Viper alternatives

Looking for an alternative tool to replace Viper? During the review of Viper we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Cuckoo Sandbox (malware analysis tool)
  2. Malice (VirusTotal clone)
  3. Binary Analysis Next Generation (framework for binary analysis)

These tools are ranked as the best alternatives to Viper.

Alternatives (by score)

74

Cuckoo Sandbox (cuckoo)

Introduction

In a matter of seconds, Cuckoo Sandbox provides detailed results on what a file does within an isolated environment. This helps with malware analysis and understanding what it exactly tries to achieve. Further analysis can be done, based on the previous actions that were done.

Cuckoo Sandbox was created by Claudio Guarnieri as part of the Google Summer of Code project in 2010.

Project details

Cuckoo Sandbox is written in Python.

Strengths and weaknesses

  • + More than 2000 GitHub stars
  • + The source code of this software is available
  • - Many provided pull requests are still open
  • - Many reported issues are still open

Typical usage

  • Digital forensics
  • Malware analysis

Cuckoo Sandbox review

76

Malice

Introduction

Malice is a malware analysis that wants to provide a free and open source version of VirusTotal. The goal of Malice is to make it usable by both independent researchers up to fortune 500 companies.

Malice is useful for those that do malware analysis or deal with user-generated files that may contain malware. The framework allows scanning files and directories to see if they are infected.

Project details

Malice is written in Golang.

Strengths and weaknesses

  • + More than 500 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Malware analysis
    • Malware detection
    • Malware research
    • Malware scanning

    Malice review

    64

    Binary Analysis Next Generation (BANG)

    Introduction

    BANG is a framework to unpack files recursively and scan them. The files can be firmware, binaries, or malware. The main goal is to scan all files and perform classification and labeling. This way each file can be further analyzed based on the characteristics.

    Project details

    Binary Analysis Next Generation is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available
    • - No releases on GitHub available

    Typical usage

    • Binary analysis
    • Malware analysis
    • Malware scanning

    Binary Analysis Next Generation review

    56

    bingrep

    Introduction

    Searches through binaries and highlights the most important areas with colors.

    Supported binary formats:

    • ELF 32/64, arm, x86, openrisc
    • Mach 32/64, arm, x86
    • PE

    Project details

    64

    Mal Tindex

    Introduction

    Mal Tindex is a tool that performs binary analysis on malware samples. It analyzes the binaries it is provided to learn about the specifics of each malware sample that makes them unique. This way data can be gathered that may provide background information. For example, it could provide the attribution of a particular actor or malware campaign.

    Project details

    Mal Tindex is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Malware analysis
      • Malware research

      Mal Tindex review

      64

      AutoNessus (autonessus)

      Introduction

      This tool is useful to time scans, for example by having it run outside of business hours, and stop when the day starts.

      Note: originally another tool was named AutoNessus. That is now Seccubus.

      Project details

      AutoNessus is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available
      • - No releases on GitHub available

      Typical usage

      • Vulnerability scanning

      AutoNessus review

      60

      InstaRecon

      Introduction

      InstaRecon is a security tool that can help with the reconnaissance phase of a penetration test. It can collect a number of data points with limited input.

      Project details

      InstaRecon is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Penetration testing
        • Reconnaissance

        InstaRecon review

        97

        Seccubus

        Introduction

        Supported engines and tools:

        • Nessus
        • OpenVAS
        • Nmap
        • Nikto
        • Medusa
        • Qualys SSL labs
        • SkipFish
        • SSLyze
        • testssl.sh
        • ZAP

        Project details

        78

        Sn1per

        Introduction

        Sn1per is security scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

        Project details

        Sn1per is written in Python, shell script.

        Strengths and weaknesses

        • + More than 10 contributors
        • + More than 1000 GitHub stars
        • + The source code of this software is available
        • - Unknown project license

        Typical usage

        • Penetration testing
        • Reconnaissance

        Sn1per review

        81

        pick

        Introduction

        Tools like pick are used to store passwords and secrets safely.

        Project details

        pick is written in Golang.

        Strengths and weaknesses

        • + Very low number of dependencies
        • + The source code of this software is available

          Typical usage

          • Data security
          • Secure storage

          pick review

          60

          pshtt

          Introduction

          Pshtt was developed to push organizations, including government departments, to adopt HTTPS across the enterprise.

          Project details

          pshtt is written in Python.

          Strengths and weaknesses

          • + More than 500 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Security assessment
            • Web application analysis

            pshtt review

            74

            SpiderFoot

            Introduction

            SpiderFoot can be used offensively during penetration tests, or defensively to learn what information is available about your organization.

            Project details

            SpiderFoot is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Information gathering

              SpiderFoot review

              100

              BetterCAP

              Introduction

              BetterCAP is often used by those who perform penetration testing and security assessments. This tool and framework is in particular useful for attempting man-in-the-middle attacks (MitM).

              Project details

              BetterCAP is written in Golang.

              Strengths and weaknesses

              • + More than 25 contributors
              • + More than 2000 GitHub stars
              • + The source code of this software is available

                Typical usage

                • Bypassing security measures
                • Penetration testing
                • Security assessment

                BetterCAP review

                60

                Bowcaster

                Introduction

                Bowcaster is a framework to create exploits. It is written in Python and comes with a set of tool and modules to help exploit development.

