Viper alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

64

Alternative: AutoNessus (autonessus)

The AutoNessus tool helps with automating vulnerability scans via the Nessus API. It lists policies and can configure the state of scans.

This tool is useful to time scans, for example by having it run outside of business hours, and stop when the day starts.

Note: originally another tool was named AutoNessus. That is now Seccubus.

Project details

AutoNessus is written in Python.

Strengths

  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

Typical usage

  • vulnerability scanning

AutoNessus project page

97

Alternative: Cuckoo Sandbox (cuckoo)

Cuckoo Sandbox is a malware analysis system. By feeding it suspicious files, Cuckoo can provide detailed findings on what a file did and how it behaved.

In a matter of seconds, Cuckoo Sandbox provides detailed results on what a file does within an isolated environment. This helps with malware analysis and understanding what it exactly tries to achieve. Further analysis can be done, based on the previous actions that were done.

Cuckoo Sandbox was created by Claudio Guarnieri as part of the Google Summer of Code project in 2010.

Project details

Cuckoo Sandbox is written in Python.

Strengths

  • + More than 2000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - Many provided pull requests are still open
  • - Many reported issues are still open

Typical usage

  • digital forensics
  • malware analysis

Cuckoo Sandbox project page

60

Alternative: InstaRecon

InstaRecon is a security tool that can help with the reconnaissance phase of a penetration test. It can collect a number of data points with limited input.

Project details

InstaRecon is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • penetration test
  • reconnaissance

InstaRecon project page

97

Alternative: Seccubus

Seccubus automates vulnerability scanning with support for Nessus, OpenVAS, NMap, SSLyze, Medusa, SkipFish, OWASP ZAP, and SSLlabs.

Supported engines and tools:

  • Nessus
  • OpenVAS
  • Nmap
  • Nikto
  • Medusa
  • Qualys SSL labs
  • SkipFish
  • SSLyze
  • testssl.sh
  • ZAP

78

Alternative: Sn1per

Sn1per is security scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Project details

Sn1per is written in Python, shell script.

Strengths

  • + More than 10 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - Unknown project license

Typical usage

  • penetration test
  • reconnaissance

Sn1per project page

97

Alternative: pick

The pick tool provides a minimal password manager on the terminal for systems running macOS and Linux.

Project details

pick is written in Golang.

Strengths

  • + Very low number of dependencies
  • + The source code of this software is available

Typical usage

  • data security
  • secure storage

pick project page

84

Alternative: pshtt

pshtt is a security tool to scan domains for the usage of HTTPS and applying best practices in their web configuration.

pshtt was developed to push organizations, including government departments, to adopt HTTPS across the enterprise. pshtt is a collaboration between GSA's 18F and the DHS National Cybersecurity Assessments and Technical Services team.

Notes

  • pshtt is pronounced as "pushed"
  • Data can be stored as CSV or JSON

Project details

pshtt is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • web application analysis

pshtt project page

97

Alternative: SpiderFoot

SpiderFoot is an open source intelligence automation tool (OSINT). It automates the process of gathering intelligence, like IP addresses, domains, and networks.

SpiderFoot can be used offensively during penetration tests, or defensively to learn what information is available about your organization.

Project details

SpiderFoot is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering

SpiderFoot project page

100

Alternative: BetterCAP

BetterCAP is a complete, modular, portable and easily extensible MitM tool and framework. It is maintained well and appreciated by many.

Project details

BetterCAP is written in Ruby.

Strengths

  • + More than 25 contributors
  • + More than 2000 GitHub stars
  • + The source code of this software is available

Typical usage

  • bypassing security measures
  • penetration test
  • security assessment

BetterCAP project page

60

Alternative: Bowcaster

Project details

Bowcaster is written in Python.

Strengths

  • + The source code of this software is available

Weaknesses

  • - No updates for a while

Typical usage

  • exploit development
  • penetration test

Bowcaster project page

84

Alternative: Kitty

Kitty is a modular and extensible fuzzing framework written in Python. It is inspired by OpenRCE's Sulley and Michael Eddington's Peach Fuzzer tool.

Project details

Kitty is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • application fuzzing

Kitty project page

78

Alternative: Metasploit Framework

Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

Project details

Metasploit Framework is written in Ruby.

