Tools starting with P

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.

p0f

P0f is a security tool that utilizes passive traffic fingerprinting mechanisms to identify the systems behind any incidental TCP/IP communications.

Pacman

Pacman is the default package manager for Arch Linux. The main focus of this tool is on a binary package format and the underlying build system for software.

Pangu

Pangu is a small toolset to mess around with debugging-related tools from the GNU project like GDB.

Panoptic

Panoptic is a tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerabilities.

Parse

Parse is a security scanner to perform static analysis on PHP code potential security-related issues. As it is a static scanner, no code is executed.

Parsero

Parsero is a Python script to analyze robots.txt on web servers. It specifically looks for the Disallow entries and checks which entries might be accessible.

pas

Pas is a tool to store secrets like passwords, API keys and other sensitive data.

pass (password-store)

The pass utility is also known as password-store. It uses GPG and Unix directories to store passwords and others secrets.

PassGen

PassGen is a tool to help with password dictionary attacks to guess a password. It does not perform the attack but creates the related database.

passhport

With passhport SSH access can be done via a centralized system. There is support for roles, accounting, and authorizations of what commands can be used.


Latest release: 2.0.0 [July 16, 2019]

Passmgr

Passmgr is a simple portable password manager written in Go. It helps with storing secrets, like passwords and API keys.

pass-rotate

pass-rotate is a library and command-line tool to rotate password on various web services. It allows for bulk changing your passwords.

pastemon

Pastemon is a utility to monitor texts that are placed on Pastebin, a popular paste tool to store information temporarily.

Patator

Patator is a security tool to perform enumeration or brute-force attempts to discover authentication details. It can be used during penetration testing.

pcc (PHP Secure Configuration Checker)

PHP Secure Configuration Checker, or pcc, is a security tool to test for potential security flaws in the PHP configuration. It can be used from the command-line or directly on the web server itself.

PCILeech

PCILeech is a tool which uses PCIe hardware devices to attack a target system. It can read and write from the system memory by using DMA over PCIe. It requires no drivers on the system of the target itself.


Latest release: 4.3 [Oct. 14, 2019]

PCredz

PCredz is a tool to extract sensitive data from pcap files like credit card numbers, session information, and authentication details.

PEDA

PEDA is an extension for GDB (GNU DeBugger) to help with the development of exploit code. It can be used by reverse engineers and pentesters.

peepdf

peepdf is a tool to explore a PDF file in order to find out if the file can be harmful or not. It helps security researchers in simplifying the analysis of PDF

PHP Malware Finder

PHP Malware Finder is a tool to find malicious PHP scripts. This threat is common for most web hosters and websites of their customers.

pick

The pick tool provides a minimal password manager on the terminal for systems running macOS and Linux.

Plecost

Plecost is a security tool to fingerprint WordPress installations and find available vulnerabilities.

Pocsuite

Pocsuite is a remote vulnerability testing and development framework. It can be used by penetration testers and vulnerability researchers.


Latest release: 2.0.8 [Dec. 10, 2018]

Pompem

Pompem is an open source security tool to automate the search for exploits and vulnerabilities in public databases.

portSpider

portSpider is a security tool to scan network ranges and find open ports. The goal of the tool is to find vulnerable services.

Portspoof

Portspoof is a small utility with the goal to make port scanning by other much harder by showing all TCP ports as 'open' and emulating actual services.

Postfix

Postfix is one of the most used mail transfer agents (MTA) on Linux systems

Privacy Badger

Privacy Badger is a tool to enhance your privacy and protect against web resources like trackers that spy on your web behavior.


Latest release: release-2019.10.28 [Oct. 28, 2019]

Prowler

Prowler is a security tool to perform security audits on AWS configurations. It helps to find configuration flaws and improve system hardening.


Latest release: 2.0 [Nov. 27, 2018]

Prowler (vuln)

Prowler is a distributed vulnerability scanner that can run on devices like the Raspberry Pi. It can scan a set of systems and perform the typical tests within vulnerability scanning.

pshtt

Pshtt is a security tool to scan domains for the usage of HTTPS and applying best practices in their web configuration.

PTF (The PenTesters Framework)

Doing regular pentesting and wondering how to keep your toolbox up-to-date? PTF or the PenTesters Framework comes to the rescue!


Latest release: 2.3.4 [Oct. 15, 2019]

Pupy

Pupy is an open source remote administration and post-exploitation tool. It is mainly written in Python and works Androi, Linux, macOS, and Windows.

pwdlyser

The pwdlyser tool can help during penetration tests and security assignments to analyze cracked passwords and their strength.

Pybelt

Pybelt is a toolkit that helps during penetration testing and security assessments. It combines functionality like port scanning, hash cracking, and security scanning.

pyelftools

Pyelftools is a Python library to parse ELF files and DWARF debugging information. It can be useful to perform dynamic binary analysis on files.

Pyersinia

Pyersinia is a tool like Yersinia and can perform network attacks such as spoofing ARP, DHCP DoS , STP DoS, and more. It is written in Python and uses Scapy.

pyknock

Pyknock is a tool to perform UDP port knocking with HMAC-PSK authentication. It can be used to harden systems and limit access to specific network ports.

PyREBox

Looking for a way to perform reverse engineering or dynamic analysis? PyREBox is an instrumentation tool for virtual machines. Learn how it works and its benefits.

pysap

Pysap is a Python library to craft SAP network protocol packets. It can be used for analysis and security assessments.


Latest release: 0.1.17 [Nov. 5, 2019]

PyT (Python Taint)

Python Taint (or PyT) is a static code analyzer for Python scripts and applications. It tries to discover vulnerabilities or other possible weaknesses.

Pytbull (pytbull)

RSS feed icon for Linux security tools

Recently reviewed

  • Wapiti (vulnerability scanner for web applications)
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • Zeek (network security monitoring tool)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • siemstress (basic SIEM solution)
  • CMSeeK (CMS detection and exploitation)
  • Malice (VirusTotal clone)
  • Bleach (sanitizing library for Django)
  • SQLMate (a friend of SQLMap with additional features)
  • Termineter (smart meter security framework)
  • tlsenum (enumeration tool for TLS)
  • hBlock (ad blocking and tracker/malware protection)
  • Malscan (malware scanner for web servers)
  • massh-enum (OpenSSH user enumeration)
  • BDA (vulnerability scan for Hadoop and Spark)
  • SubFinder (subdomain scanner)
  • Prowler (AWS benchmark tool)
  • GitMiner (Git data miner)
  • Hash Buster (find cleartext of hash)