DNSChef alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

64

Alternative: aiodnsbrute (Async DNS Brute)

Async DNS Brute, or aiodnsbrute, is a security tool to help with resolving many DNS entries and the related discovery.

Project details

aiodnsbrute is written in Python.

Strengths

  • + Very low number of dependencies
  • + The source code of this software is available

Typical usage

  • network scanning
  • penetration test

aiodnsbrute project page

68

Alternative: dnsteal

The dnsteal tool can be used to stealthily send data over DNS requests. It may be used to test data loss prevention (DLP) tools.

Project details

dnsteal is written in Python.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Typical usage

  • application security
  • data hiding

dnsteal project page

84

Alternative: Fierce

Fierce is a security tool that helps with DNS reconnaissance. It can locate non-contiguous IP space, but using DNS information.

Project details

Fierce is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • reconnaissance
  • security assessment

Fierce project page

68

Alternative: QuickScan

QuickScan is a simple port scanning utility with additional abilities like resolving. It has a built-in WHOIS lookups, among other supporting features.

Project details

QuickScan is written in Python.

Strengths

  • + Very low number of dependencies
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available
  • - Full name of author is unknown

Typical usage

  • network scanning

QuickScan project page

60

Alternative: SubBrute (subdomain-bruteforcer)

SubBrute is a DNS meta-query spider that enumerates DNS records and subdomains. This can be useful during penetration tests and security assessments.

Project details

SubBrute is written in Python.

Strengths

  • + More than 1000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Typical usage

  • information gathering
  • penetration test
  • security assessment

SubBrute project page

63

Alternative: ArpON

ArpON is a host-based tool to improve the security of the Address Resolution Protocol (ARP).

ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.

The tool works by using three types of inspection to detect a related attack.

  • SARPI (Static ARP Inspection), statically configured networks (without DHCP)
  • DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
  • HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)

Project details

ArpON is written in C.

Strengths

  • + The source code of this software is available

ArpON project page

100

Alternative: BetterCAP

BetterCAP is a complete, modular, portable and easily extensible MitM tool and framework. It is maintained well and appreciated by many.

Project details

BetterCAP is written in Ruby.

Strengths

  • + More than 25 contributors
  • + More than 2000 GitHub stars
  • + The source code of this software is available

Typical usage

  • bypassing security measures
  • penetration test
  • security assessment

BetterCAP project page

89

Alternative: mitmproxy (mitmproxy)

The mitmproxy tool allows to intercept, inspect, modify, and replay traffic flows. It may be used for pentesting, troubleshooting, or learning about SSL/TLS.

Project details

mitmproxy is written in Python.

Strengths

  • + More than 50 contributors
  • + More than 7000 GitHub stars
  • + The source code of this software is available

Typical usage

  • network analysis
  • penetration test
  • security assessment

mitmproxy project page

64

Alternative: Nili

Nili is a security tool with a wide range of goals, including network scanning, MitM attacks, protocol reverse engineering and application fuzzing.

Project details

Nili is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • network scanning
  • penetration test
  • security assessment

Nili project page

64

Alternative: Seth

Seth is a security tool to perform a man-in-the-middle (MitM) attack and extract clear text credentials from RDP connections.

Project details

Seth is written in Python, shell script.

Strengths

  • + The source code of this software is available

Typical usage

  • penetration test
  • security assessment

Seth project page

60

Alternative: sslcaudit

The sslcaudit project helps with automated testing of SSL/TLS clients for resistance against MITM attacks.

This project focuses on the niche of testing SSL/TLS clients.

Project details

sslcaudit is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • software testing

sslcaudit project page

78

Alternative: SSLsplit

SSLsplit is a security tool to perform transparent SSL/TLS interception by using a so-called man-in-the-middle (MitM) attack.

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. SSLsplit fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. Depending on the version of OpenSSL, SSLsplit supports SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2, and optionally SSL 2.0 as well. SSLsplit can also use existing certificates of which the private key is available, instead of generating forged ones. SSLsplit supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. For HTTP and HTTPS connections, SSLsplit removes response headers for HPKP in order to prevent public key pinning, for HSTS to allow the user to accept untrusted certificates, and Alternate Protocols to prevent switching to QUIC/SPDY. As an experimental feature, SSLsplit supports STARTTLS mechanisms in a generic manner.

Project details

SSLsplit is written in C.

Strengths

  • + The source code of this software is available

Typical usage

  • learning
  • network analysis
  • penetration test
  • security assessment

SSLsplit project page