Portspoof alternatives

ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.

The tool works by using three types of inspection to detect a related attack.

• SARPI (Static ARP Inspection), statically configured networks (without DHCP)
• DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
• HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)

This tool is typically used by developers and system administrators to protect their database against common database attacks. One of them is the SQL injection attack, that tries to bypass checks, resulting in data leakage. By using this tool, another level of security defense is implemented.

Typically this type of tool would be used as an additional defense layer to prevent injection attacks from reaching the database.

OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.

This tool may be used by developers that work with the Django framework. It adds a security layer on top of the application by looking at login attempts and track them.

Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities. The primary reason to use this tool is to do massive scans on many systems at once. For example to include a huge network range, country-wide scan, or even full internet scan.

Masscan can be compared with other tools like Nmap. Due to its focus on high performance, this tool can be used when many systems have to be scanned at once. It can scan all internet hosts on IPv4 within 5 minutes. This impressive statistic makes the tool loved by those that do security research.

Although there are many port scanning utilities, sometimes it is specific functionality that makes a tool really powerful. For example, QuickScan saves the results of a scan, which then can be processed later for follow-up.

Zenmap is a graphical user interface (GUI) for Nmap. It can be of great help to start a network scan by simply selecting the options you want. Besides Linux, it also runs on Microsoft Windows, macOS, BSD, and other flavors of Unix.

One of the strengths of Zenmap is the ability to store profiles, which can be reused for later scans. The command creator is another one, which helps interactively create the right nmap commands. Recent scans are stored in a searchable database and scan results can be saved and compared.