Tools starting with X
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
XRay is a security tool for reconnaissance, mapping, and OSINT gathering from public networks.
XSS Hunter helps with finding XSS attacks and trigger a warning when one is succesful. It exists as an online service, or self-hosted installation.
XXSER leverages the execution of arbitrary code on the web server when an administrative user inadvertently triggers a hidden XSS payload.
XSStrike is tool for penetration testers and developers to test web applications. It scans a web application for any possible cross-site scripting weakness. With its own fuzzing engine, it might find rare issues. XSStrike can also discover the presence of a web application firewall (WAF).
Xplico is a forensics analysis tool to investigate the traffic patterns in a pcap file. It is released as a GPL project, with some scripts under a CC license.
- OpenSCAP (suite with tools and security data)
- Lynis (security scanner and compliance auditing tool)
- BlackBox (store secrets in Git/Mercurial/Subversion)
- salt-scanner (Linux vulnerability scanner)
- Infection Monkey (security testing for data centers and networks)
- Anchore Engine (container analysis and inspection)
- Zeek (network security monitoring tool)
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Wapiti (vulnerability scanner for web applications)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- siemstress (basic SIEM solution)
- CMSeeK (CMS detection and exploitation)
- Malice (VirusTotal clone)
- Bleach (sanitizing library for Django)
- Prowler (AWS benchmark tool)
- Termineter (smart meter security framework)