Tools starting with M
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Magic Unicorn is a tool to perform a PowerShell downgrade attack and inject shellcode into memory. Read the review and how it works.
Malice is a malware analysis that wants to provide a free and open source version of VirusTotal. Read how the framework works in this review.
MalPipe is a modular malware and indicator collection and processing framework. It is designed to pull information about malware, domains, URLs, and IP addresses from multiple feeds. Finally, it will enrich the collected data and export the results.
Malscan is a tool that sells itself as the robust ClamAV-based malware scanner for web servers. It can use signatures from multiple sources to perform scanning.
Mal Tindex is an open source security tool to index binaries with the goal to attribute them to malware campaigns. Read in this review how it works.
Maltrail monitors for traffic on the network that might indicate system compromise or other bad behavior. It is great for intrusion detection and monitoring.
Manticore is a binary analysis tool. It uses dynamic analysis, meaning parts of the binary will be executed and tested.
MassBleed is a SSL vulnerability scanner to check for several known vulnerabilities and attacks like DROWN, POODLE, and ShellShock.
Masscan is a security tool to perform a network scan for many systems at once. It is optimized asynchronous transmissions to achieve its performance.
Massh-enum is a user enumeration tool for OpenSSH with the goal to find valid usernames. Read how it works in this review.
MAT (Metadata Anonymisation Toolkit)
MAT is a privacy tool to remove metadata from files. This enhances your privacy levels by removing those bits of data that may store sensitive information.
Mehrai is a honeypot written in Python to simulate telnet traffic. Like most honeypots, it captures information about the actions taken by the attackers.
Metagoofil is an information gathering tool with focus extracting any metadata from public documents.
Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.
MIG (Mozilla InvestiGator)
MIG, or Mozilla InvestiGator, is a security tool to perform forensic investigation in real-time on Linux, macOS, and Windows systems.
The mimipenguin tools extracts and dumps discovered login passwords for an active Linux user. It is inspired by the mimikatz tool for Windows.
The mimipy tool is based on the work of mimipenguin and ported to Python. It can extract passwords from memory or overwrite them to prevent capture.
MISP is short for Malware Information Sharing Platform. It helps with sharing threat data which can be used by defenders and malware researchers.
The mitmproxy tool allows to intercept, inspect, modify, and replay traffic flows. It may be used for pentesting, troubleshooting, or learning about SSL/TLS.
Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.
Mongoaudit performs a security audit on MongoDB instances. It can be used to test if the right security measures are taken and detect room for improvement.
MongoSanitizer is a software component sanitizes MongoDB queries to prevent injection attacks as much as possible.
The msfenum script simplifies the Metasploit execution when scanning for low hanging fruit. Have a look at the review and see how it works.
MTPot is a so-called telnet honeypot that allows to bind and listen on a specific port. It can be configured to allow specific commands and the related responses to return. The tool also performs fingerprinting to discover what type of attack is occuring and send these details via syslog.
MultiScanner is a modular file scanning and analysis framework. It can be used to scan files and detect malware or other suspicious traces. With the help of the modules, it can be extended to provide more details about a file.
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- siemstress (basic SIEM solution)
- CMSeeK (CMS detection and exploitation)
- Malice (VirusTotal clone)
- Bleach (sanitizing library for Django)
- SQLMate (a friend of SQLMap with additional features)
- Termineter (smart meter security framework)
- tlsenum (enumeration tool for TLS)
- hBlock (ad blocking and tracker/malware protection)
- Malscan (malware scanner for web servers)
- massh-enum (OpenSSH user enumeration)
- BDA (vulnerability scan for Hadoop and Spark)
- SubFinder (subdomain scanner)
- Prowler (AWS benchmark tool)
- GitMiner (Git data miner)
- Hash Buster (find cleartext of hash)