Tools starting with R

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.


The r2frida project combines the best of both worlds from Radare2 and Frida. Where Radare2 focuses on static analysis of binaries and files, Frida will target running processes. This project combines the powers of both.

Latest release: 5.1.3 [March 26, 2021]


RabbitHole is a restrictive shell written in Python. It provides a limited set of commands to the user, allowing the administrator to give restrictive access.


Radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files. Read how it works in this review.

Latest release: 5.1.1 [Feb. 11, 2021]


Rastrea2r is a threat hunting utility for indicators of compromise (IOC) and can be used by SOC analysts and incident responders. Learn how it works in this review.


Rdr is a cross-platform library to perform binary analysis and reverse engineering. It utilizes a unique symbol map for global analysis.


Recon-ng is a full-featured web reconnaissance framework. It is written in Python and modular, useful for penetrating tests and security assessments.


RemoteRecon is a post-exploitation framework. It can be used to maintain access to a system without the need to have a whole toolkit on the target system.


RID_ENUM is a security tool to attempt retrieving users from a Windows domain controller. In this review we cover what the tool does and how it works.


RootHelper is a small script to retrieve several enumeration and privilege escalation tools. It can be used during penetration testing.

Rootkit Hunter (rkhunter)

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix


The rootstealer tool shows an attack that uses X11 by injecting commands via the X11 library (libX11). It detects when the user opens a terminal with root permissions, then activates its predefined commands.

Latest release: rootstealer_v01 [Oct. 13, 2020]


RouterSploit is a framework to test exploitation of embedded devices. It can be used as part of penetrating testing assignments or security assessments.

RTA (Red Team Arsenal)

Red Team Arsenal or RTA for short, is security scanner to find vulnerabilities. It scans the assets of a company that are typically found at layer 7 in the OSI model, like DNS and HTTP.


Ruler is a security tool that interacts with Exchange servers remotely. It uses either the MAPI/HTTP or RPC/HTTP protocol, with the goal to gain a remote shell.

Latest release: 2.4.1 [Feb. 19, 2021]
RSS feed icon for Linux security tools

Recently reviewed

  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Wapiti (vulnerability scanner for web applications)
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • Zeek (network security monitoring tool)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • Bleach (sanitizing library for Django)
  • siemstress (basic SIEM solution)
  • Malice (VirusTotal clone)
  • CMSeeK (CMS detection and exploitation)
  • Cutter (graphical user interface for radare2)
  • massh-enum (OpenSSH user enumeration)
  • radare2 (reverse engineering tool and binary analysis)
  • nftables (network traffic filtering)
  • Malscan (malware scanner for web servers)
  • Prowler (AWS benchmark tool)
  • BDA (vulnerability scan for Hadoop and Spark)
  • Tulpar (web vulnerability scanner)