Tools starting with H
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Halcyon IDE is free and open source project and provides a development interface to create Nmap scripts. It is useful for those who want to customize their Nmap scans.
Hash Buster is a tool that may help to find the cleartext of a hash. This can be useful for hashed versions of common strings and passwords and find the original value. Hash Buster can automatically detect the provided hash type. It supports MD5, SHA1, and SHA2.
Hashcat is a well-known tool to crack passwords. It has advanced features to improve performance, allow session resumption, and more.
hBlock is a security tool to protect against advertisements, trackers, and malware. It does so by altering the /etc/hosts file and block bad or malicious hosts.
HELK (The Hunting ELK)
HELK is short for The Hunting ELK, containing Elasticsearch, Logstash, and Kibana. It has advanced analytic capabilities for threat hunting.
Heralding is a simple honeypot to collect credentials. It supports common protocols like FTP, SSH, HTTP, etc.
HoneyPi is a tool to turn a Raspberry Pi into a honeypot. It can be used to learn about any network scanning activity and take actions.
A proof-of-concept honeypot to mimic a printer. May be used to detect attacks against printers and better understand the related risks or required defenses.
HoneyPy is a low interaction honeypot written in Python, yet has additional capabilities. Plugins can be created to emulate services that run on UDP or TCP.
HonSSH is a high-interaction SSH honeypot to collect information about attackers that target the SSH service.
HonTel is a honeypot that emulates the telnet service within a chroot environment. It can be used to learn about enumeration activities or new attack methods.
hping is a tool to assemble and analyze TCP/IP packets. The interface is looks like the common ping command, yet allows more than just ICMP echo requests.
hsecscan performs a security scan of a website and analyses any discovered HTTP headers. For each header, it will provide details and recommendations.
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Bleach (sanitizing library for Django)
- siemstress (basic SIEM solution)
- Malice (VirusTotal clone)
- CMSeeK (CMS detection and exploitation)
- Cutter (graphical user interface for radare2)
- massh-enum (OpenSSH user enumeration)
- radare2 (reverse engineering tool and binary analysis)
- nftables (network traffic filtering)
- Malscan (malware scanner for web servers)
- Prowler (AWS benchmark tool)
- BDA (vulnerability scan for Hadoop and Spark)
- Tulpar (web vulnerability scanner)