Tools starting with S

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.


S3Scanner helps with the discovery of S3 storage buckets on the platform of Amazon's AWS. Learn how the tool works with this review.

Latest release: 3.0.4 [Sept. 25, 2023]


SCUTUM is a security tool for Linux systems to filter network traffic. With this firewall functionality, it can allow only whitelisted network gateways.

SFTPfuzzer (Simple FTP Fuzzer)


SIMP is short for System Integrity Management Platform. It is a project maintained by the NSA and released as an open source project.


SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It can be useful during penetrating testing and security assignments.


SMBMap is a security tool that allows users enumerating Samba shares and can be used during security assessments. Read the review and how it works.

Latest release: 1.10.4 [May 29, 2024]


SNARE is a reactive honeypot for security research, detecting attacks, and respond to possible flaws within your environment. It is the successor of Glastopf.


SQLMate is a security tool that calls itself a friend of SQLMap. It has similar functionality, yet comes with additional features like finding an admin panel and improved hash cracking. The tool can find possible vulnerable targets, with the option to save the results and feed it to others, like SQLMap.

SSH Honeypot

SSH Honeypot is as the name implies a honeypot to emulate the SSH service. It can be used to learn about threats and commands used by attackers.


This security tool intercepts SSH connections to perform a so-called man-in-the-middle attack. It can be used for penetration testing and security assessments, to intercept traffic.


SSHHiPot is a high-interaction SSH honeypot. It captures connections and commands that are to be performed, for the purpose of learning about possible threats.


SSHsec scans a system running the SSH protocol and retrieves its configuration, host keys, and Diffie-Hellman groups.


SSLMap is a TLS/SSL cipher suite scanner. It provides a way to detect weak ciphers enabled on SSL endpoints and can be used during security assessments.


SSLsplit is a security tool to perform transparent SSL/TLS interception by using a so-called man-in-the-middle (MitM) attack.


SSLyze provides a library for scanning services that use SSL/TLS for encrypted communications. It can be used to test their implementation.

Latest release: 6.0.0 [March 31, 2024]


There are never enough tools to analyze malware, right? SSMA might be one of those tools that to add to your malware analysis toolbox.


Safety is a security tool to scan software dependencies and see which ones are possibly vulnerable. See the review and how the tool works.

Latest release: 3.2.0 [May 6, 2024]


Makes Windows interoperability possible for systems running Linux or other flavors of Linux by sharing file and print services.

Latest release: tevent-0.16.1 [Jan. 29, 2024]


On-access antivirus filter for Samba to detect malware threats and prevent them from investing file shares.


Host-based intrusion detection system (HIDS) providing file integrity checking and log file monitoring


Sandmap is a security tool to perform network and system reconnaissance using the well-known Nmap engine.


ScanSSH is a security tool to perform scans on SSH to detect open proxies and available services. It retrieves version information and related details.


Scapy is an interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols and send and capture them.


Scirius is a web application to do Suricata ruleset management. There is both a community version as paid version available.


Scout2 is a security tool to assess the security of an AWS environment. It can be used for system hardening and IT audits.


Exploit-DB's CLI search tool to find any exploits from the database. The tool is written in shell script and maintained by Offensive Security.


Seccubus automates vulnerability scanning with support for Nessus, OpenVAS, NMap, SSLyze, Medusa, SkipFish, OWASP ZAP, and SSLlabs.

Security Monkey

Security Monkey monitors AWS and GCP accounts for policy changes and alerts on insecure configurations.


Seth is a security tool to perform a man-in-the-middle (MitM) attack and extract clear text credentials from RDP connections.


ShellPop is a security tool used by penetration testers during their assignments. It helps with generating both easy and more sophisticated reverse or bind shell commands.


Shellharden is a tool to improve shell scripts when it comes to using variables and applying quotes properly. The tool can suggest and make the required changes.

Latest release: 4.3.1 [March 24, 2024]


Shellyzer helps with static code analysis for both developers and security professionals, to test the quality of shell scripts. This is also known as linting.


Sn1per is security scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Latest release: 9.2 [July 29, 2023]


Snort is a network intrusion detection system (NIDS) that runs on Linux and other platforms.

Social-Engineer Toolkit (SET)

The Social-Engineer Toolkit (SET) is an open source penetration testing framework. It helps with assignments that require social engineering.


Spaghetti is a web vulnerability scanner to find flaws in common web applications and frameworks. It can perform fingerprinting and vulnerability discovery.


SpamScope is an advanced spam analysis tool to scan emails for unwanted messages. Read the review and see how it works.


SpiderFoot is an open source intelligence automation tool (OSINT). It automates the process of gathering intelligence, like IP addresses, domains, and networks.


Stegosuite is a free steganography tool written in Java. It can be used to hide information in image files with the BMP, GIF, JPG, and PNG format. The embedded data is encrypted using AES.

SubBrute (subdomain-bruteforcer)

SubBrute is a DNS meta-query spider that enumerates DNS records and subdomains. This can be useful during penetration tests and security assessments.


SubFinder is a subdomain discovery tool. This can be useful to learn more about a particular target and available subdomains.


SubOver is a security tool to with the goal to take over subdomains. This can be used as part of security assessment or obtaining bug bounties.


Subdomino is a tool to perform enumeration on domain names. It can be used to detect and scan hostnames and subdomains.


Sublist3r is a security tool to scan a domain and attempt the discovery of underlying subdomains. This can be used during pentesting and security assessments.


Suhosin is a security extension for PHP and consists of two parts that enhance PHP. It helps with protecting against known and unknown attacks.


Suhosin7 is the security extension for PHP 7 versions. It protects a PHP installation by preventing different types of attacks.


Sulley is an automated fuzzing framework that can be used during penetration tests and security assessments.


Network threat detection engine that acts as intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM)

Latest release: suricata-7.0.6 [June 27, 2024]


Susanoo is a security tool to test the security of a REST API. With this focus, it goes beyond the typical attack surface of a web application.

Sweet Security

Sweet Security is a set of scripts to setup and install Bro IDS, Elasticsearch, Logstash, Kibana, and Critical Stack on any device.

RSS feed icon for Linux security tools

Recently reviewed

  • Archery (vulnerability assessment and management)
  • Wapiti (vulnerability scanner for web applications)
  • Patator (multi-purpose brute-force tool)
  • BleachBit (system cleaner and privacy tool)
  • OpenSCAP (suite with tools and security data)
  • Lynis (security scanner and compliance auditing tool)
  • BlackBox (store secrets in Git/Mercurial/Subversion)
  • salt-scanner (Linux vulnerability scanner)
  • Infection Monkey (security testing for data centers and networks)
  • Anchore Engine (container analysis and inspection)
  • Zeek (network security monitoring tool)
  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • Malice (VirusTotal clone)
  • siemstress (basic SIEM solution)
  • Bleach (sanitizing library for Django)