Security Tools

source : google

Security Tools

Password crackers - guesses to crack the password and access the system.

Aircrack-ng, Crowbar, John The Ripper (‘JTR’ or ‘John)’ , L0phtcrack, Medusa, Ophcrack, Rainbowcrack, Solarwinds, THC Hydra, Wfuzz, Cain and Abel, Pwdump,  Brutus.

Wireless hacking tools - hack into a wireless network to detect security vulnerabilities.

Kismet, Pixiewps, Reaver, Wifite, Bully, Aircrack-ng, Wifite, Airgeddon, Wifiphisher, Fern WiFi, Wireless Cracker, inSSIDer, KisMAC.

Network scanning and hacking tools - probe network devices, servers, and hosts for open ports.

Acunetix, Solarwinds, Intruder, OpenVAS, Wireshark, Nikto, Angry IP Scanner, Advanced IP Scanner, Qualys Freescan, SoftPerfect Network Scanner, Retina Network Security Scanner, Nmap, Nessus, Metasploit Framework, Snort, OpennSSH, Nexpose, Fiddler, Spyse, Xirrus Wi-Fi inspector, GFI LanGuard, Total Network Monitor, IronWasp, MyLanViewer Network/IP Scanner, Splunk, NetXMS, NetworkMiner, Icinga2, Capsa Free, PRTG Network Monitor Freeware, MiTeC Network Scanner, SoftPerfect Network Scanner, Network DeepScan.

Packet crafting tools - probe and test a firewall’s robustness using specially crafted forged packets.

Hping, Ostinato, Scapy, Libcrafter, Yersinia, packETH, Colasoft Packet Builder, Bit-Twist, Libtins, Netcat, WireEdit, epb – Ethernet Packet Bombardier, Fragroute, Mausezahn, EIGRP-tools

Packet sniffers - capture and analyze packets within traditional Ethernet LANs or WLANs.

Wireshark, Tcpdump, Kismet, Ettercap, Dsniff, inSSIDer, Cain and Abel, Caspa, Aircrack-ng

Rootkit detectors - directory and file integrity checker used by white hats to detect installed root kits.

Advanced Intrusion Detection Environment (AIDS) , Dumpsec, HijackThis, SysInternals, Tripwire, Chkrootkit, Rootkit Hunter, ClamAV, BotHunter, avast! Linux Home Edition, NeoPI, Ourmon, Grep.

Fuzzers - attempts to discover a computer system’s security vulnerabilities.

Peach Fuzzer, Spike Proxy, Webscarab, OWASP WSFuzzer, afl, ajpfuzzer, backfuzz, bfuzz, browser-fuzzer, bunny, burpsuite, choronzon, cirt-fuzzer, conscan, cookie-cadger, crlf-injector, dharma, dizzy, domato, doona, easyfuzzer, firewalk, flyr, frisbeelite, ftester, ftp-fuzz, fuddly, fusil, fuzzball2, fuzzdb, fuzzdiff, fuzzowski, grammarinator, grr, hexorbase, hodor, honggfuzz, http-fuzz, ifuzz, ikeprober, jbrofuzz, kitty-framework, malybuzz, manul, melkor, notspikefile, oat, ohrwurm, oscanner, peach, peach-fuzz, pentbox, portmanteau, powerfuzzer, profuzz, pulsar, pyjfuzz, radamsa, ratproxy, s3-fuzzer, sandsifter, sfuzz, sloth-fuzzer, smtp-fuzz, snmp-fuzzer, socketfuzz, spiderpig-pdffuzzer, spike-fuzzer, sploitego, sqlbrute, sshfuzz, sulley, taof, tcpcontrol-fuzzer, termineter, tftp-fuzz, thefuzz, trinity, unifuzzer, uniofuzz, uniscan, w3af, wapiti, webscarab, webshag, wfuzz, wsfuzzer, zzuf

Forensic tools - sniff out any trace of evidence existing in a particular computer system.

Binwalk, bulk-extractor, Capstone, chntpw, Cuckoo, dc3dd, ddrescue, DFF, diStorm3, Dumpzilla, extundelete, Foremost, Galleta, Guymager, iPhone Backup Analyzer, p0f, pdf-parser, pdfid, pdgmail, peepdf, RegRipper, Volatility, Xplico

Debugger tools - reverse engineer binary files when writing exploits or malware analysis.

apktool, dex2jar, diStorm3, edb-debugger, jad, javasnoop, JD-GUI, OllyDbg ,smali, Valgrind, YARA, GDB: “The GNU Project Debugger”, IDA Pro, Immunity Debugger, windbg

Hacking operating systems - designed operating systems preloaded with tools and technologies optimized for hacking.

Kali Linux, Cyborg Hawk Linux, Parrot Security OS, BackBox, Live Hacking OS, DEFT Linux, Samurai Web Testing Framework, Network Security Toolkit(NST), Bugtraq-II, NodeZero, Pentoo, BlackBuntu, Knoppix STD, Weakerthan, BlackArch Linux, Matriux Linux, Dracos Linux, Fedora Security Lab, Caine, GnackTrack, URIX OS

Encryption tools - use algorithm schemes to encode the data to prevent unauthorized access to the encrypted data.

Tor, Stunnel, Open SSH, Gnupg PGP, Keepass, Keepassx, Openssl, Openvpn, Password Safe.

Vulnerability exploitation tools - determine whether a remote host is vulnerable to a security attack.

Metasploit, w3af, Core Impact, sqlmap, Canvas, Social Engineer Toolkit, sqlninja, Netsparker, BeEF, dradis, WebGoat, RedSeal Vulnerability Advisor, Mantra,

Vulnerability scanners - scan a network or system to identify open ports.

Abbey Scan, Acunetix WVS, AppScan on Cloud, AppScan, App Scanner, AppSpider, AppTrana Website Security Scan, Arachni, AVDS, BlueClosure BC Detect, BREACHLOCK Dynamic Application Security Testing, Burp Suite, Contrast, Detectify, Digifort- Inspect, edgescan, GamaScan, Grabber, Gravityscan, Grendel-Scan, GoLismero, IKare, ImmuniWeb, InsightVM, Intruder, Indusface Web Application Scanning, N-Stealth, Nessus, Netsparker, Nexpose, Nikto, Probely, Proxy.app, QualysGuard, Retina, Ride (REST JSON Payload fuzzer), Securus, Sentinel, SOATest, StackHawk, Tinfoil Security, Trustkeeper Scanner, Vega, Vex, Wapiti, Web Security Scanner, WebApp360, WebCookies, WebInspect, WebReaver, WebScanService, Websecurify Suite, Wikto, w3af, Zed Attack Proxy

Share this post