Tools starting with K
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Karn is a tool to create AppArmor and seccomp profiles. This can be useful to restrict what applications can do for increased security.
KeePassX is a cross platform application to store sensitive information like usernames, passwords, and other secret.
KeePassXC is a cross-platform platform to store sensitive data like passwords, keys, and other secrets. It has a graphical user interface and is written in C++.
Latest release: 2.2.0 [June 25, 2017]
The keimpx security tool can be used to check for valid credentials across a network. It uses the SMB protocol, typically used on Microsoft Windows and others.
KickThemOut is a tool that can remove systems and devices from the network by performing an ARP spoofing attack.
Latest release: 0.1 [Jan. 7, 2017]
Latest release: 1.8.0 [June 6, 2017]
Kippo is a honeypot for SSH connections and written in Python. It can be used to learn about the scripts and attacks that are commonly used against SSH.
Kitty is a modular and extensible fuzzing framework written in Python. It is inspired by OpenRCE's Sulley and Michael Eddington's Peach Fuzzer tool.
Latest release: 0.7.1 [March 31, 2017]
A port knocking implementation to make network ports to become stealth or trigger events based on a port knocking sequence.
The known_hosts_bruteforce is a script to discover hostnames from the known_hosts file. This can be useful during penetration testing or incident response.
Kojoney2 is an SSH honeypot based on Kojoney by Jose Antonio Coret. It can be used to learn about threats by mimicking an SSH service.
Kube-Bench is a security tool to perform a configuration audit of Kubernetes installations. It can be used to find flaws and improve system hardening.
Latest release: 0.0.4 [Aug. 15, 2017]
Kwetza is a Python script to inject existing Android applications with a Meterpreter payload. It can be used during penetrating testing or security assessments.
- testssl.sh (TLS/SSL configuration scanner)
- WhatWeb (website fingerprinter)
- vallumd (distributed ipset blacklist for iptables)
- Nikto (web application scanner)
- Exploit Pack (penetration testing framework)
- sslcaudit (auditing tool for SSL/TLS clients)
- Oscanner (Oracle assessment framework)
- SSHsec (SSH configuration scanner)
- VulnFeed (vulnerability feed parser)
- OpenSSL (TLS and SSL toolkit)
- VHostScan (virtual host scanner)
- swap_digger (data excavation tool for Linux swap)
- not24get (password quality checker)
- Certigo (certificate validator tool)
- Trawler (data collection framework for phishing results)
- SCUTUM (ARP filtering)
- Metagoofil (information gathering tool)
- Kube-Bench (security benchmark testing for Kubernetes)
- Dionaea (honeypot)
- NoSQLMap (database enumeration and exploitation)
- Thug (low-interaction honeyclient)
- OpenVAS (vulnerability scanner)
- Wapiti (vulnerability scanner for web applications)