Tools starting with D
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Damn Small FI Scanner (DSFS)
Damn Small JS Scanner (DSJS)
Damn Small SQLi Scanner (DSSS)
Damn Small Vulnerable Web (DSVW)
Damn Small XSS Scanner (DSXS)
DarkJPEG is an open source steganography web service. It can hide data, which gets hidden in a JPEG. All with anonymity and plausible deniability in mind.
DataSploit is a framework to perform intelligence gather to discover credentials, domain information, and other information related to the target.
Latest release: 1.0 [June 30, 2017]
DbDat is a security tool to perform several checks on a database to evaluate its security level. It includes configuration checks, privileges, and account detai
DBShield is a gateway between an application and actual database engine. Its goal is to protect against SQL injections and other database attacks.
Latest release: 1.0b0 [Oct. 15, 2016]
DET is a proof of concept to perform data exfiltration using either single or multiple channels at the same time.
Detectem can scan web applications and detect used software components like jQuery, Apache middleware, and others.
Latest release: 0.6.1 [Sept. 7, 2017]
Detective helps to find information that you are not supposed to see. It focuses on information disclosure and sensitive data exposure vulnerabilities.
Latest release: 1.0.1 [July 20, 2017]
dfis (Digital Forensic Investigative Scripts)
Digital Forensic Investigative Scripts, or dfis, is a collection of scripts that can be used during forensic investigations.
DFWFW (Docker Firewall Framework)
DFWFW, short of Docker Firewall Framework, offers easy administration of the iptables rules of Docker containers. It updates using event streams.
DHCPwn is a security tool used for testing DHCP IP exhaustion attacks. It can also be used to sniff local DHCP traffic, useful for penetration tests.
Latest release: 1.0.3 [Sept. 5, 2017]
Diamorphine is a so-called LKM rootkit for Linux. It runs on different kernels in the 2.6, 3.x, and 4.x branch.
Dirsearch is a tool to guide security professionals to find possible information leaks or sensitive data. It does this by looking for directory and file names.
Latest release: 0.3.8 [July 25, 2017]
DirSearch is a scanning tool to find directories and files on web applications. It is a remake of the dirsearch tool that was created by Mauro Soria.
Django-axes is a reusable app for Django to limit the brute force login attempts for your web application.
Latest release: 2.3.3 [July 20, 2017]
django-defender (Django Defender)
Django-defender is a reusable app for Django that blocks people from performing brute forcing login attempts.
Latest release: 0.4.3 [April 14, 2017]
django-two-factor-auth (Django Two-Factor Authentication)
A complete Two-Factor Authentication for Django. It leverages the django-otp tooling together with Django's authentication framework.
Latest release: 1.6.2 [July 29, 2017]
DNSChef is a highly configurable DNS proxy for penetration testers and malware analysts
The dnsteal tool can be used to stealthily send data over DNS requests. It may be used to test data loss prevention (DLP) tools.
DocBleach sanitizes your documents by disarming harmful content. It can be used as an additional security layer for dealing with unknown documents.
Latest release: 0.0.8.post3 [June 16, 2017]
Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.
Latest release: 1.3.2 [March 30, 2017]
Dockerscan is a Docker toolkit for security analysis which includes attacking tools. It is more focused on side of the offensive than defensive.
DorkNet helps with the discovery of vulnerable web apps. It is a script written in Python that leverages Selenium.
DotDotPwn is a security tool to perform directory traversal attempts to discover interesting paths in web applications.
Latest release: 3.0.2 [Nov. 9, 2016]
Douane is an application firewall that interacts with the user to allow or deny new network connections.
DVIA (Damn Vulnerable iOS Application)
DVIA is short for Damn Vulnerable iOS Application, which provides an example to learn about vulnerabilities in iOS applications.
- Masscan (high-performance port scanner)
- Vane (WordPress vulnerability scanner)
- MAT (removal of metadata)
- Yosai (security framework for Python applications)
- Wireshark (network traffic analyzer)
- FireHOL (firewall config creator and manager)
- wpsik (WPS scan and attack tool)
- USBleach (disarms harmful USB storage)
- opensvp (firewall testing tool)
- The Sleuth Kit (toolkit for forensics)
- MongoSanitizer (defense against MongoDB injection attacks)
- YASAT (local security scanner)
- Nmap (network and vulnerability scanner)
- dnsteal (exfiltration tool via DNS requests)
- pastemon (tool to monitor Pastebin)
- BDA (vulnerability scan for Hadoop and Spark)
- Scirius (Suricata rule management)
- Spaghetti (web vulnerability scanner)
- Suricata (network IDS, IPS and monitoring)
- CIRCLean (USB stick and drives cleaner)
- King Phisher (Phishing campaign toolkit)
- Termineter (smart meter security framework)
- pick (password manager)
- jak (git encryption)
- detectem (software enumeration)