Tools starting with L
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
LFI Freak
LFI Freak is a tool to help finding and exploiting local file inclusions (LFI). It has a particular focus on using PHP Input, PHP Filter, and Data URI methods.
LFI Suite
LFI Suite is a security tool to automate the scanning and exploitation of Local File Inclusion vulnerabilities. It uses a wide range of attack methods to achieve this goal. This tool would be useful to penetration testers for security assignments.
LIEF
LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.
LMD
Linux Malware Detect (LMD) is a malware scanner for systems running Linux. The open source software project is released with the GPLv2 license.
LPFW (LeoPard FloWer)
LUNAR
LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.
LaZagne
The LaZagne project is an open source tool to retrieve passwords stored on a local system. It uses different techniques to obtain passwords from well-known applications.
Lemur
Lemur manages TLS certificate creation and the underlying process that is required. It acts as a broker between a certificate authority (CA) and the environment
Leviathan Framework
Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities.
LinEnum
LinEnum can be used during penetration tests to perform scripted local Linux enumeration and check for privilege escalations.
LogonTracer
LogonTracer is a tool to investigate malicious logins from Windows event logs with visualization capabilities. Read how it works in this review.
Loki
Loki is security tool to find so-called indicators of compromise (IOC). It does this by scanning files and then uses pattern matching.
Lynis
Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.
larp
Larp is a tool to perform ARP poisoning on the network. It is written in Python and can be used for security assessments.
libewf
The libewf library provides access to files in the Expert Witness Format (EWF). This allows toolkits using the libewf library to read or create disk images. An analyst can use this for further investigation during a forensics assignment.
Recently reviewed
- Archery (vulnerability assessment and management)
- Wapiti (vulnerability scanner for web applications)
- Patator (multi-purpose brute-force tool)
- BleachBit (system cleaner and privacy tool)
- OpenSCAP (suite with tools and security data)
- Lynis (security scanner and compliance auditing tool)
- BlackBox (store secrets in Git/Mercurial/Subversion)
- salt-scanner (Linux vulnerability scanner)
- Infection Monkey (security testing for data centers and networks)
- Anchore Engine (container analysis and inspection)
- Zeek (network security monitoring tool)
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- tls-ca-manage
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Bleach (sanitizing library for Django)
- siemstress (basic SIEM solution)
- CMSeeK (CMS detection and exploitation)