Tools starting with K
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Karn is a tool to create AppArmor and seccomp profiles. This can be useful to restrict what applications can do for increased security.
KeePassX is a cross platform application to store sensitive information like usernames, passwords, and other secret.
KeePassXC is a cross-platform platform to store sensitive data like passwords, keys, and other secrets. It has a graphical user interface and is written in C++.
Latest release: 2.2.4 [Dec. 14, 2017]
The keimpx security tool can be used to check for valid credentials across a network. It uses the SMB protocol, typically used on Microsoft Windows and others.
KickThemOut is a tool that can remove systems and devices from the network by performing an ARP spoofing attack.
Latest release: 1.9.0 [Nov. 22, 2017]
Kippo is a honeypot for SSH connections and written in Python. It can be used to learn about the scripts and attacks that are commonly used against SSH.
Kitty is a modular and extensible fuzzing framework written in Python. It is inspired by OpenRCE's Sulley and Michael Eddington's Peach Fuzzer tool.
Latest release: 0.7.1 [March 31, 2017]
A port knocking implementation to make network ports to become stealth or trigger events based on a port knocking sequence.
The known_hosts_bruteforce is a script to discover hostnames from the known_hosts file. This can be useful during penetration testing or incident response.
Kojoney2 is an SSH honeypot based on Kojoney by Jose Antonio Coret. It can be used to learn about threats by mimicking an SSH service.
Kube-Bench is a security tool to perform a configuration audit of Kubernetes installations. It can be used to find flaws and improve system hardening.
Latest release: 0.0.11 [Jan. 30, 2018]
Kwetza is a Python script to inject existing Android applications with a Meterpreter payload. It can be used during penetrating testing or security assessments.
- Heralding (honeypot to catch credentials)
- ZGrab (banner grabbing tool)
- testssl.sh (TLS/SSL configuration scanner)
- WhatWeb (website fingerprinter)
- vallumd (distributed ipset blacklist for iptables)
- Nikto (web application scanner)
- sslcaudit (auditing tool for SSL/TLS clients)
- SCUTUM (ARP filtering)
- VHostScan (virtual host scanner)
- OpenSSL (TLS and SSL toolkit)
- SSHsec (SSH configuration scanner)
- not24get (password quality checker)
- swap_digger (data excavation tool for Linux swap)
- Trawler (data collection framework for phishing results)
- VulnFeed (vulnerability feed parser)
- Metagoofil (information gathering tool)
- Certigo (certificate validator tool)
- Exploit Pack (penetration testing framework)
- Oscanner (Oracle assessment framework)
- Dionaea (honeypot)
- Kube-Bench (security benchmark testing for Kubernetes)
- Thug (low-interaction honeyclient)
- NoSQLMap (database enumeration and exploitation)