Leviathan Framework alternatives

Looking for an alternative tool to replace Leviathan Framework? During the review of Leviathan Framework we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. arpag (automatic exploiting tool)
  2. AutoSploit (automated host exploitation)
  3. Infection Monkey (security testing for data centers and networks)

These tools are ranked as the best alternatives to Leviathan Framework.

Alternatives (by score)

64

arpag

Introduction

Tools like arpag can help with automating penetration tests and security assessments. By testing automatically for a set of exploits, the remaining time can be spend in other areas.

Project details

arpag is written in Python.

Strengths and weaknesses

  • + Very low number of dependencies
  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • Penetration testing
  • Security awareness
  • Service exploitation

arpag review

88

AutoSploit

Introduction

AutoSploit attempts to automate the exploitation of remote hosts for security assessments. Targets can be collected automatically or manually provided. Automatic sources include Censys, Shodan, and Zoomeye.

Project details

AutoSploit is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 3000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Service exploitation
    • System exploitation

    AutoSploit review

    100

    Infection Monkey

    Introduction

    This tool is useful for security assessments to test for weaknesses within the network. By automating the exploitation phase as much as possible, it will help finding any weak targets within the boundaries of the data center.

    Project details

    Infection Monkey is written in Python.

    Strengths and weaknesses

    • + More than 10 contributors
    • + More than 500 GitHub stars
    • + The source code of this software is available

      Typical usage

      • Service exploitation
      • System exploitation

      Infection Monkey review

      81

      sqlmap

      Introduction

      The sqlmap is a well-known tool with an amazing number of GitHub stars (10,000+). It is used by many security professionals around the world to test the security of both web applications and the database that stores the data.

      Project details

      85

      BeEF

      Introduction

      BeEF is used by penetration testers to assess the security of a system by leveraging the web browser. This makes the tool different to many other tools, as it ignores the security on network or system level. It uses command modules from within the web browser to perform requested attacks against the system.

      Project details

      74

      Metasploit Framework

      Introduction

      Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

      Project details

      Metasploit Framework is written in Ruby.

      Strengths and weaknesses

      • + More than 400 contributors
      • + More than 9000 stars
      • + Many maintainers
      • + The source code of this software is available
      • + Supported by a large company
      • + Well-known tool

        Typical usage

        • Penetration testing
        • Security assessment
        • Vulnerability scanning

        Metasploit Framework review

        60

        Pupy

        Introduction

        Pupy is an open source remote administration and post-exploitation tool. It is mainly written in Python and works Androi, Linux, macOS, and Windows.

        Project details

        Pupy is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Penetration testing
          • Security assessment

          Pupy review

          64

          RouterSploit

          Introduction

          RouterSploit is a framework to exploit embedded devices such as cameras and routers. It can be used during penetration testing to test the security of a wide variety of devices. RouterSploit comes with several modules to scan and exploit the devices. The tool helps in all steps, like from credential testing to deploying a payload to perform an exploitation attempt.

          Project details

          RouterSploit is written in Python.

          Strengths and weaknesses

          • + More than 50 contributors
          • + More than 6000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Penetration testing
            • Self-assessment
            • Software testing
            • Vulnerability scanning

            RouterSploit review

            60

            Ruler

            Introduction

            The main aim for this tool is abusing the client-side Outlook features and gain a shell remotely.

            Project details

            Ruler is written in Golang.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Penetration testing
              • Security assessment

              Ruler review

              60

              Masscan

              Introduction

              Masscan can be compared with other tools like Nmap. Due to its focus on high performance, this tool can be used when many systems have to be scanned at once. It can scan all internet hosts on IPv4 within 5 minutes. This impressive statistic makes the tool loved by those that do security research.

              Project details

              Masscan is written in C.

              Strengths and weaknesses

              • + More than 25 contributors
              • + More than 8000 GitHub stars
              • + The source code of this software is available

                Typical usage

                • Network scanning

                Masscan review

                64

                portSpider

                Introduction

                portSpider is a security tool to scan network ranges and find open ports. The goal of the tool is to find vulnerable services.

                Project details

                portSpider is written in Python.

                Strengths and weaknesses

                • + The source code of this software is available

                  Typical usage

                  • Network scanning
                  • Vulnerability scanning

                  portSpider review

                  63

                  Portspoof

                  Introduction

                  Portspoof is a small utility with the goal to make port scanning by other much harder. It achieves this by showing all configured TCP ports to be in the 'open' state instead of closed or filter. The related ports are also emulating valid services. This way a port scan on the system will reveal many open ports and look to have legitimate services running.

                  Project details

                  64

                  QuickScan

                  Introduction

                  Although there are many port scanning utilities, sometimes it is specific functionality that makes a tool really powerful. For example, QuickScan saves the results of a scan, which then can be processed later for follow-up.

                  Project details

                  QuickScan is written in Python.

                  Strengths and weaknesses

                  • + Very low number of dependencies
                  • + The source code of this software is available
                  • - No releases on GitHub available
                  • - Full name of author is unknown

                  Typical usage

                  • Network scanning

                  QuickScan review

                  63

                  Zenmap

                  Introduction

                  Zenmap is a graphical user interface (GUI) for Nmap. It can be of great help to start a network scan by simply selecting the options you want. Besides Linux, it also runs on Microsoft Windows, macOS, BSD, and other flavors of Unix.

