Tools

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.

0d1n

0d1n is a security tool to perform fuzzing of web applications and discover potential security issues. It is commonly used during security assignments.


Latest release: OdinV2.6 [May 17, 2019]

0trace

0trace is a reconnaissance tool for pentesting that uses hop enumeration within an existing TCP connection. Read the review and how it works.

0trace.py

The 0trace.py utility is a rewrite of 0trace (by another author) to perform reconnaissance and bypass network firewalls.

A2SV

A2SV is short for Auto Scanning to SSL Vulnerability, a security tool to scan for SSL and TLS vulnerabilities. It can be used during security assessments.

acccheck

The acccheck tool performs a password guessing and dictionary attack on SMB services used to share files and printers.

Acra

Acra is a database encryption proxy that provides encryption and data leakage prevention to applications. Read how it works in this review.


Latest release: 0.85.0 [March 15, 2019]

addrwatch

Addrwatch is a tool similar to arpwatch to monitor IPv4/IPv6 and ethernet address pairing.

Admin Page Finder (PHP)

Admin Page Finder is a tool written in PHP to find admin sections within a website. It can be used during pentesting and security assessments.

AESKeyFinder

AESKeyFinder is a tool to find 128-bit and 256-bit AES keys in a memory image.

afl (American fuzzy lop)

American fuzzy lop, or afl, is a security-oriented fuzzer. It helps with testing software to find unexpected results within applications.

Agafi

Agafi is short for Advanced Gadget Finder. This security tool helps with finding gadgets in programs, modules, and running processes.

AIL framework

AIL is a framework to analyze potential information leaks from unstructured data sources. For example, this may include data from Pastebin and similar services.


Latest release: 2.4 [Nov. 8, 2019]

aiodnsbrute (Async DNS Brute)

Async DNS Brute, or aiodnsbrute, is a security tool to help with resolving many DNS entries and the related discovery.


Latest release: 0.3.2 [June 4, 2019]

aircrack-ng

Aircrack-ng is a security toolkit to perform WiFi auditing. It can be useful for security assessments to test the security of the wireless network.


Latest release: 1.5.2 [Dec. 9, 2018]

airgeddon

Airgeddon is a toolkit to perform security assessments of wireless networks. It can perform different types of wireless attacks.


Latest release: 10.0 [Nov. 3, 2019]

Albatar

Albatar is an alternative to tools like sqlmap to find and exploit SQL injection vulnerabilities. However, this tool focuses on the exploitation side.

Aletheia

Aletheia is a project to manage secrets in Google Cloud with CloudKMS and Cloud Storage. It can be used to store sensitive data like authentication details.

Algo VPN

Algo VPN is a set of Ansible scripts to configure a personal VPN using IPSEC. Read the review and see how it works.


Latest release: 1.1 [July 31, 2019]

altdns

Altdns is a security tool to discover subdomains during pentesting. Read this review to learn how it works and how to use it.

Anchore

Anchore is a toolkit to perform in-depth container analysis, inspection, and controlling them. Among security scanning, it can do a wide range of functions.


Latest release: 0.5.1 [Oct. 10, 2019]

angr

Angr is a security tool written in Python to allow analyzing binaries. It provides a combination of static and dynamic analysis.

Anti-DDOS

Anti-DDOS is an open source software project developed to protect against DDoS attacks. The project consists of a shell script to set up iptables for traffic filtering. Additionally, it will configure kernel parameters to better withstand lots of network traffic.

APT2 (apt2)

APT2 is a tool written by Adam Compton and Austin Lane to help pentesters automate mundane scanning tasks. It leverages scan results from Nexpose, Nessus, or Nm

Arachni

Web Application Security Scanner aimed towards helping users evaluate the security of web applications

arch-audit

Utility like pkg-audit for Arch Linux to find vulnerable packages on the system

Archery

Archery is a Django-based application to perform vulnerability assessments and do vulnerability management.


Latest release: archerysec-v1.2 [April 11, 2019]

arpag

Arpag is a security tool to perform automatic exploiting of targets. It can be instructed to scan a set of ports and based on the outcome, it will search and active a related exploit.

arping

arping is a tool for the discovery of hosts on a computer network using the Address Resolution Protocol (ARP).


