Tools starting with H
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
HELK (The Hunting ELK)
HELK is short for The Hunting ELK, containing Elasticsearch, Logstash, and Kibana. It has advanced analytic capabilities for threat hunting.
Halcyon IDE is free and open source project and provides a development interface to create Nmap scripts. It is useful for those who want to customize their Nmap scans.
Hash Buster is a tool that may help to find the cleartext of a hash. This can be useful for hashed versions of common strings and passwords and find the original value. Hash Buster can automatically detect the provided hash type. It supports MD5, SHA1, and SHA2.
Heralding is a simple honeypot to collect credentials. It supports common protocols like FTP, SSH, HTTP, etc.
HonSSH is a high-interaction SSH honeypot to collect information about attackers that target the SSH service.
HonTel is a honeypot that emulates the telnet service within a chroot environment. It can be used to learn about enumeration activities or new attack methods.
HoneyPi is a tool to turn a Raspberry Pi into a honeypot. It can be used to learn about any network scanning activity and take actions.
HoneyPy is a low interaction honeypot written in Python, yet has additional capabilities. Plugins can be created to emulate services that run on UDP or TCP.
A proof-of-concept honeypot to mimic a printer. May be used to detect attacks against printers and better understand the related risks or required defenses.
hBlock is a security tool to protect against advertisements, trackers, and malware. It does so by altering the /etc/hosts file and block bad or malicious hosts.
Hashcat is a well-known tool to crack passwords. It has advanced features to improve performance, allow session resumption, and more.
hping is a tool to assemble and analyze TCP/IP packets. The interface is looks like the common ping command, yet allows more than just ICMP echo requests.
hsecscan performs a security scan of a website and analyses any discovered HTTP headers. For each header, it will provide details and recommendations.
- Archery (vulnerability assessment and management)
- Wapiti (vulnerability scanner for web applications)
- Patator (multi-purpose brute-force tool)
- BleachBit (system cleaner and privacy tool)
- OpenSCAP (suite with tools and security data)
- Lynis (security scanner and compliance auditing tool)
- BlackBox (store secrets in Git/Mercurial/Subversion)
- salt-scanner (Linux vulnerability scanner)
- Infection Monkey (security testing for data centers and networks)
- Anchore Engine (container analysis and inspection)
- Zeek (network security monitoring tool)
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Malice (VirusTotal clone)
- siemstress (basic SIEM solution)
- CMSeeK (CMS detection and exploitation)