DBShield alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

64

Alternative: DbDat

DbDat is a security tool to perform several checks on a database to evaluate its security level. It includes configuration checks, privileges, and account detai

This tool performs an assessment by running actual queries against the database engine or reading the configuration file for particular settings. The tool helps with finding any issues and possible improvements.

Project details

DbDat is written in Python.

Strengths

  • + Screen output is colored
  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Typical usage

  • security assessment
  • system hardening

DbDat project page

89

Alternative: jSQL Injection

jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.

Project details

jSQL Injection is written in Java.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Typical usage

  • database security

jSQL Injection project page

64

Alternative: NoSQLMap

NoSQLMap is a security tool to perform database enumeration and determine available exploits. It can audit or attack a given database instance.

Project details

NoSQLMap is written in Python.

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • database security
  • penetration test
  • security assessment

NoSQLMap project page

63

Alternative: ArpON

ArpON is a host-based tool to improve the security of the Address Resolution Protocol (ARP).

ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.

The tool works by using three types of inspection to detect a related attack.

  • SARPI (Static ARP Inspection), statically configured networks (without DHCP)
  • DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
  • HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)

Project details

ArpON is written in C.

Strengths

  • + The source code of this software is available

ArpON project page

84

Alternative: django-axes

Django-axes is a reusable app for Django to limit the brute force login attempts for your web application.

Project details

django-axes is written in Python.

Strengths

  • + More than 50 contributors
  • + The source code of this software is available

Typical usage

  • application security

django-axes project page

76

Alternative: django-defender (Django Defender)

Django-defender is a reusable app for Django that blocks people from performing brute forcing login attempts.

Project details

django-defender is written in Python.

Strengths

  • + More than 10 contributors
  • + The source code of this software is available

Typical usage

  • application security

django-defender project page

84

Alternative: MongoSanitizer (python-mongo-sanitizer)

MongoSanitizer is a software component sanitizes MongoDB queries to prevent injection attacks as much as possible.

Project details

MongoSanitizer is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • application security
  • database security

MongoSanitizer project page

64

Alternative: nixarmor

Nixarmor is a set of shell scripts to harden Linux systems and help with security automation. It configures the system to increase its security level.

Project details

nixarmor is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Weaknesses

  • - Not ready for production usage
  • - No updates for a while
  • - Project looks outdated (old code or documentation)

Typical usage

  • system hardening

nixarmor project page

64

Alternative: OpenSnitch

OpenSnitch is a Linux port of the popular macOS Little Snitch application firewall

OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.

The OpenSnitch tool relies on NFQUEUE, which is an extension for iptables. With this extension software running in userland can intercept IP packets and allow/drop them.

Project details

OpenSnitch is written in Python.

Strengths

  • + More than 2000 GitHub stars
  • + The source code of this software is available

Typical usage

  • network traffic filtering

OpenSnitch project page

63

Alternative: Portspoof

Portspoof is a small utility with the goal to make port scanning by other much harder by showing all TCP ports as 'open' and emulating actual services.

Portspoof is a small utility with the goal to make port scanning by other much harder. It achieves this by showing all configured TCP ports to be in the 'open' state instead of closed or filter. The related ports are also emulating valid services. This way a port scan on the system will reveal many open ports and look to have legitimate services running.

68

Alternative: 0d1n

0d1n is a security tool to perform fuzzing of web applications and discover potential security issues. It is commonly used during security assignments.

0d1n is useful to perform brute-force login attempts for authentication forms. It can discover useful directory names by using a predefined list of paths. With options to use a random proxy per request and load CSRF tokens, it is a tool that can be used in different type of assignments.

Project details

0d1n is written in C.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • penetration test
  • security assessment
  • vulnerability scanning

0d1n project page

64

Alternative: Albatar

Albatar is an alternative to tools like sqlmap to find and exploit SQL injection vulnerabilities. However, this tool focuses on the exploitation side.

Project details

Albatar is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • penetration test
  • security assessment
  • web application analysis

Albatar project page

64

Alternative: Damn Small SQLi Scanner (DSSS)

Project details

Damn Small SQLi Scanner is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • penetration test
  • security assessment

Damn Small SQLi Scanner project page

89

Alternative: sqlmap

The sqlmap performs automatic SQL injection and can take over a database. It is a valued tool for pentesters and those who want to test their web applications.

64

Alternative: Tulpar

Tulpar is a security tool to scan web targets for possible vulnerabilities. It checks a wide range of items and attack types for this particular purpose.

Project details

Strengths

  • + The source code of this software is available

Typical usage

  • application security
  • application testing
  • web application analysis

Tulpar project page

84

Alternative: Whitewidow

Whitewidow is a security tool to perform automated SQL vulnerability scans. It can be used during penetration tests or for security assessments.

Project details

Whitewidow is written in Ruby.

Strengths

  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • application security
  • penetration test
  • vulnerability scanning

Whitewidow project page

76

Alternative: WPSeku

WPSeku is a WordPress vulnerability scanner that can be used to scan remote WordPress installations.

With WPSeku a WordPress installation can be tested for the presence of security issues. Some examples are cross-site scripting (XSS), sql injection, and local file inclusion. The tool also tests for the presence of default configuration files. These files may reveal version numbers, used themes and plugins.

Project details

WPSeku is written in Python.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Unknown project license

Typical usage

  • penetration test
  • security assessment
  • vulnerability scanning

WPSeku project page