Tools starting with O
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
OnionShare allows anyone to share files in a secure way and anonymously. It uses the Tor Onion Service to temporarily set up a web server with a unique address. This address then can be shared with others to download the shared files.
Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines
OpenSnitch is a Linux port of the popular macOS Little Snitch application firewall
OpenSSH is the much-used connectivity tool for remote administration. It uses the SSH protocol and encrypts all traffic to eliminate attacks like eavesdropping.
OpenSSL is an open source project and provides a toolkit for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.
OpenStego is a free steganography solution to hide data in other files like images, or add a watermark to them.
Opensvp is a security tool to test firewall software. It uses protocol level attacks to determine if the firewall is vulnerable to a type of attack.
OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
Orthrus is a security framework and auditing tool. It allows monitoring and analyzing security configurations across multiple environments.
O-Saft is a security tool to show information about SSL certificates. It tests the SSL connection with the given list of ciphers and configuration.
Oscanner is an Oracle assessment framework to perform enumeration on Oracle installations. It is written in Java and provides a graphical overview of findings.
OSHP (OWASP Secure Headers Project)
The OSHP project collects data regarding HTTP headers and their usage. It tries to inform adoption rates and increase usage.
The OSINT Framework tool provides a web-based interface to commonly used tools and resources for open source intelligence. It helps with intelligence gathering, reconnaissance, and discovering new tools.
Looking for retrieving information about an organization, domain, IP address, or something else? See how OSINT-SPY might be able to help you with this task.
The osquery tool allows querying your Linux, Windows, and macOS infrastructure. It can help with intrusion detection, infrastructure reliability, or compliance.
OSRFramework is an open source research framework. The project helps with information gathering and can be classified as an OSINT tool.
OSSEC is an open source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, rootkit detection, and more.
Otseca is a security tool that helps with gathering system information. It can be useful for penetration tests and security assessments, to automate some parts of the process.
OWTF (Offensive Web Testing Framework)
The OWTF project (Offensive Web Testing Framework) unites tools for penetrating testing. Most parts are written in Python.
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- siemstress (basic SIEM solution)
- CMSeeK (CMS detection and exploitation)
- Malice (VirusTotal clone)
- Bleach (sanitizing library for Django)
- SQLMate (a friend of SQLMap with additional features)
- Termineter (smart meter security framework)
- tlsenum (enumeration tool for TLS)
- hBlock (ad blocking and tracker/malware protection)
- Malscan (malware scanner for web servers)
- massh-enum (OpenSSH user enumeration)
- BDA (vulnerability scan for Hadoop and Spark)
- SubFinder (subdomain scanner)
- Prowler (AWS benchmark tool)
- GitMiner (Git data miner)
- Hash Buster (find cleartext of hash)