Tools starting with K
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
K8Guard is an accounting or monitoring system for Kubernetes clusters. It monitors resources and warns those who misbehave according to the defined rules.
Karn is a tool to create AppArmor and seccomp profiles. This can be useful to restrict what applications can do for increased security.
KeePassX is a cross platform application to store sensitive information like usernames, passwords, and other secret.
KeePassXC is a cross-platform platform to store sensitive data like passwords, keys, and other secrets. It has a graphical user interface and is written in C++.
KeeWeb is a cross-platform tool for password management that is compatible with KeePass. It helps to store passwords and other secrets in a safe and secure way. As a web application combined with the related plugins, it can also be used via the web browser.
KickThemOut is a tool that can remove systems and devices from the network by performing an ARP spoofing attack.
Kippo is a honeypot for SSH connections and written in Python. It can be used to learn about the scripts and attacks that are commonly used against SSH.
Kitty is a modular and extensible fuzzing framework written in Python. It is inspired by OpenRCE's Sulley and Michael Eddington's Peach Fuzzer tool.
A port knocking implementation to make network ports to become stealth or trigger events based on a port knocking sequence.
Kojoney2 is an SSH honeypot based on Kojoney by Jose Antonio Coret. It can be used to learn about threats by mimicking an SSH service.
Kube-Bench is a security tool to perform a configuration audit of Kubernetes installations. It can be used to find flaws and improve system hardening.
Kwetza is a Python script to inject existing Android applications with a Meterpreter payload. It can be used during penetrating testing or security assessments.
The keimpx security tool can be used to check for valid credentials across a network. It uses the SMB protocol, typically used on Microsoft Windows and others.
The known_hosts_bruteforce is a script to discover hostnames from the known_hosts file. This can be useful during penetration testing or incident response.
Kubeaudit is a command line tool to audit Kubernetes clusters. It helps to test on various security risks, that may be introduced during deployment.
- Archery (vulnerability assessment and management)
- Wapiti (vulnerability scanner for web applications)
- Patator (multi-purpose brute-force tool)
- BleachBit (system cleaner and privacy tool)
- OpenSCAP (suite with tools and security data)
- Lynis (security scanner and compliance auditing tool)
- BlackBox (store secrets in Git/Mercurial/Subversion)
- salt-scanner (Linux vulnerability scanner)
- Infection Monkey (security testing for data centers and networks)
- Anchore Engine (container analysis and inspection)
- Zeek (network security monitoring tool)
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Malice (VirusTotal clone)
- siemstress (basic SIEM solution)
- CMSeeK (CMS detection and exploitation)