Tools starting with N
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
Netcat can be used to set up network connections via TCP or UDP and have roles like port scanning, transferring files, port listening, or even as a backdoor.
Nikto is an open source security scanner which tests web servers for potential vulnerabilities.
Nili is a security tool with a wide range of goals, including network scanning, MitM attacks, protocol reverse engineering and application fuzzing.
Nix-Auditor is a tool to help with scanning Linux systems and test them against CIS benchmarks.
Nmap is a security scanner that can perform a port scan, network exploration, and determine vulnerabilities
NoSQLMap is a security tool to perform database enumeration and determine available exploits. It can audit or attack a given database instance.
The nfsshell utility provides user level access to an NFS server over UDP or TCP. It can be useful for pentesters during a security assessment.
nftables is a subsystem of the Linux kernel to filter and classify network traffic and supposed to replace netfilter.
Nixarmor is a set of shell scripts to harden Linux systems and help with security automation. It configures the system to increase its security level.
not24get helps with password quality checking in OpenLDAP and is to be used together with ppolicy. It provides both an API for ppolicy and executable.
ntopng is the successor of the original ntop utility. It shows network usage by capturing traffic and provide insights on the usage.
Nycto-dork is dork scanner that can also test for SQL injections and local file injections (LFI). It can be used during security assessments like a penetration test.
- Patator (multi-purpose brute-force tool)
- BleachBit (system cleaner and privacy tool)
- OpenSCAP (suite with tools and security data)
- Lynis (security scanner and compliance auditing tool)
- BlackBox (store secrets in Git/Mercurial/Subversion)
- salt-scanner (Linux vulnerability scanner)
- Infection Monkey (security testing for data centers and networks)
- Anchore Engine (container analysis and inspection)
- Zeek (network security monitoring tool)
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Malice (VirusTotal clone)
- siemstress (basic SIEM solution)
- Bleach (sanitizing library for Django)
- CMSeeK (CMS detection and exploitation)