Tools starting with F
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks
Latest release: 0.10.0 [Aug. 9, 2017]
Faraday is collaboration tool for pentest assignments and vulnerability management. It allows integration with a number of other security tools.
Latest release: 2.6.2 [Aug. 9, 2017]
Fierce is a security tool that helps with DNS reconnaissance. It can locate non-contiguous IP space, but using DNS information.
Latest release: 1.2.0 [May 7, 2017]
fimap is a tool written in Python to find, prepare, audit, exploit local and remote file inclusion bugs in web applications.
Findsploit is a simple script to search both local and online exploit databases. Typically this is used by penetration testers during a security assignment.
Latest release: 1.5 [June 19, 2017]
FireHOL is promoted as an iptables stateful packet filtering firewall for humans. It also comes with FireQOS, which a bandwidth shaper based on tc.
Latest release: 3.1.5 [Sept. 17, 2017]
Flunym0us is a security scanner for WordPress and Moodle installations. The tool tests the security of the installation by performing enumeration attempts.
Fuzzapi is a security tool to test a REST API using fuzzing. It can be used for security assessments and penetration tests.
- testssl.sh (TLS/SSL configuration scanner)
- WhatWeb (website fingerprinter)
- vallumd (distributed ipset blacklist for iptables)
- Nikto (web application scanner)
- Exploit Pack (penetration testing framework)
- sslcaudit (auditing tool for SSL/TLS clients)
- Oscanner (Oracle assessment framework)
- SSHsec (SSH configuration scanner)
- VulnFeed (vulnerability feed parser)
- OpenSSL (TLS and SSL toolkit)
- VHostScan (virtual host scanner)
- swap_digger (data excavation tool for Linux swap)
- not24get (password quality checker)
- Certigo (certificate validator tool)
- Trawler (data collection framework for phishing results)
- SCUTUM (ARP filtering)
- Metagoofil (information gathering tool)
- Kube-Bench (security benchmark testing for Kubernetes)
- Dionaea (honeypot)
- NoSQLMap (database enumeration and exploitation)
- Thug (low-interaction honeyclient)
- OpenVAS (vulnerability scanner)
- Wapiti (vulnerability scanner for web applications)