Tools starting with I
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
ident-user-enum is a Perl script to query the ident service, which runs on TCP port 113. It tries to figure out the owner of running processes on the target.
IKEForce is a command line utility to brute force VPN connections (IPSEC) that allow group name/ID enumeration and XAUTH.
The Infection Monkey is a security tool to test the resiliency of a data center or network. It tries to breach the perimeter and infect any internal server. Upon success, it reports the status to the centralized Monkey Island server. This tool can help with automating security assessments or perform a self-assessment.
Infoga is a tool to gather email information from different public sources (search engines, pgp key servers, etc).
Iniscan is a security tool to parse the configuration of PHP and provide guidance on best practices. It provides a pass/fail type of output.
The inSp3ctor tool helps to find S3 buckets and objects on Amazon's AWS platform. Read the review and see how it works.
InstaRecon is a security tool that can help with the reconnaissance phase of a penetration test. It can collect a number of data points with limited input.
Intrigue Core is a security framework to help with automated attack surface discovery. It can be used both as an offensive or defensive tool.
The iptables tool is the userspace command line program part of the netfilter project. Since Linux 2.4 it is the standard packet filtering engine. Among standard traffic filtering, it can be used for Network Address Translation (NAT).
Itsdangerous is a toolkit with various helpers to pass trusted data to untrusted environments. It does achieve this by digitally signing the related data.
IVRE is a framework to perform reconnaissance for network traffic. It leverages other tools to pull in the data and show it in the web interface.
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Bleach (sanitizing library for Django)
- siemstress (basic SIEM solution)
- Malice (VirusTotal clone)
- CMSeeK (CMS detection and exploitation)
- Cutter (graphical user interface for radare2)
- massh-enum (OpenSSH user enumeration)
- radare2 (reverse engineering tool and binary analysis)
- nftables (network traffic filtering)
- Malscan (malware scanner for web servers)
- Prowler (AWS benchmark tool)
- BDA (vulnerability scan for Hadoop and Spark)
- Tulpar (web vulnerability scanner)