Tools starting with D

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.


DBShield is a gateway between an application and actual database engine. Its goal is to protect against SQL injections and other database attacks.


DET is a proof of concept to perform data exfiltration using either single or multiple channels at the same time.

DFWFW (Docker Firewall Framework)

DFWFW, short of Docker Firewall Framework, offers easy administration of the iptables rules of Docker containers. It updates using event streams.


DHCPwn is a security tool used for testing DHCP IP exhaustion attacks. It can also be used to sniff local DHCP traffic, useful for penetration tests.


DIRB is a security tool to discover directories and files on a web server. It can be used during penetration testing or security assessments to find sensitive information.


DMitry is a security tool that can be used for security assessments or more generic information gathering about systems. It can retrieve both information from public sources and the system itself.


DNSChef is a highly configurable DNS proxy for penetration testers and malware analysts


The dnsteal tool can be used to stealthily send data over DNS requests. It may be used to test data loss prevention (DLP) tools.

DVIA (Damn Vulnerable iOS Application)

DVIA is short for Damn Vulnerable iOS Application, which provides an example to learn about vulnerabilities in iOS applications.


Dagda is a security tool to perform static analysis of known vulnerabilities, malware and threats in Docker images and containers. It monitors both the Docker daemon and running containers to find anomalies and suspicious activities.

Damn Small Vulnerable Web (DSVW)

Looking for a deliberately vulnerable application to test your exploitation skills? Learn in this review about the Damn Small Vulnerable Web project and how it can help.


DarkJPEG is an open source steganography web service. It can hide data, which gets hidden in a JPEG. All with anonymity and plausible deniability in mind.


DataSploit is an OSINT framework to perform intelligence gathering about a particular target. Read how it works in this review.


DbDat is a security tool to perform several checks on a database to evaluate its security level. It includes configuration checks, privileges, and account detai


Decentraleyes is a small browser extension. It increases your privacy by blocking specific requests to content delivery networks.


DejaVu is an open source deception framework which can be used to deploy and administer decoys across a network infrastructure. Read how it works in this review.


Detective helps to find information that you are not supposed to see. It focuses on information disclosure and sensitive data exposure vulnerabilities.


Diamorphine is a so-called LKM rootkit for Linux. It runs on different kernels in the 2.6, 3.x, and 4.x branch.


Dionaea is a honeypot that can emulate a range of services like FTP, HTTP, MySQL, and SMB. It can be used to see and learn how attackers work.

DirSearch (Go)

DirSearch is a scanning tool to find directories and files on web applications. It is a remake of the dirsearch tool that was created by Mauro Soria.


DocBleach sanitizes your documents by disarming harmful content. It can be used as an additional security layer for dealing with unknown documents.

Docker Bench for Security

Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.

Latest release: 1.6.1 [Dec. 20, 2023]


Dockerscan is a Docker toolkit for security analysis which includes attacking tools. It is more focused on side of the offensive than defensive.


Dockpot uses Docker containers and HonSSH to create on-demand SSH honeypots. It forwards traffic for analysis and learning about attack patterns.

Domain Analyzer

Want to know the information available about a domain? The aptly named tool Domain Analyzer will show you the details.


DorkNet helps with the discovery of vulnerable web apps. It is a script written in Python that leverages Selenium.


DotDotPwn is a security tool to perform directory traversal attempts to discover interesting paths in web applications.


Douane is an application firewall that interacts with the user to allow or deny new network connections.


Detectem can scan web applications and detect used software components like jQuery, Apache middleware, and others.

dfis (Digital Forensic Investigative Scripts)

Digital Forensic Investigative Scripts, or dfis, is a collection of scripts that can be used during forensic investigations.


Dirsearch is a tool to guide security professionals to find possible information leaks or sensitive data. It does this by looking for directory and file names.


Django-axes is a reusable app for Django to limit the brute force login attempts for your web application.

Latest release: 6.4.0 [March 4, 2024]

django-defender (Django Defender)

Django-defender is a reusable app for Django that blocks people from performing brute forcing login attempts.

Latest release: 0.9.8 [Feb. 25, 2024]


Django-guardian extends the default Django permissions model. It does this by allowing permissions on each database object, adding fine-grained control.


Django-security is a toolkit for the Django framework with the focus on security. It provides models, views, and middleware to strengthen the defenses.


Django-sudo provides a view decorator for Django web applications. It mimics the behavior of sudo on Linux systems and requires reauthentication.

django-two-factor-auth (Django Two-Factor Authentication)

A complete Two-Factor Authentication for Django. It leverages the django-otp tooling together with Django's authentication framework.


Dnmap is a tool to allow distributed scanning with the well-known Nmap tool. It may be used by penetration testers and system administrators to scan a large network and spread the load among multiple clients systems.


Domain is a Python script written by Jason Haddix to combine the tools Recon-ng and altdns. Read how it works in this review.


This plugin-based security tool helps to detect and test for weaknesses in common CMS systems like Drupal, SilverStripe, and WordPress.

RSS feed icon for Linux security tools

Recently reviewed

  • Archery (vulnerability assessment and management)
  • Wapiti (vulnerability scanner for web applications)
  • Patator (multi-purpose brute-force tool)
  • BleachBit (system cleaner and privacy tool)
  • OpenSCAP (suite with tools and security data)
  • Lynis (security scanner and compliance auditing tool)
  • BlackBox (store secrets in Git/Mercurial/Subversion)
  • salt-scanner (Linux vulnerability scanner)
  • Infection Monkey (security testing for data centers and networks)
  • Anchore Engine (container analysis and inspection)
  • Zeek (network security monitoring tool)
  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • Bleach (sanitizing library for Django)
  • siemstress (basic SIEM solution)
  • Malice (VirusTotal clone)