Tools starting with L

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.

LFI Freak

LFI Freak is a tool to help finding and exploiting local file inclusions (LFI). It has a particular focus on using PHP Input, PHP Filter, and Data URI methods.

LFI Suite

LFI Suite is a security tool to automate the scanning and exploitation of Local File Inclusion vulnerabilities. It uses a wide range of attack methods to achieve this goal. This tool would be useful to penetration testers for security assignments.

LIEF

LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.


Latest release: 0.15.1 [July 23, 2024]

LMD

Linux Malware Detect (LMD) is a malware scanner for systems running Linux. The open source software project is released with the GPLv2 license.

LPFW (LeoPard FloWer)

LUNAR

LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.

LaZagne

The LaZagne project is an open source tool to retrieve passwords stored on a local system. It uses different techniques to obtain passwords from well-known applications.


Latest release: 2.4.6 [June 11, 2024]

Lemur

Lemur manages TLS certificate creation and the underlying process that is required. It acts as a broker between a certificate authority (CA) and the environment


Latest release: 1.8.2 [June 11, 2024]

Leviathan Framework

Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities.

LinEnum

LinEnum can be used during penetration tests to perform scripted local Linux enumeration and check for privilege escalations.

LogonTracer

LogonTracer is a tool to investigate malicious logins from Windows event logs with visualization capabilities. Read how it works in this review.

Loki

Loki is security tool to find so-called indicators of compromise (IOC). It does this by scanning files and then uses pattern matching.

Lynis

Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.


Latest release: 3.1.2 [Sept. 26, 2024]

larp

Larp is a tool to perform ARP poisoning on the network. It is written in Python and can be used for security assessments.

libewf

The libewf library provides access to files in the Expert Witness Format (EWF). This allows toolkits using the libewf library to read or create disk images. An analyst can use this for further investigation during a forensics assignment.

RSS feed icon for Linux security tools

Recently reviewed

  • Archery (vulnerability assessment and management)
  • Wapiti (vulnerability scanner for web applications)
  • Patator (multi-purpose brute-force tool)
  • BleachBit (system cleaner and privacy tool)
  • OpenSCAP (suite with tools and security data)
  • Lynis (security scanner and compliance auditing tool)
  • BlackBox (store secrets in Git/Mercurial/Subversion)
  • salt-scanner (Linux vulnerability scanner)
  • Infection Monkey (security testing for data centers and networks)
  • Anchore Engine (container analysis and inspection)
  • Zeek (network security monitoring tool)
  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • Bleach (sanitizing library for Django)
  • siemstress (basic SIEM solution)
  • CMSeeK (CMS detection and exploitation)