Tools starting with R

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.


The r2frida project combines the best of both worlds from Radare2 and Frida. Where Radare2 focuses on static analysis of binaries and files, Frida will target running processes. This project combines the powers of both.

Latest release: 4.4.0 [May 2, 2020]


RabbitHole is a restrictive shell written in Python. It provides a limited set of commands to the user, allowing the administrator to give restrictive access.


Radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files. Read how it works in this review.

Latest release: 4.4.0 [April 14, 2020]


Rastrea2r is a threat hunting utility for indicators of compromise (IOC) and can be used by SOC analysts and incident responders. Learn how it works in this review.


Rdr is a cross-platform library to perform binary analysis and reverse engineering. It utilizes a unique symbol map for global analysis.


Recon-ng is a full-featured web reconnaissance framework. It is written in Python and modular, useful for penetrating tests and security assessments.


RemoteRecon is a post-exploitation framework. It can be used to maintain access to a system without the need to have a whole toolkit on the target system.


RID_ENUM is a security tool to attempt retrieving users from a Windows domain controller. In this review we cover what the tool does and how it works.


RootHelper is a small script to retrieve several enumeration and privilege escalation tools. It can be used during penetration testing.

Rootkit Hunter (rkhunter)

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix


The rootstealer tool shows an attack that uses X11 by injecting commands via the X11 library (libX11). It detects when the user opens a terminal with root permissions, then activates its predefined commands.


RouterSploit is a framework to test exploitation of embedded devices. It can be used as part of penetrating testing assignments or security assessments.

RTA (Red Team Arsenal)

Red Team Arsenal or RTA for short, is security scanner to find vulnerabilities. It scans the assets of a company that are typically found at layer 7 in the OSI model, like DNS and HTTP.


Ruler is a security tool that interacts with Exchange servers remotely. It uses either the MAPI/HTTP or RPC/HTTP protocol, with the goal to gain a remote shell.

Latest release: 2.4.0 [May 3, 2020]
RSS feed icon for Linux security tools

Recently reviewed

  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Wapiti (vulnerability scanner for web applications)
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • Zeek (network security monitoring tool)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • siemstress (basic SIEM solution)
  • Malice (VirusTotal clone)
  • Bleach (sanitizing library for Django)
  • CMSeeK (CMS detection and exploitation)
  • BDA (vulnerability scan for Hadoop and Spark)
  • radare2 (reverse engineering tool and binary analysis)
  • Malscan (malware scanner for web servers)
  • Termineter (smart meter security framework)
  • massh-enum (OpenSSH user enumeration)
  • GitMiner (Git data miner)
  • Hash Buster (find cleartext of hash)
  • CMSmap (reconnaissance tool for popular CMS frameworks)
  • Cutter (graphical user interface for radare2)