. 11, 2011 (12 years, 6 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • fuzzers
  • sploits
  • web-scanners

(30) ★★★★ OpenVAS (#19, new!)

OpenVAS is a vulnerability scanner that was forked from the last free version of Nessus after that tool went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. The project seemed dead for a while, but development has restarted. Read 35 reviews.

Latest release: version 8.0 on April 2, 2015 (9 years ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • vuln-scanners

(13) ★★★★★ Scapy (#20, 8)

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. Note that Scapy is a very low-level tool—you interact with it using the Python programming language. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Read 16 reviews.

Latest release: version 2.2.0 on Feb. 28, 2011 (13 years, 1 month ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • packet-crafters

(2) ★★★★★ Ping/telnet/dig/traceroute/whois/netstat (#21, 8)

While there are many advanced high-tech tools out there to assist in security auditing, don't forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that Windows omits whois and uses the name tracert). They can be very handy in a pinch, although more advanced functionality is available from Hping and Netcat. Read 3 reviews.

• • 
  • 
  • 
  • 
  • 
  • 
• • general

(8) ★★★★½ THC Hydra (#22, 7)

When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC. Other online crackers are Medusa and Ncrack. The Nmap Security Scanner also contains many online brute force password cracking modules. Read 25 reviews.

Latest release: version 8.2 on June 16, 2016 (7 years, 10 months ago).

• • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • pass-audit

← previous page Tools 11–20 of 93 next page →

Categories

• Antimalware (3)
• Application-specific scanners (3)
• Web browser–related (4)
• Encryption tools (8)
• Debuggers (5)
• Firewalls (2)
• Forensics (4)
• Fuzzers (4)
• General-purpose tools (8)
• Intrusion detection systems (6)
• Packet crafting tools (6)
• Password auditing (12)
• Port scanners (4)
• Rootkit detectors (5)
• Security-oriented operating systems (5)
• Packet sniffers (14)
• Vulnerability exploitation tools (11)
• Traffic monitoring tools (10)
• Vulnerability scanners (11)
• Web proxies (4)
• Web vulnerability scanners (20)
• Wireless tools (5)