Tools starting with S

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.


s3-fuzzer is a security tool to find sensitive data stored in Amazon S3 buckets. It can be used during security assessments.


S3Scanner helps with the discovery of S3 storage buckets on the platform of Amazon's AWS. Learn how the tool works with this review.


Safety is a security tool to scan software dependencies and see which ones are possibly vulnerable. See the review and how the tool works.

Latest release: 1.10.3 [Jan. 15, 2021]


Salt-scanner is Linux vulnerability scanner based on Salt Open and Vulners audit API. It has Slack notifications and JIRA integration.


Makes Windows interoperability possible for systems running Linux or other flavors of Linux by sharing file and print services.


On-access antivirus filter for Samba to detect malware threats and prevent them from investing file shares.


Host-based intrusion detection system (HIDS) providing file integrity checking and log file monitoring


Sandmap is a security tool to perform network and system reconnaissance using the well-known Nmap engine.


ScanSSH is a security tool to perform scans on SSH to detect open proxies and available services. It retrieves version information and related details.


Scapy is an interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols and send and capture them.

Latest release: 2.4.4 [Sept. 2, 2020]


Scirius is a web application to do Suricata ruleset management. There is both a community version as paid version available.


Scout2 is a security tool to assess the security of an AWS environment. It can be used for system hardening and IT audits.


SCUTUM is a security tool for Linux systems to filter network traffic. With this firewall functionality, it can allow only whitelisted network gateways.


Exploit-DB's CLI search tool to find any exploits from the database. The tool is written in shell script and maintained by Offensive Security.


Seccheck is a security scanner for Linux systems. It is originally written for SuSE Linux by Marc Heuse.


Seccubus automates vulnerability scanning with support for Nessus, OpenVAS, NMap, SSLyze, Medusa, SkipFish, OWASP ZAP, and SSLlabs.

Security Monkey

Security Monkey monitors AWS and GCP accounts for policy changes and alerts on insecure configurations.


Seespee is a tool that helps to create a Content Security Policy (CSP) for a website, based on crawling. Read the review and see how it works.

Latest release: 3.0.0 [Sept. 11, 2020]


Seth is a security tool to perform a man-in-the-middle (MitM) attack and extract clear text credentials from RDP connections.

SFTPfuzzer (Simple FTP Fuzzer)

shcheck (Security Header Check)

Security header check (shcheck) is a security tool to scan web applications and their HTTP headers. It can help securing web applications or detect weaknesses.

Latest release: 1.5.0 [April 5, 2021]


Shellbags is a script written in Python to parse the Windows Registry file. It extract related information from directories browsed by Explorer.


Shellharden is a tool to improve shell scripts when it comes to using variables and applying quotes properly. The tool can suggest and make the required changes.


ShellPop is a security tool used by penetration testers during their assignments. It helps with generating both easy and more sophisticated reverse or bind shell commands.


Shellyzer helps with static code analysis for both developers and security professionals, to test the quality of shell scripts. This is also known as linting.


Shootback is a tool create a reverse TCP tunnel. This may help with penetration testing to circumvent network traffic firewalls.

Latest release: 2.6.1 [Sept. 12, 2020]


Siemstress describes itself as a very basic Security Information and Event Management system (SIEM).


SIMP is short for System Integrity Management Platform. It is a project maintained by the NSA and released as an open source project.


SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It can be useful during penetrating testing and security assignments.

Latest release: 0.3.3 [March 25, 2021]


SMBMap is a security tool that allows users enumerating Samba shares and can be used during security assessments. Read the review and how it works.


Sn1per is security scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Latest release: 9.0 [Jan. 9, 2021]


Snallygaster is a security tool that looks for files on web servers that maybe shouldn't be public. Typical examples for such files include publicly accessible git repositories, backup files, database dumps, or configuration files.

Latest release: 0.0.9 [Sept. 27, 2020]


SNARE is a reactive honeypot for security research, detecting attacks, and respond to possible flaws within your environment. It is the successor of Glastopf.


Snort is a network intrusion detection system (NIDS) that runs on Linux and other platforms.


The socat tool allows bi-directional data transfer between two independent data channels. This includes a file, pipe, device, socket, proxy connection, etc.

Social-Engineer Toolkit (SET)

The Social-Engineer Toolkit (SET) is an open source penetration testing framework. It helps with assignments that require social engineering.


Spaghetti is a web vulnerability scanner to find flaws in common web applications and frameworks. It can perform fingerprinting and vulnerability discovery.


SpamScope is an advanced spam analysis tool to scan emails for unwanted messages. Read the review and see how it works.


SpiderFoot is an open source intelligence automation tool (OSINT). It automates the process of gathering intelligence, like IP addresses, domains, and networks.

Latest release: 3.3 [Jan. 24, 2021]


Sqhunter performs threat hunting in your environment. It runs on the salt master node and queries open network sockets, among other information.


The sqlmap performs automatic SQL injection and can take over a database. It is a valued tool for pentesters and those who want to test their web applications.

Latest release: 1.5 [Jan. 3, 2021]


SQLMate is a security tool that calls itself a friend of SQLMap. It has similar functionality, yet comes with additional features like finding an admin panel and improved hash cracking. The tool can find possible vulnerable targets, with the option to save the results and feed it to others, like SQLMap.


The ssh-audit tool helps to perform a security assessment of SSH servers and their configuration. It can be used for security testing and penetration tests.


The sshesame tool provides an SSH honeypot. It accepts connections and then logs any commands that are tried to be executed on the host system.


SSHHiPot is a high-interaction SSH honeypot. It captures connections and commands that are to be performed, for the purpose of learning about possible threats.

SSH Honeypot

SSH Honeypot is as the name implies a honeypot to emulate the SSH service. It can be used to learn about threats and commands used by attackers.


The sshLooter tool is a PAM backdoor written in Python to steal passwords from SSH connections. It puts itself in the authentication stack of Linux systems and intercepts provided passwords by unknowing users.


This security tool intercepts SSH connections to perform a so-called man-in-the-middle attack. It can be used for penetration testing and security assessments, to intercept traffic.


The ssh_scan utility is a SSH configuration and policy scanner maintained by the Mozilla Foundation. It helps to secure Linux systems running the OpenSSH.

Latest release: 0.0.43 [May 27, 2020]


SSHsec scans a system running the SSH protocol and retrieves its configuration, host keys, and Diffie-Hellman groups.

RSS feed icon for Linux security tools

Recently reviewed

  • ZAP (web application analysis)
  • Maltrail (malicious traffic detection system)
  • tls-ca-manage
  • Wapiti (vulnerability scanner for web applications)
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • Zeek (network security monitoring tool)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • Bleach (sanitizing library for Django)
  • siemstress (basic SIEM solution)
  • Malice (VirusTotal clone)
  • CMSeeK (CMS detection and exploitation)
  • Cutter (graphical user interface for radare2)
  • massh-enum (OpenSSH user enumeration)
  • radare2 (reverse engineering tool and binary analysis)
  • nftables (network traffic filtering)
  • Malscan (malware scanner for web servers)
  • Prowler (AWS benchmark tool)
  • BDA (vulnerability scan for Hadoop and Spark)
  • Tulpar (web vulnerability scanner)