Tools starting with K
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
K8Guard is an accounting or monitoring system for Kubernetes clusters. It monitors resources and warns those who misbehave according to the defined rules.
Karn is a tool to create AppArmor and seccomp profiles. This can be useful to restrict what applications can do for increased security.
KeePassX is a cross platform application to store sensitive information like usernames, passwords, and other secret.
KeePassXC is a cross-platform platform to store sensitive data like passwords, keys, and other secrets. It has a graphical user interface and is written in C++.
KeeWeb is a cross-platform tool for password management that is compatible with KeePass. It helps to store passwords and other secrets in a safe and secure way. As a web application combined with the related plugins, it can also be used via the web browser.
The keimpx security tool can be used to check for valid credentials across a network. It uses the SMB protocol, typically used on Microsoft Windows and others.
KickThemOut is a tool that can remove systems and devices from the network by performing an ARP spoofing attack.
Kippo is a honeypot for SSH connections and written in Python. It can be used to learn about the scripts and attacks that are commonly used against SSH.
Kitty is a modular and extensible fuzzing framework written in Python. It is inspired by OpenRCE's Sulley and Michael Eddington's Peach Fuzzer tool.
A port knocking implementation to make network ports to become stealth or trigger events based on a port knocking sequence.
The known_hosts_bruteforce is a script to discover hostnames from the known_hosts file. This can be useful during penetration testing or incident response.
Kojoney2 is an SSH honeypot based on Kojoney by Jose Antonio Coret. It can be used to learn about threats by mimicking an SSH service.
Kubeaudit is a command line tool to audit Kubernetes clusters. It helps to test on various security risks, that may be introduced during deployment.
Kube-Bench is a security tool to perform a configuration audit of Kubernetes installations. It can be used to find flaws and improve system hardening.
Kwetza is a Python script to inject existing Android applications with a Meterpreter payload. It can be used during penetrating testing or security assessments.
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Bleach (sanitizing library for Django)
- siemstress (basic SIEM solution)
- Malice (VirusTotal clone)
- CMSeeK (CMS detection and exploitation)
- Cutter (graphical user interface for radare2)
- massh-enum (OpenSSH user enumeration)
- radare2 (reverse engineering tool and binary analysis)
- nftables (network traffic filtering)
- Malscan (malware scanner for web servers)
- Prowler (AWS benchmark tool)
- BDA (vulnerability scan for Hadoop and Spark)
- Tulpar (web vulnerability scanner)