360-FAAR alternatives

Looking for an alternative tool to replace 360-FAAR? During the review of 360-FAAR we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. 0trace.py (reconnaissance and firewall bypass tool)
  2. FireAway (firewall audit and bypass tool)
  3. opensvp (firewall testing tool)

These tools are ranked as the best alternatives to 360-FAAR.

Alternatives (by score)

56

0trace.py

Introduction

This security tool enables the user to perform hop enumeration (similar to traceroute). Instead of sending actual packets, it uses an established TCP connection.

Project details

0trace.py is written in Python.

Strengths and weaknesses

  • + Project is mature (10+ years)
  • - Unknown project license

Typical usage

  • Bypassing firewall rules
  • Bypassing security measures
  • Reconnaissance

0trace.py review

56

FireAway

Introduction

FireAway is a security tool to test the security of a firewall by trying to bypass its rules. It will use different methods to hide data or avoid detection by the firewall itself. This tool can be used for both defensive as offensive security.

Project details

FireAway is written in Python.

Strengths and weaknesses

  • + The source code of this software is available
  • - No releases on GitHub available
  • - Unknown project license

Typical usage

  • Bypassing firewall rules
  • Firewall auditing
  • Network traffic filtering
  • Penetration testing

FireAway review

60

opensvp

Introduction

Tools like opensvp can be used to test the strength of a configuration from the outside. It makes it a good tool for penetration testing and security assessments. While people may feel safe to have a firewall in place, it might be unknowingly vulnerable to several attacks on protocol level. This tool helps with finding these weaknesses.

Project details

opensvp is written in Python.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Application testing
    • Defense testing
    • Penetration testing
    • Security assessment

    opensvp review

    68

    Cloud Security Suite (CS Suite)

    Introduction

    Cloud Security Suite (CS Suite) is a security toolkit that allows scanning Amazon, Google, and Azure cloud platforms. It leverages tools like Lynis, Prowler, and Scout2 to collect all information. The promise of the tool is to simplify the installation of the tools, their configuration, and the data collection.

    Project details

    Cloud Security Suite is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available
    • - No releases on GitHub available

    Typical usage

    • IT audit
    • Configuration audit
    • Penetration testing
    • System hardening

    Cloud Security Suite review

    89

    OpenSCAP

    Introduction

    The OpenSCAP project provides a wide variety of hardening guides, configuration baselines, and tools to test for vulnerabilities and configuration issues. It uses SCAP as the protocol to store the underlying data.

    Project details

    OpenSCAP is written in C.

    Strengths and weaknesses

    • + More than 25 contributors
    • + The source code of this software is available
    • + Supported by a large company

      Typical usage

      • Security assessment
      • Vulnerability scanning

      OpenSCAP review

      84

      Docker Bench for Security

      Introduction

      Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.

      Project details

      Docker Bench for Security is written in shell script.

      Strengths and weaknesses

      • + More than 25 contributors
      • + Screen output is colored
      • + More than 3000 GitHub stars
      • + The source code of this software is available

        Typical usage

        • Application security
        • Configuration audit
        • Security assessment

        Docker Bench for Security review

        64

        LUNAR

        Introduction

        LUNAR is short for Lockdown UNix Auditing and Reporting and runs on the system itself.

        Project details

        LUNAR is written in shell script.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Security assessment
          • Self-assessment
          • System hardening

          LUNAR review

          100

          Lynis

          Introduction

          Lynis is an open-source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.

          Project details

          Lynis is written in shell script.

          Strengths and weaknesses

          • + The source code is easy to read and understand
          • + More than 100 contributors
          • + More than 8000 GitHub stars
          • + Tool is easy to use
          • + Available as package (simplified installation)
          • + Commercial support available
          • + Used language is shell script
          • + Very low number of dependencies
          • + Project is mature (10+ years)
          • + The source code of this software is available

            Typical usage

            • IT audit
            • Penetration testing
            • Security assessment
            • System hardening
            • Vulnerability scanning

            Lynis review

            85

            Prowler

            Introduction

            Prowler is a security tool to check systems on AWS against the related CIS benchmark. This benchmark provides a set of best practices for AWS. The primary usage for this tool is system hardening and compliance checking.