                  One of the strengths of Zenmap is the ability to store profiles, which can be reused for later scans. The command creator is another one, which helps interactively create the right nmap commands. Recent scans are stored in a searchable database and scan results can be saved and compared.

                  Project details

                  Zenmap is written in Python.

                  Strengths and weaknesses

                  • + The source code of this software is available
                  • + Well-known tool

                    Typical usage

                    • Network scanning
                    • Penetration testing
                    • Port scanning
                    • Security assessment

                    Zenmap review

                    76

                    0d1n

                    Introduction

                    0d1n is useful to perform brute-force login attempts for authentication forms. It can discover useful directory names by using a predefined list of paths. With options to use a random proxy per request and load CSRF tokens, it is a tool that can be used in different type of assignments.

                    Project details

                    0d1n is written in C.

                    Strengths and weaknesses

                    • + The source code of this software is available

                      Typical usage

                      • Information gathering
                      • Penetration testing
                      • Security assessment
                      • Vulnerability scanning

                      0d1n review

                      64

                      Albatar

                      Introduction

                      Albatar has the focus on the situations where tools like sqlmap need to be adjusted to make an exploit work. It is written in Python and unlike sqlmap, it does not detect SQL injection vulnerabilities.

                      Project details

                      Albatar is written in Python.

                      Strengths and weaknesses

                      • + The source code of this software is available

                        Typical usage

                        • Penetration testing
                        • Security assessment
                        • Web application analysis

                        Albatar review

                        64

                        Damn Small SQLi Scanner (DSSS)

                        Introduction

                        None

                        Project details

                        Damn Small SQLi Scanner is written in Python.

                        Strengths and weaknesses

                        • + The source code of this software is available

                          Typical usage

                          • Penetration testing
                          • Security assessment

                          Damn Small SQLi Scanner review

                          74

                          DBShield

                          Introduction

                          This tool is typically used by developers and system administrators to protect their database against common database attacks. One of them is the SQL injection attack, that tries to bypass checks, resulting in data leakage. By using this tool, another level of security defense is implemented.

                          Project details

                          DBShield is written in Golang.

                          Strengths and weaknesses

                          • + The source code of this software is available

                            Typical usage

                            • Database security

                            DBShield review

                            64

                            jSQL Injection

                            Introduction

                            jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.

                            Project details

                            jSQL Injection is written in Java.

                            Strengths and weaknesses

                            • + The source code of this software is available
                            • - Full name of author is unknown

                            Typical usage

                            • Database security

                            jSQL Injection review

                            60

                            MongoSanitizer (python-mongo-sanitizer)

                            Introduction

                            Typically this type of tool would be used as an additional defense layer to prevent injection attacks from reaching the database.

                            Project details

                            MongoSanitizer is written in Python.

                            Strengths and weaknesses

                            • + The source code of this software is available

                              Typical usage

                              • Application security
                              • Database security

                              MongoSanitizer review

                              64

                              nycto-dork

                              Introduction

                              This tool has limited documentation. For that reason, the review is limited at this time.

                              Project details

                              nycto-dork is written in Python.

                              Strengths and weaknesses

                              • + The source code of this software is available
                              • - Minimal or no documentation available
                              • - Full name of author is unknown

                              Typical usage

                              • Penetration testing

                              nycto-dork review

                              60

                              Pybelt

                              Introduction

                              The pybelt toolkit may be useful during a pentest to simplify the process of scanning. It includes options like port scanning, dork checking, cracking and verification of hashes, and scanning for SQL injections.

                              Project details

                              Pybelt is written in Python.

                              Strengths and weaknesses

                              • + The source code of this software is available

                                Pybelt review

                                60

                                TheDoc

                                Introduction

                                TheDoc is a tool written in shell-script to automate the usage of sqlmap. It comes with a built-in admin finder and hash cracker, using the Hashcat tool.

                                Project details

                                TheDoc is written in shell script.

                                Strengths and weaknesses

                                • + Used language is shell script
                                • + Very low number of dependencies
                                • + The source code of this software is available
                                • - Full name of author is unknown
                                • - Unknown project license

                                Typical usage

                                • Penetration testing

                                TheDoc review

                                64

                                Tulpar

                                Introduction

                                Tulpar is a vulnerability scanner that can be used to test new or existing web applications. In the former case, it could be helpful to test a new project before it is deployed into production. This could be done by the developer or a security professional. If some web application is already in production, then it might be a good tool to perform regular testing on known vulnerabilities. In this case, it is typically a pentester or security specialist that does the testing.

                                Project details

                                Tulpar is written in Python.

                                Strengths and weaknesses

                                • + The source code of this software is available
                                • - Minimal or no documentation available

                                Typical usage

                                • Application security
                                • Application testing
                                • Web application analysis

                                Tulpar review

                                60

                                Whitewidow

                                Introduction

                                Whitewidow is a security tool to perform automated SQL vulnerability scans. It can be used during penetration tests or for security assessments.

                                Project details

                                Whitewidow is written in Ruby.

                                Strengths and weaknesses

                                • + More than 500 GitHub stars
                                • + The source code of this software is available

                                  Typical usage

                                  • Application security
                                  • Penetration testing
                                  • Vulnerability scanning

                                  Whitewidow review

                                  Some relevant tool missing as an alternative to Leviathan Framework? Please contact us with your suggestion.