                Project details

                Bowcaster is written in Python.

                Strengths and weaknesses

                • + The source code of this software is available
                • - No updates for a while

                Typical usage

                • Exploit development
                • Penetration testing

                Bowcaster review

                64

                fsociety

                Introduction

                The fsociety toolkit is a penetration framework containing other security tools. The project states that is includes all the tools that are used in the Mr. Robot tv series.

                Project details

                fsociety is written in Python.

                Strengths and weaknesses

                • + More than 10 contributors
                • + More than 2000 GitHub stars
                • + The source code of this software is available
                • - Full name of author is unknown

                Typical usage

                • Penetration testing
                • Security assessment

                fsociety review

                60

                Kitty

                Introduction

                Kitty is a framework for those who want to do fuzzing unusual targets, like proprietary protocols. Although Kitty itself is not a fuzzing tool, it allows one to build a fuzzing tool.

                Project details

                Kitty is written in Python.

                Strengths and weaknesses

                • + The source code of this software is available

                  Typical usage

                  • Application fuzzing

                  Kitty review

                  74

                  Metasploit Framework

                  Introduction

                  Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

                  Project details

                  Metasploit Framework is written in Ruby.

                  Strengths and weaknesses

                  • + More than 400 contributors
                  • + More than 9000 stars
                  • + Many maintainers
                  • + The source code of this software is available
                  • + Supported by a large company
                  • + Well-known tool

                    Typical usage

                    • Penetration testing
                    • Security assessment
                    • Vulnerability scanning

                    Metasploit Framework review

                    88

                    OWTF (Offensive Web Testing Framework)

                    Introduction

                    OWTF is short for Offensive Web Testing Framework and it is one of the many OWASP projects to improve security.

                    Project details

                    OWTF is written in Python.

                    Strengths and weaknesses

                    • + More than 25 contributors
                    • + More than 500 GitHub stars
                    • + The source code of this software is available

                      Typical usage

                      • Penetration testing
                      • Security assessment

                      OWTF review

                      93

                      Pocsuite

                      Introduction

                      Pocsuite is a remote vulnerability testing and development framework. It can be used by penetration testers and vulnerability researchers.

                      Project details

                      Pocsuite is written in Python.

                      Strengths and weaknesses

                      • + More than 10 contributors
                      • + More than 1000 GitHub stars
                      • + The source code of this software is available

                        Typical usage

                        • Vulnerability development
                        • Vulnerability testing

                        Pocsuite review

                        59

                        chkrootkit

                        Introduction

                        The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

                        Some areas that are checked include:

                        • interface in promiscuous mode
                        • lastlog deletions
                        • wtmp deletions
                        • wtmpx deletions
                        • signs of LKM trojans
                        • utmp deletions

                        Project details

                        chkrootkit is written in C, shell script.

                        Strengths and weaknesses

                        • + Used language is shell script
                        • + Project is mature (10+ years)
                        • - Long time between releases

                        Typical usage

                        • Malware detection
                        • Malware scanning

                        chkrootkit review

                        100

                        ClamAV

                        Introduction

                        ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often used to support scanning incoming emails for malicious content.

                        Project details

                        ClamAV is written in C.

                        Strengths and weaknesses

                        • + Many maintainers
                        • + The source code of this software is available

                          Typical usage

                          • Malware analysis
                          • Malware detection
                          • Malware scanning

                          ClamAV review

                          64

                          Diamorphine

                          Introduction

                          Rootkits are typically considered to be malware, or malicious software. With the intent to hide, this type of software is often used after a breach. Learning about how it works can be useful for security researchers and security professionals.

                          Project details

                          Diamorphine is written in C.

                          Strengths and weaknesses

                          • + The source code of this software is available

                            Typical usage

                            • Learning

                            Diamorphine review

                            97

                            hBlock

                            Introduction

                            For the privacy-aware users, tools like hBlock can be helpful to block malicious domains, malware, advertisements, and trackers. Trackers could be pixels added to websites to track which pages you visited, which might invade your privacy.

                            Project details

                            hBlock is written in shell script.

                            Strengths and weaknesses

                            • + Used language is shell script
                            • + The source code of this software is available

                              Typical usage

                              • Malware protection
                              • Privacy enhancement
                              • Provide anonymity

                              hBlock review

                              96

                              LMD

                              Introduction

                              LMD uses MD5 file hashes and HEX pattern matches to define the malware signatures. These are used to detect malware.

                              Project details

                              LMD is written in shell script.

                              Strengths and weaknesses

                              • + The source code of this software is available

                                Typical usage

                                • Malware scanning

                                LMD review

                                89

                                Malscan

                                Introduction

                                Malscan is a tool to scan for malicious software (malware) such as viruses, worms, and backdoors. Its goal is to extend ClamAV with more scanning modes and signatures. It targets web servers running Linux, but can also be used on mail servers and desktops.

                                Project details

                                Malscan is written in shell script.

                                Strengths and weaknesses

                                • + Used language is shell script
                                • + The source code of this software is available

                                  Typical usage

                                  • Malware protection
                                  • Malware scanning

                                  Malscan review

                                  Some relevant tool missing as an alternative to Viper? Please contact us with your suggestion.