Tools starting with O
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
OnionShare allows anyone to share files in a secure way and anonymously. It uses the Tor Onion Service to temporarily set up a web server with a unique address. This address then can be shared with others to download the shared files.
Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines
OpenSnitch is a Linux port of the popular macOS Little Snitch application firewall
OpenSSH is the much-used connectivity tool for remote administration. It uses the SSH protocol and encrypts all traffic to eliminate attacks like eavesdropping.
OpenSSL is an open source project and provides a toolkit for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.
OpenStego is a free steganography solution to hide data in other files like images, or add a watermark to them.
Opensvp is a security tool to test firewall software. It uses protocol level attacks to determine if the firewall is vulnerable to a type of attack.
OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
Orthrus is a security framework and auditing tool. It allows monitoring and analyzing security configurations across multiple environments.
O-Saft is a security tool to show information about SSL certificates. It tests the SSL connection with the given list of ciphers and configuration.
Oscanner is an Oracle assessment framework to perform enumeration on Oracle installations. It is written in Java and provides a graphical overview of findings.
OSHP (OWASP Secure Headers Project)
The OSHP project collects data regarding HTTP headers and their usage. It tries to inform adoption rates and increase usage.
The OSINT Framework tool provides a web-based interface to commonly used tools and resources for open source intelligence. It helps with intelligence gathering, reconnaissance, and discovering new tools.
Looking for retrieving information about an organization, domain, IP address, or something else? See how OSINT-SPY might be able to help you with this task.
The osquery tool allows querying your Linux, Windows, and macOS infrastructure. It can help with intrusion detection, infrastructure reliability, or compliance.
OSRFramework is an open source research framework. The project helps with information gathering and can be classified as an OSINT tool.
OSSEC is an open source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, rootkit detection, and more.
Otseca is a security tool that helps with gathering system information. It can be useful for penetration tests and security assessments, to automate some parts of the process.
OWTF (Offensive Web Testing Framework)
The OWTF project (Offensive Web Testing Framework) unites tools for penetrating testing. Most parts are written in Python.
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- Bleach (sanitizing library for Django)
- siemstress (basic SIEM solution)
- Malice (VirusTotal clone)
- CMSeeK (CMS detection and exploitation)
- Cutter (graphical user interface for radare2)
- massh-enum (OpenSSH user enumeration)
- radare2 (reverse engineering tool and binary analysis)
- nftables (network traffic filtering)
- Malscan (malware scanner for web servers)
- Prowler (AWS benchmark tool)
- BDA (vulnerability scan for Hadoop and Spark)
- Tulpar (web vulnerability scanner)