            Project details

            Prowler is written in shell script.

            Strengths and weaknesses

            • + More than 25 contributors
            • + More than 500 GitHub stars
            • + The source code of this software is available

              Typical usage

              • Compliance testing
              • Security assessment
              • System hardening

              Prowler review

              60

              VHostScan

              Introduction

              Tools like VHostScan are powerful to perform reconnaissance and discover configuration defaults. This can be useful during penetration tests or security testing, to see if a system has been stripped from default pages. If not, this tool might discover them and provide valuable information about the system.

              Project details

              VHostScan is written in Python.

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • Penetration testing
                • Reconnaissance

                VHostScan review

                60

                orthrus

                Introduction

                Orthrus is a security framework and auditing tool. It allows monitoring and analyzing security configurations across multiple environments.

                Project details

                orthrus is written in Golang.

                Strengths and weaknesses

                • + The source code of this software is available
                • - Project is in early phase and may be unstable

                Typical usage

                • Security assessment
                • Self-assessment
                • System hardening
                • Vulnerability scanning

                orthrus review

                60

                otseca

                Introduction

                Tools like otseca help with data collection. This could be useful for system administrators to collect data on a regular interval. This data then can be compared with a future data capture. Another possibility is to use it during pentesting. In that case one should have already obtained root access, as the tool requires this as well.

                Project details

                otseca is written in shell script.

                Strengths and weaknesses

                • + The source code is easy to read and understand
                • + Tool is modular and extendable
                • + The source code of this software is available

                  Typical usage

                  • Configuration audit
                  • Penetration testing
                  • Security assessment

                  otseca review

                  60

                  ssh_scan

                  Introduction

                  This tool is light on its dependencies, as it only uses Ruby and BinData. The scanner is simple to use, as it is limited in the number of parameters and options. There is also the ability to show the results on the screen or export the data to a JSON file. The latter is great if you want to do further processing of the details, or simply store them for later comparison.

                  Project details

                  ssh_scan is written in Ruby.

                  Strengths and weaknesses

                  • + More than 10 contributors
                  • + Many releases available
                  • + The source code of this software is available
                  • + Supported by a large company

                    Typical usage

                    • Penetration testing
                    • Security assessment
                    • System hardening
                    • Vulnerability scanning

                    ssh_scan review

                    60

                    Assimilator

                    Introduction

                    A tool like Assimilator can be of great help to 'normalize' all firewall rules into one place. Especially when a company uses different firewalls, each with their own syntax and specifics. Assimilator will then simplify the way firewall rules are created and managed.

                    Project details

                    Assimilator is written in Python.

                    Strengths and weaknesses

                    • + The source code of this software is available

                      Typical usage

                      • Network traffic filtering

                      Assimilator review

                      60

                      Chiron

                      Introduction

                      Chiron is a security assessment framework for IPv6. It provides several modules including an IPv6 scanner, IPv6 Local Link, IPv4-to-IPv6 proxy, IPv6 attack module, and IPv6 proxy. These modules help to perform an assessment, like a penetration test.

                      The tool uses IPv6 extension headers to create a headers chain. This may allow evading security devices like IDS, IPS, and firewalls. Due to the flexibility of the framework, the tool can also be used to perform fuzzing of the IPv6 stack of a device.

                      Project details

                      Chiron is written in Python.

                      Strengths and weaknesses

                      • + The source code of this software is available
                      • - No releases on GitHub available

                      Typical usage

                      • Network analysis
                      • Network scanning
                      • Network security monitoring

                      Chiron review

                      64

                      DFWFW (Docker Firewall Framework)

                      Introduction

                      DFWFW, short of Docker Firewall Framework, offers easy administration of the iptables rules of Docker containers. It updates using event streams.

                      Project details

                      DFWFW is written in Perl.