Latest release: arping-2.20 [Aug. 18, 2019]

Arpoison

Arpoison is a small utility to send custom ARP packets. It can be used during security assessments and pentests.

ArpON

ArpON is a host-based tool to improve the security of the Address Resolution Protocol (ARP).

arp-scan

arp-scan is a security tool that sends ARP packets to hosts on the local network. Any responses to the requests are displayed.

Assimilator

Assimilator is a firewall orchestration tool. It allows configuration and automation of firewall rules by proxy requests to different types of firewalls.

ATSCAN

ATSCAN is a security tool to perform a mass exploitation scan on search engines. It discovers targets that may be susceptible to exploitation.


Latest release: 17.0.0 [March 23, 2019]

AutoNessus (autonessus)

The AutoNessus tool helps with automating vulnerability scans via the Nessus API. It lists policies and can configure the state of scans.

AutoSploit

AutoSploit is short for automatic exploitation. The open source tool helps pentesters and ethical hackers. Read this review on see how it works.


Latest release: 4.0 [Sept. 4, 2019]

AWSBucketDump

AWSBucketDump is a security tool to find interesting files in AWS S3 buckets that are part of Amazon cloud services.

Azazel

Azazel is a Linux rootkit that uses the LD_PRELOAD technique to intercept system calls. Rootkits are a type of malicious software (malware).

bamfdetect

The bamfdetect tool helps with identification and extraction of information from bots and other malware.

Bandit

Bandit is an AST-based static analyzer for analyzing Python code. It helps with finding code flaws that could lead to security vulnerabilities.


Latest release: 1.6.2 [July 1, 2019]

bane

The bane tool is an AppArmor profile generator for Docker containers. It helps with creating the appropriate profile for confinement on system level.

BAP (Binary Analysis Platform)

BAP is the abbreviation for Binary Analysis Platform, a toolkit created by the Carnegie Mellon University. It helps with reverse engineering and program analysis. As it focuses on the analysis of binaries, it does not require the source code. Supported hardware architectures include ARM, x86, x86-64, PowerPC, and MIPS.


Latest release: 1.6.0 [April 4, 2019]

Bash Scanner

Bash Scanner is a security tool that does a quick scan to see if there are vulnerable packages. It uses an external service to validate.

Bastille Linux

Bastille Linux was a popular tool to perform hardening of systems running Linux and other flavors. It has not received updates in the last years.

BDA (Big Data Audit)

BDA is a vulnerability scanner for big data tools like Hadoop and Spark. It searches for configuration weaknesses and reports them. Read how it works in this review.


Latest release: 2.0 [May 4, 2019]

BeEF

The Browser Exploitation Framework (or BeEF) is a penetration testing tool that focuses on the web browser.


Latest release: beef-0.4.7.3 [May 5, 2019]

Belati

Belati is security tool to collect public data and information and calls itself a Swiss army knife for OSINT purposes.

BetterCAP

BetterCAP is a complete, modular, portable and easily extensible MitM tool and framework. It is maintained well and appreciated by many.


Latest release: 2.26.1 [Oct. 26, 2019]

Binary Analysis Next Generation (BANG)

Binary Analysis Next Generation (BANG) or binaryanalysis-ng is a security tool to perform binary analysis by Armijn Hemel. Learn how the tool works.

RSS feed icon for Linux security tools

Recently reviewed

  • Wapiti (vulnerability scanner for web applications)
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • Zeek (network security monitoring tool)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • CMSeeK (CMS detection and exploitation)
  • Bleach (sanitizing library for Django)
  • Malice (VirusTotal clone)
  • siemstress (basic SIEM solution)
  • Cutter (graphical user interface for radare2)
  • Hash Buster (find cleartext of hash)
  • BDA (vulnerability scan for Hadoop and Spark)
  • tlsenum (enumeration tool for TLS)
  • hBlock (ad blocking and tracker/malware protection)
  • nftables (network traffic filtering)
  • Prowler (AWS benchmark tool)
  • Termineter (smart meter security framework)
  • massh-enum (OpenSSH user enumeration)
  • Malscan (malware scanner for web servers)
  • GitMiner (Git data miner)