Tools starting with L
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Larp is a tool to perform ARP poisoning on the network. It is written in Python and can be used for security assessments.
The LaZagne project is an open source tool to retrieve passwords stored on a local system. It uses different techniques to obtain passwords from well-known applications.
Lemur manages TLS certificate creation and the underlying process that is required. It acts as a broker between a certificate authority (CA) and the environment
Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities.
LFI Freak is a tool to help finding and exploiting local file inclusions (LFI). It has a particular focus on using PHP Input, PHP Filter, and Data URI methods.
LFI Suite is a security tool to automate the scanning and exploitation of Local File Inclusion vulnerabilities. It uses a wide range of attack methods to achieve this goal. This tool would be useful to penetration testers for security assignments.
The libewf library provides access to files in the Expert Witness Format (EWF). This allows toolkits using the libewf library to read or create disk images. An analyst can use this for further investigation during a forensics assignment.
LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.
LinEnum can be used during penetration tests to perform scripted local Linux enumeration and check for privilege escalations.
Linux Malware Detect (LMD) is a malware scanner for systems running Linux. The open source software project is released with the GPLv2 license.
LogonTracer is a tool to investigate malicious logins from Windows event logs with visualization capabilities. Read how it works in this review.
Loki is security tool to find so-called indicators of compromise (IOC). It does this by scanning files and then uses pattern matching.
LPFW (LeoPard FloWer)
LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.
Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Bleach (sanitizing library for Django)
- siemstress (basic SIEM solution)
- Malice (VirusTotal clone)
- CMSeeK (CMS detection and exploitation)
- Cutter (graphical user interface for radare2)
- massh-enum (OpenSSH user enumeration)
- radare2 (reverse engineering tool and binary analysis)
- nftables (network traffic filtering)
- Malscan (malware scanner for web servers)
- Prowler (AWS benchmark tool)
- BDA (vulnerability scan for Hadoop and Spark)
- Tulpar (web vulnerability scanner)