                      Strengths and weaknesses

                      • + The source code of this software is available
                      • - Full name of author is unknown

                      Typical usage

                      • Firewall management

                      DFWFW review

                      81

                      Douane

                      Introduction

                      Douane is an application firewall that blocks unknown or unwanted traffic. It provides a more fine-grained filtering as it looks at the combination of application and used network ports. This is useful when allowing common browse traffic on port 80 and 443. Instead of all applications being able to use this port, only the ones that are granted access will be able to do so. When a new connection is not trusted yet, Douane will ask to allow or deny the traffic stream.

                      Project details

                      Douane is written in C, C++, GTK+.

                      Strengths and weaknesses

                      • + The source code of this software is available

                        Typical usage

                        • Network traffic filtering

                        Douane review

                        74

                        FireHOL

                        Introduction

                        FireHOL is promoted as an iptables stateful packet filtering firewall for humans. It also comes with FireQOS, which a bandwidth shaper based on tc.

                        Project details

                        FireHOL is written in shell script.

                        Strengths and weaknesses

                        • + More than 500 GitHub stars
                        • + The source code of this software is available

                          Typical usage

                          • Firewall management
                          • Network traffic filtering

                          FireHOL review

                          63

                          Knock

                          Introduction

                          Knock implements the principle of port knocking. It does so by using libpcap to sniff network traffic on interfaces and then use that to see if it matches a predefined sequence of steps.

                          Project details

                          Knock is written in C.

                          Strengths and weaknesses

                          • + Project is mature (10+ years)
                          • - No updates for a while

                          Knock review

                          56

                          LPFW (LeoPard FloWer)

                          Introduction

                          LPFW is the abbreviation for LeoPard FloWer and is an application firewall for Linux.

                          Project details

                          LPFW is written in C++, Python.

                          Strengths and weaknesses

                          • + The source code of this software is available
                          • - Unknown project license

                          Typical usage

                          • Network traffic filtering

                          LPFW review

                          97

                          OpenSnitch

                          Introduction

                          OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.

                          Project details

                          OpenSnitch is written in Golang.

                          Strengths and weaknesses

                          • + More than 3000 GitHub stars
                          • + The source code of this software is available
                          • - No releases on GitHub available

                          Typical usage

                          • Network traffic filtering

                          OpenSnitch review

                          67

                          iptables

                          Introduction

                          The iptables tool is the userspace command line program part of the netfilter project. Since Linux 2.4 it is the standard packet filtering engine. Among standard traffic filtering, it can be used for Network Address Translation (NAT).

                          Project details

                          iptables is written in C.

                          Strengths and weaknesses

                          • + The source code of this software is available
                          • + Well-known tool

                            Typical usage

                            • Network traffic filtering

                            iptables review

                            67

                            nftables

                            Introduction

                            nftables is supposed to replace netfilter as the primary interface of network filtering. It is available since Linux kernel 3.13. Both netfilter and nftables have been co-authored by Patrick McHardy.

                            Project details

                            nftables is written in C.

                            Strengths and weaknesses

                            • + The source code of this software is available

                              Typical usage

                              • Network traffic filtering

                              nftables review

                              100

                              Faraday

                              Introduction

                              Faraday helps teams to collaborate when working on penetration tests or vulnerability management. It stores related security information in one place, which can be easily tracked and tested by other colleagues.

                              Project details

                              Faraday is written in Python.

                              Strengths and weaknesses

                              • + Commercial support available
                              • + More than 1000 GitHub stars
                              • + The source code of this software is available

                                Typical usage

                                • Collaboration
                                • Penetration testing
                                • Security assessment
                                • Vulnerability scanning

                                Faraday review

                                60

                                Scout2

                                Introduction

                                Scout2 is a security tool to assess the security of an AWS environment. It can be used for system hardening and IT audits.

                                Project details

                                Scout2 is written in Python.

                                Strengths and weaknesses

                                • + More than 10 contributors
                                • + More than 500 GitHub stars

                                  Typical usage

                                  • IT audit
                                  • Security assessment
                                  • Self-assessment
                                  • System hardening

                                  Scout2 review

                                  Some relevant tool missing as an alternative to 360-FAAR? Please contact us with your suggestion.