Strengths

  • + More than 400 contributors
  • + More than 9000 stars
  • + Many maintainers
  • + The source code of this software is available
  • + Supported by a large company
  • + Well-known tool

Typical usage

  • penetration test
  • security assessment
  • vulnerability scanning

Metasploit Framework project page

88

Alternative: OWTF (Offensive Web Testing Framework)

The OWTF project (Offensive Web Testing Framework) unites tools for penetrating testing. Most parts are written in Python.

OWTF is short for Offensive Web Testing Framework and it is one of the many OWASP projects to improve security.

Project details

OWTF is written in Python.

Strengths

  • + More than 25 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • penetration test
  • security assessment

OWTF project page

96

Alternative: Pocsuite

Pocsuite is a remote vulnerability testing and development framework. It can be used by penetration testers and vulnerability researchers.

Project details

Pocsuite is written in Python.

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • vulnerability testing

Pocsuite project page

56

Alternative: bingrep

Bingrep is a utility that can be described as the 'grep for binaries'. It runs on Linux and helps with reverse engineering and malware analysis.

Searches through binaries and highlights the most important areas with colors.

Supported binary formats:

  • ELF 32/64, arm, x86, openrisc
  • Mach 32/64, arm, x86
  • PE

74

Alternative: chkrootkit

chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

Some areas that are checked include:

  • interface in promiscuous mode
  • lastlog deletions
  • wtmp deletions
  • wtmpx deletions
  • signs of LKM trojans
  • utmp deletions

Project details

chkrootkit is written in C, shell script.

Strengths

  • + Used language is shell script
  • + Project is mature (10+ years)

Weaknesses

  • - Long time between releases

Typical usage

  • malware scan

chkrootkit project page

89

Alternative: ClamAV

ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.

ClamAV is a popular scan engine to detect malicious software (malware).

Project details

ClamAV is written in C.

Strengths

  • + Many maintainers
  • + The source code of this software is available

Typical usage

  • malware scan

ClamAV project page

64

Alternative: Diamorphine

Diamorphine is a so-called LKM rootkit for Linux. It runs on different kernels in the 2.6, 3.x, and 4.x branch.

Project details

Diamorphine is written in C.

Strengths

  • + The source code of this software is available

Typical usage

  • learning

Diamorphine project page

97

Alternative: LMD

Linux Malware Detect (LMD) is a malware scanner for systems running Linux. The open source software project is released with the GPLv2 license.

LMD uses MD5 file hashes and HEX pattern matches to define the malware signatures. These are used to detect malware.

Project details

LMD is written in shell script.

Strengths

  • + The source code of this software is available

Typical usage

  • malware scan

LMD project page

74

Alternative: Malscan

Malscan is a tool that sells itself as the robust ClamAV-based malware scanner for web servers. It can use signatures from multiple sources to perform scanning.

Malscan has multiple sources for its malware signatures:

  • RFX Networks Signatures
  • Metasploit Signatures
  • Malscan Signatures
  • ClamAV Main Signatures

Detection methods include HEX or MD5 matches, string length (e.g. base64), and MimeType mismatches.

Project details

Malscan is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Typical usage

  • malware scan

Malscan project page

83

Alternative: Rootkit Hunter (rkhunter)

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix

Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

Project details

Rootkit Hunter is written in shell script.

Strengths

  • + Used language is shell script
  • + Project is mature (10+ years)
  • + The source code of this software is available

Typical usage

  • malware scan

Rootkit Hunter project page

85

Alternative: yarGen

The yarGen utility helps with creating YARA rules for malware detection. It can combine both 'goodware' and 'malware', to properly craft the right rules.

97

Alternative: LIEF

LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.

LIEF is short for Library to Instrument Executable Formats.

Project details

LIEF is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • binary analysis
  • malware analysis
  • reverse engineering

LIEF project page

97

Alternative: radare2

radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files.

RA-DA-RE stands for RAw DAta REcovery. It helps with performing analysis on files and images to retrieve useful artifacts. This can be used to better understand how malware works, recover lost data, or troubleshoot why software is crashing.

In 2014, radare1 was replaced by radare2, which was a parallel work and a full rewrite. It then was released under the LGPLv3 license.