Tools starting with O
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
O-Saft is a security tool to show information about SSL certificates. It tests the SSL connection with the given list of ciphers and configuration.
OSHP (OWASP Secure Headers Project)
The OSHP project collects data regarding HTTP headers and their usage. It tries to inform adoption rates and increase usage.
The OSINT Framework tool provides a web-based interface to commonly used tools and resources for open source intelligence. It helps with intelligence gathering, reconnaissance, and discovering new tools.
Looking for retrieving information about an organization, domain, IP address, or something else? See how OSINT-SPY might be able to help you with this task.
OSRFramework is an open source research framework. The project helps with information gathering and can be classified as an OSINT tool.
OSSEC is an open source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, rootkit detection, and more.
OWTF (Offensive Web Testing Framework)
The OWTF project (Offensive Web Testing Framework) unites tools for penetrating testing. Most parts are written in Python.
OnionShare allows anyone to share files in a secure way and anonymously. It uses the Tor Onion Service to temporarily set up a web server with a unique address. This address then can be shared with others to download the shared files.
Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines
OpenSSH is the much-used connectivity tool for remote administration. It uses the SSH protocol and encrypts all traffic to eliminate attacks like eavesdropping.
OpenSSL is an open source project and provides a toolkit for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.
OpenSnitch is a Linux port of the popular macOS Little Snitch application firewall
OpenStego is a free steganography solution to hide data in other files like images, or add a watermark to them.
OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
Oscanner is an Oracle assessment framework to perform enumeration on Oracle installations. It is written in Java and provides a graphical overview of findings.
Opensvp is a security tool to test firewall software. It uses protocol level attacks to determine if the firewall is vulnerable to a type of attack.
Orthrus is a security framework and auditing tool. It allows monitoring and analyzing security configurations across multiple environments.
The osquery tool allows querying your Linux, Windows, and macOS infrastructure. It can help with intrusion detection, infrastructure reliability, or compliance.
Otseca is a security tool that helps with gathering system information. It can be useful for penetration tests and security assessments, to automate some parts of the process.
- Lynis (security scanner and compliance auditing tool)
- BlackBox (store secrets in Git/Mercurial/Subversion)
- salt-scanner (Linux vulnerability scanner)
- Infection Monkey (security testing for data centers and networks)
- Anchore Engine (container analysis and inspection)
- Zeek (network security monitoring tool)
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Malice (VirusTotal clone)
- siemstress (basic SIEM solution)
- Bleach (sanitizing library for Django)
- CMSeeK (CMS detection and exploitation)
- Prowler (AWS benchmark tool)
- massh-enum (OpenSSH user enumeration)
- Termineter (smart meter security framework)