Movatterモバイル変換

SecTools.Org: Top 125 Network Security Tools

For more than a decade, theNmapProject has been cataloguing the network security community'sfavorite tools. In 2011 this site became much more dynamic, offeringratings, reviews, searching, sorting, and anew tool suggestion form.This site allows open source and commercial tools on any platform,except those tools that we maintain (such as theNmap Security Scanner,Ncat network connector, andNping packet manipulator).

We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!

8 tools

(10)★★★★½Netcat (#8, 4)

This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool to use directly or easily drive by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections.

The original Netcat wasreleased by Hobbit in 1995, but it hasn't been maintained despite its popularity. It can sometimes even be hard to finda copy of the v1.10 source code. The flexibility and usefulness of this tool prompted the Nmap Project to produceNcat, a modern reimplementation which supports SSL, IPv6, SOCKS and http proxies, connection brokering, and more. Other takes on this classic tool include the amazingly versatileSocat,OpenBSD's nc,Cryptcat,Netcat6,pnetcat,SBD, and so-calledGNU Netcat.Read 13 reviews.

Latest release: version 1.10 on March 20, 1996 (29 years, 1 month ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • general
  • packet-crafters

(2)★★★★★Ping/telnet/dig/traceroute/whois/netstat (#21, 8)

While there are many advanced high-tech tools out there to assist in security auditing, don't forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that Windows omits whois and uses the name tracert). They can be very handy in a pinch, although more advanced functionality is available fromHping andNetcat.Read 3 reviews.

• • 
  • 
  • 
  • 
  • 
  • 
• • general

no ratingPerl/Python/Ruby (#23, 3)

While many canned security tools are available on this site for handling common tasks, scripting languages allow you to write your own (or modify existing ones) when you need something more custom. Quick, portable scripts can test, exploit, or even fix systems. Archives likeCPAN are filled with modules such asNet::RawIP and protocol implementations to make your tasks even easier. Many security tools use scripting languages heavily for extensibility. For exampleScapy interaction is through a Python interpreter,Metasploit modules are written in Ruby, andNmap's scripting engine uses Lua.Review this tool.

• • 
  • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
• • general

(3)★★★½Google (#26, 8)

While it is far more than a security tool, Google's massive database is a gold mine for security researchers and penetration testers. You can use it to dig up information about a target company by using directives such as “site:target-domain.com” and find employee names, sensitive information that they wrongly thought was hidden, vulnerable software installations, and more. Similarly, when a bug is found in yet another popular webapp, Google can often provide a list of vulnerable servers worldwide within seconds. Check out theGoogle Hacking Database and Johnny Long's excellent book:Google Hacking for Penetration Testers.Read 4 reviews.

• • 
  • 
• • 
  • 
  • 
  • 
  • 
• • general

(1)★★★★★VMware (#43, 46)

VMware virtualization software lets you run one operating system within another. This is quite useful for security researchers who commonly need to test code, exploits, etc on multiple platforms. It only runs on Windows and Linux as the host OS, but pretty much any x86 or x86_64 OS will run inside the virtualized environment. It is also useful for setting up sandboxes. You can browse from within a VMware window so the even if you are infected with malware, it cannot reach your host OS. And recovering the guest OS is as simple as loading a "snapshot" from prior to the infection.VMware player (executes, but can't create OS images) andVMWare Server (partitions a physical server machine into multiple virtual machines) were recently released for free. An open-source alternative isVirtualBox.Xen is a Linux-specific virtualization system.Read 1 review.

Latest release: version 12.0.0 on Aug. 24, 2015 (9 years, 8 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
• • general

(4)★★★★½Firefox (#55, new!)

Firefox is a web browser, a descendant of Mozilla. It emerged as a serious competitor to Internet Explorer, with improved security as one of its features. While Firefox no longer has a stellar security record, security professionals still appreciate it for its wide selection of security-related add-ons, includingTamper Data,Firebug, andNoScript.Read 4 reviews.

Latest release: version 40.0.3 on Aug. 27, 2015 (9 years, 8 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • browser
  • general

no ratingcURL (#100, new!)

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, authentication, and more.libcurl provides these capabilities to other programs.Review this tool.

Latest release: version 7.44.0 on Aug. 12, 2015 (9 years, 8 months ago).

• • 
  • 
• • 
  • 
  • 
  • 
  • 
  • 
  • 
• • general

(2)★★★★Socat (#108, 37)

A utility similar to the venerableNetcat that works over a number of protocols and through a files, pipes, devices (terminal or modem, etc.), sockets (Unix, IP4, IP6 - raw, UDP, TCP), a client for SOCKS4, proxy CONNECT, or SSL, etc. It provides forking, logging, and dumping, different modes for interprocess communication, and many more options. It can be used, for example, as a TCP relay (one-shot or daemon), as a daemon-based socksifier, as a shell interface to Unix sockets, as an IP6 relay, for redirecting TCP-oriented programs to a serial line, or to establish a relatively secure environment (su and chroot) for running client or server shell scripts with network connections.Read 2 reviews.

Latest release: version 2.0.0-b4 on Aug. 2, 2010 (14 years, 9 months ago).

• • 
• • 
  • 
  • 
  • 
  • 
• • general
  • packet-crafters

8 tools

Categories

• Antimalware (3)
• Application-specific scanners (3)
• Web browser–related (4)
• Encryption tools (8)
• Debuggers (5)
• Firewalls (2)
• Forensics (4)
• Fuzzers (4)
• General-purpose tools (8)
• Intrusion detection systems (6)
• Packet crafting tools (6)
• Password auditing (12)
• Port scanners (4)
• Rootkit detectors (5)
• Security-oriented operating systems (5)
• Packet sniffers (14)
• Vulnerability exploitation tools (11)
• Traffic monitoring tools (10)
• Vulnerability scanners (11)
• Web proxies (4)
• Web vulnerability scanners (20)
• Wireless tools (5)