Tools starting with R

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.


RID_ENUM is a security tool to attempt retrieving users from a Windows domain controller. In this review we cover what the tool does and how it works.

RTA (Red Team Arsenal)

Red Team Arsenal or RTA for short, is security scanner to find vulnerabilities. It scans the assets of a company that are typically found at layer 7 in the OSI model, like DNS and HTTP.


RabbitHole is a restrictive shell written in Python. It provides a limited set of commands to the user, allowing the administrator to give restrictive access.


Recon-ng is a full-featured web reconnaissance framework. It is written in Python and modular, useful for penetrating tests and security assessments.


RemoteRecon is a post-exploitation framework. It can be used to maintain access to a system without the need to have a whole toolkit on the target system.


RootHelper is a small script to retrieve several enumeration and privilege escalation tools. It can be used during penetration testing.

Rootkit Hunter (rkhunter)

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix


RouterSploit is a framework to test exploitation of embedded devices. It can be used as part of penetrating testing assignments or security assessments.


Ruler is a security tool that interacts with Exchange servers remotely. It uses either the MAPI/HTTP or RPC/HTTP protocol, with the goal to gain a remote shell.


The r2frida project combines the best of both worlds from Radare2 and Frida. Where Radare2 focuses on static analysis of binaries and files, Frida will target running processes. This project combines the powers of both.

Latest release: 5.9.2 [May 21, 2024]


Radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files. Read how it works in this review.


Rastrea2r is a threat hunting utility for indicators of compromise (IOC) and can be used by SOC analysts and incident responders. Learn how it works in this review.


Rdr is a cross-platform library to perform binary analysis and reverse engineering. It utilizes a unique symbol map for global analysis.


The rootstealer tool shows an attack that uses X11 by injecting commands via the X11 library (libX11). It detects when the user opens a terminal with root permissions, then activates its predefined commands.

RSS feed icon for Linux security tools

Recently reviewed

  • Archery (vulnerability assessment and management)
  • Wapiti (vulnerability scanner for web applications)
  • Patator (multi-purpose brute-force tool)
  • BleachBit (system cleaner and privacy tool)
  • OpenSCAP (suite with tools and security data)
  • Lynis (security scanner and compliance auditing tool)
  • BlackBox (store secrets in Git/Mercurial/Subversion)
  • salt-scanner (Linux vulnerability scanner)
  • Infection Monkey (security testing for data centers and networks)
  • Anchore Engine (container analysis and inspection)
  • Zeek (network security monitoring tool)
  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • siemstress (basic SIEM solution)
  • CMSeeK (CMS detection and exploitation)
  • Bleach (sanitizing library for Django)