Tools starting with M

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.

MAT (Metadata Anonymisation Toolkit)

MAT is a privacy tool to remove metadata from files. This enhances your privacy levels by removing those bits of data that may store sensitive information.

MIG (Mozilla InvestiGator)

MIG, or Mozilla InvestiGator, is a security tool to perform forensic investigation in real-time on Linux, macOS, and Windows systems.


MISP is short for Malware Information Sharing Platform. It helps with sharing threat data which can be used by defenders and malware researchers.

Latest release: 2.4.192 [May 7, 2024]


MTPot is a so-called telnet honeypot that allows to bind and listen on a specific port. It can be configured to allow specific commands and the related responses to return. The tool also performs fingerprinting to discover what type of attack is occuring and send these details via syslog.

Magic Unicorn

Magic Unicorn is a tool to perform a PowerShell downgrade attack and inject shellcode into memory. Read the review and how it works.

Mal Tindex

Mal Tindex is an open source security tool to index binaries with the goal to attribute them to malware campaigns. Read in this review how it works.


MalPipe is a modular malware and indicator collection and processing framework. It is designed to pull information about malware, domains, URLs, and IP addresses from multiple feeds. Finally, it will enrich the collected data and export the results.


Malice is a malware analysis that wants to provide a free and open source version of VirusTotal. Read how the framework works in this review.


Malscan is a tool that sells itself as the robust ClamAV-based malware scanner for web servers. It can use signatures from multiple sources to perform scanning.


Maltrail monitors for traffic on the network that might indicate system compromise or other bad behavior. It is great for intrusion detection and monitoring.

Latest release: 0.69 [April 30, 2024]


Manticore is a binary analysis tool. It uses dynamic analysis, meaning parts of the binary will be executed and tested.


MassBleed is a SSL vulnerability scanner to check for several known vulnerabilities and attacks like DROWN, POODLE, and ShellShock.


Masscan is a security tool to perform a network scan for many systems at once. It is optimized asynchronous transmissions to achieve its performance.


Metagoofil is an information gathering tool with focus extracting any metadata from public documents.

Metasploit Framework

Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.


Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.

Latest release: 5.2.0 [May 28, 2024]

MongoSanitizer (python-mongo-sanitizer)

MongoSanitizer is a software component sanitizes MongoDB queries to prevent injection attacks as much as possible.


MultiScanner is a modular file scanning and analysis framework. It can be used to scan files and detect malware or other suspicious traces. With the help of the modules, it can be extended to provide more details about a file.


Massh-enum is a user enumeration tool for OpenSSH with the goal to find valid usernames. Read how it works in this review.


Mehrai is a honeypot written in Python to simulate telnet traffic. Like most honeypots, it captures information about the actions taken by the attackers.


The mimipenguin tools extracts and dumps discovered login passwords for an active Linux user. It is inspired by the mimikatz tool for Windows.


The mimipy tool is based on the work of mimipenguin and ported to Python. It can extract passwords from memory or overwrite them to prevent capture.

mitmproxy (mitmproxy)

The mitmproxy tool allows to intercept, inspect, modify, and replay traffic flows. It may be used for pentesting, troubleshooting, or learning about SSL/TLS.

Latest release: 10.3.0 [April 17, 2024]


Mongoaudit performs a security audit on MongoDB instances. It can be used to test if the right security measures are taken and detect room for improvement.


The msfenum script simplifies the Metasploit execution when scanning for low hanging fruit. Have a look at the review and see how it works.

RSS feed icon for Linux security tools

Recently reviewed

  • Archery (vulnerability assessment and management)
  • Wapiti (vulnerability scanner for web applications)
  • Patator (multi-purpose brute-force tool)
  • BleachBit (system cleaner and privacy tool)
  • OpenSCAP (suite with tools and security data)
  • Lynis (security scanner and compliance auditing tool)
  • BlackBox (store secrets in Git/Mercurial/Subversion)
  • salt-scanner (Linux vulnerability scanner)
  • Infection Monkey (security testing for data centers and networks)
  • Anchore Engine (container analysis and inspection)
  • Zeek (network security monitoring tool)
  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • siemstress (basic SIEM solution)
  • Bleach (sanitizing library for Django)
  • CMSeeK (CMS detection and exploitation)