Tools starting with T
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
TANNER is the 'brain' of the SNARE tool. It evaluates its events and alters the responses to incoming requests depending on the type of attacks.
TeamVault is a password manager for teams written in Python. In this review, we cover the tool and how it works.
Teh S3 Bucketeers is a security tool to discover S3 buckets on Amazon's AWS platform. Read the review and see how it works.
Termineter is a framework written in Python to assist with testing the security of smart meters. Read how it works in this review.
testssl.sh is a command line tool which checks a system on any port for the support of TLS/SSL ciphers, protocols, as well as some cryptographic flaws.
Th3inspector is an information gathering tool to collect information about domains, DNS, web applications, and more. It may be used for security assessments.
THC Hydra (thc-hydra)
THC Hydra is a brute-force cracking tool for remote authentication services. It supports many protocols, including telnet, FTP, LDAP, SSH, SNMP, and others.
THC IPv6 Attack Toolkit (thc-ipv6)
THC IPv6 attack toolkit a set of utilities. It can be used for penetrating testing and security assessments of correct network implementations.
TheDoc is a tool written in shell-script to automate the usage of sqlmap. It comes with a built-in admin finder and hash cracker, using the Hashcat tool.
theHarvester is a tool to gather email accounts, subdomains, virtual hosts, open ports, banners, and employee names. It uses different public sources.
TheHive is a platform to deal with security incidents. It helps CSIRTs, CERTs, and SOCs to deal with the available data and decrease the amount of manual analysis.
The Sleuth Kit is a toolkit to investigate disk images and do forensic analysis on them.
ThreatPinch is a Chrome extension to perform information lookups on data artifacts like domain names, hashes, IP addresses, and more.
Thug is a low-interaction honeyclient to test for client-side attacks. It mimics a client application, like a web browser and sees if attack code is fired.
Tiger a security audit and intrusion detection tool for flavors of Unix
TLS-Attacker is a framework to analyze TLS libraries. It is written in Java and developed by the Ruhr University Bochum and Hackmanit GmbH.
Tlsenum is a tool to enumerate what TLS cipher suites a server supports and then list them in order of priority. Read how it works in this review.
Trackerjacker is a security tool to map WiFi networks that you are not connected to. Read the review on how trackerjacker how it works and its strengths.
Trawler is a platform for ingesting user phishing reports, processing, triage, and response. It provides a web interface to work the collected data.
Tulpar is a security tool to scan web targets for possible vulnerabilities. It checks a wide range of items and attack types for this particular purpose.
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- Zeek (network security monitoring tool)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- CMSeeK (CMS detection and exploitation)
- Bleach (sanitizing library for Django)
- siemstress (basic SIEM solution)
- Malice (VirusTotal clone)
- Hash Buster (find cleartext of hash)
- BDA (vulnerability scan for Hadoop and Spark)
- radare2 (reverse engineering tool and binary analysis)
- hBlock (ad blocking and tracker/malware protection)
- tlsenum (enumeration tool for TLS)
- Cutter (graphical user interface for radare2)
- Termineter (smart meter security framework)
- CMSmap (reconnaissance tool for popular CMS frameworks)
- Prowler (AWS benchmark tool)
- massh-enum (OpenSSH user enumeration)
- SubFinder (subdomain scanner)