Tools starting with B
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Bandit is an AST-based static analyzer for analyzing Python code. It helps with finding code flaws that could lead to security vulnerabilities.
Latest release: 1.4.0 [Jan. 6, 2017]
The bane tool is an AppArmor profile generator for Docker containers. It helps with creating the appropriate profile for confinement on system level.
Latest release: 0.2.2 [June 7, 2017]
Bash Scanner is a security tool that does a quick scan to see if there are vulnerable packages. It uses an external service to validate.
Bastille Linux was a popular tool to perform hardening of systems running Linux and other flavors. It has not received updates in the last years.
BDA (Big Data Audit)
BDA is a security tool to test installations of Hadoop and Spark, often used to store big data sets. Configuration weaknesses and other issues can be detected.
Latest release: 0.1.1 [Feb. 3, 2017]
The Browser Exploitation Framework (or BeEF) is a penetration testing tool that focuses on the web browser.
Belati is security tool to collect public data and information and calls itself a Swiss army knife for OSINT purposes.
Latest release: 0.2.2-dev [June 20, 2017]
BetterCAP is a complete, modular, portable and easily extensible MitM tool and framework. It is maintained well and appreciated by many.
Latest release: 1.6.2 [Aug. 21, 2017]
Bingrep is a utility that can be described as the 'grep for binaries'. It runs on Linux and helps with reverse engineering and malware analysis.
Bitscout is a security tool that allows professionals performing digital forensics remotely. The toolkit creates a live-cd for this purpose.
Blackman is a tool for the BlackArch Linux distribution to install packages. It is similar to Emerge, the package manager that builds from sources.
BleachBit is an open source tool focused on maintaining your privacy by cleaning up sensitive data on the system.
Latest release: 1.17 [Feb. 22, 2017]
BlindElephant is a security tool to perform fingerprinting of web applications. It can discover the name and version of known web applications.
Boofuzz is a fork of Sulley fuzzing framework after its maintenance dropped. Besides numerous bug fixes, boofuzz aims for extensibility.
Latest release: 0.0.9 [Aug. 23, 2017]
BoopSuite a wireless pentesting suite to perform security auditing and test wireless networks. It can be used for penetration tests and security assignments.
Latest release: v.1 [Aug. 13, 2017]
Brakeman is a static code analysis tool for Ruby on Rails to perform a security review. It comes as an open source project with optional commercial support.
Latest release: 3.7.2 [Sept. 2, 2017]
Bro is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.
Latest release: 2.5.1 [June 26, 2017]
Buttercup is a cross-platform, free, and open-source password manager based on Node.js. It helps to store your passwords and secrets safely.
Latest release: 0.21.0 [Sept. 18, 2017]
- testssl.sh (TLS/SSL configuration scanner)
- WhatWeb (website fingerprinter)
- vallumd (distributed ipset blacklist for iptables)
- Nikto (web application scanner)
- Exploit Pack (penetration testing framework)
- sslcaudit (auditing tool for SSL/TLS clients)
- Oscanner (Oracle assessment framework)
- SSHsec (SSH configuration scanner)
- VulnFeed (vulnerability feed parser)
- OpenSSL (TLS and SSL toolkit)
- VHostScan (virtual host scanner)
- swap_digger (data excavation tool for Linux swap)
- not24get (password quality checker)
- Certigo (certificate validator tool)
- Trawler (data collection framework for phishing results)
- SCUTUM (ARP filtering)
- Metagoofil (information gathering tool)
- Kube-Bench (security benchmark testing for Kubernetes)
- Dionaea (honeypot)
- NoSQLMap (database enumeration and exploitation)
- Thug (low-interaction honeyclient)
- OpenVAS (vulnerability scanner)
- Wapiti (vulnerability scanner for web applications)