Assimilator alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

59

0trace.py

The 0trace.py utility is a rewrite of 0trace (by another author) to perform reconnaissance and bypass network firewalls.

This security tool enables the user to perform hop enumeration (similar to traceroute). Instead of sending actual packets, it uses an established TCP connection.

67

360-FAAR

Supported firewall configurations

  • Checkpoint FW1
  • Cisco ASA
  • Netscreen ScreenOS

64

DFWFW (Docker Firewall Framework)

DFWFW, short of Docker Firewall Framework, offers easy administration of the iptables rules of Docker containers. It updates using event streams.

Project details

DFWFW is written in Perl.

Strengths and weaknesses

  • + The source code of this software is available
  • - Full name of author is unknown

Typical usage

  • Firewall management

DFWFW project page

78

Douane

Douane is an application firewall that interacts with the user to allow or deny new network connections.

Project details

Douane is written in C, C++, GTK+.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Network traffic filtering

    Douane project page

    89

    FireHOL

    FireHOL is promoted as an iptables stateful packet filtering firewall for humans. It also comes with FireQOS, which a bandwidth shaper based on tc.

    Project details

    FireHOL is written in shell script.

    Strengths and weaknesses

    • + More than 500 GitHub stars
    • + The source code of this software is available

      Typical usage

      • Firewall management
      • Network traffic filtering

      FireHOL project page

      44

      iptables

      Iptables is the well-known network traffic filtering engine for Linux.

      Project details

      Strengths and weaknesses

      • + Well-known tool

        Typical usage

        • Network traffic filtering

        iptables project page

        67

        Knock

        A port knocking implementation to make network ports to become stealth or trigger events based on a port knocking sequence.

        Knock implements the principle of port knocking. It does so by using libpcap to sniff network traffic on interfaces and then use that to see if it matches a predefined sequence of steps.

        Project details

        Knock is written in C.

        Strengths and weaknesses

        • + Project is mature (10+ years)
        • - No updates for a while

        Knock project page

        56

        LPFW (LeoPard FloWer)

        LPFW is the abbreviation for LeoPard FloWer and is an application firewall for Linux.

        Project details

        LPFW is written in C++, Python.

        Strengths and weaknesses

        • + The source code of this software is available
        • - Unknown project license

        Typical usage

        • Network traffic filtering

        LPFW project page

        70

        nftables

        nftables is a subsystem of the Linux kernel to filter and classify network traffic and supposed to replace netfilter.

        nftables is supposed to replace netfilter as the primary interface of network filtering. It is available since Linux kernel 3.13. Both netfilter and nftables have been co-authored by Patrick McHardy.

        Project details

        nftables is written in C.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Network traffic filtering

          nftables project page

          64

          OpenSnitch

          OpenSnitch is a Linux port of the popular macOS Little Snitch application firewall

          OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.

          The OpenSnitch tool relies on NFQUEUE, which is an extension for iptables. With this extension software running in userland can intercept IP packets and allow/drop them.

          Project details

          OpenSnitch is written in Python.

          Strengths and weaknesses

          • + More than 2000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Network traffic filtering

            OpenSnitch project page

            60

            opensvp

            Opensvp is a security tool to test firewall software. It uses protocol level attacks to determine if the firewall is vulnerable to a type of attack.

            Project details

            opensvp is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Application testing
              • Defense testing
              • Penetration testing
              • Security assessment

              opensvp project page

              84

              pyknock

              Pyknock is a tool to perform UDP port knocking with HMAC-PSK authentication. It can be used to harden systems and limit access to specific network ports.

              Project details

              pyknock is written in Python.

              Strengths and weaknesses

              • + The source code of this software is available
              • - No releases on GitHub available

              Typical usage

              • Network traffic filtering
              • System hardening

              pyknock project page

              The tool with the highest score in this overview is FireHOL. It might be a good candidate to replace Assimilator.