Tools by ranking

23 ▴ 1. Buttercup for desktop (cross-platform password manager) password management The typical users have at least a multitude of ten when it comes to passwords. Ensuring that every website has a unique password and remembering, is almost impossible. Passwords managers like Buttercup help with the generation and secure storage of these secrets. It is freely available and open source, making it a good alternative for commercial options. Password Password manager Secret Secret storage

49 ▴ 2. GRR Rapid Response (remote live forensics for incident response) digital forensics, intrusion detection, threat hunting The goal of the GRR tooling is to support digital forensics and investigations. By using a fast and scalable model, analysts can quickly perform their analysis. One of the main features is the ability to search for particular information or details. This process is called hunting. Digital forensics Forensics Intrusion Detection Threat detection Threat hunting

2 ▾ 3. BetterCAP (MitM tool and framework) bypassing security measures, penetration testing, security assessment BetterCAP is often used by those who perform penetration testing and security assessments. This tool and framework is in particular useful for attempting man-in-the-middle attacks (MitM). Framework MitM

2 ▾ 4. detectem (software enumeration) application security, application testing, reconnaissance, vulnerability scanning Detectem can be a good early vulnerability detection system. By scanning regularly the dependencies of web applications, old versions of tools can be detected and upgraded. This tool is also helpful for penetration tests to find out what kind of software components are used. Enumeration Reconnaissance Vulnerability discovery

2 ▾ 5. Anchore (container analysis and inspection) system hardening Anchore is a tool to help with discovering, analyzing and certifying container images. These images can be stored both on-premises or in the cloud. The tooling is mainly focused on developer so that perform analysis on their container images. Typical actions include running queries, creating reports, or set up policies for a continuous integration and deployment pipeline. Container Docker Vulnerability scanner

2 ▾ 6. MISP (Malware Information Sharing Platform) fraud detection, information gathering, threat hunting MISP collects, stores, and distributes security indicators and discovered threats. This makes the platform useful for those involved with security incidents and malware research. Users benefit from having a well-tested platform to structure the vast number of data points available when it comes to security threats. The tooling allows interaction with other tools, like security incident and event management (SIEM) and intrusion detection systems (IDS). Data sharing Fraud detection Malware classification Malware identification Threat analysis

14 ▴ 7. osquery (operating system query tool) compliance testing, information gathering, security monitoring The osquery tool allows querying your Linux, Windows, and macOS infrastructure. It can help with intrusion detection, infrastructure reliability, or compliance. File Integrity Monitoring Information gathering

3 ▾ 8. Privacy Badger (privacy protection for browsers) privacy enhancement Privacy Badger provides protection against website visitor trackers. These trackers come in the form of beacons or invisible pixels and have the goal to collect information about the browser. This data is often shared by third parties and used to create a profile of a particular browser. As minor differences for each user may lead to an individual user, these third parties may even link some of the data to the related individual. Tools like Privacy Badger do not provide gu... Ad blocker Anti-tracking Privacy

3 ▾ 9. Cryptomator (client-side encryption for cloud services) data encryption Cryptomator is a multi-platform tool for transparent client-side encryption of your files. It is used together with cloud services to ensure you are the only one who can access the data. Cloud security Data transfer Encryption

3 ▾ 10. Frida (reverse engineering tool) black-box testing, reverse engineering Frida allows developers and researchers to inject custom scripts into black box processes. This way it can provide a hook into any function, allowing to trace executed instructions. The source code is not needed. Frida even allows direct manipulation and see the results. The tool comes with bindings for different programming languages, allowing to interact with processes. Example of the bindings that Frida provides include Python, Swift, .NET, Qt/Qml, and C API. Black box Dynamic analysis Reverse engineering

3 ▾ 11. Lynis (security scanner and compliance auditing tool) IT audit, penetration testing, security assessment, system hardening, vulnerability scanning Lynis can detect vulnerabilities and configuration flaws. Where a typical vulnerability scanner will just point out vulnerabilities, Lynis aims for continuous improvement. For this reason, it requires to be executed on the host system itself and providing more details than the average vulnerability scanner. Audit Compliance Configuration audit Docker OS security

3 ▾ 12. hashcat (password recovery tool) password discovery Hashcat can be used to discover lost passwords, or as part of a security assignment. For example, it could be trying to crack a password from a password file that was obtained during a penetration test. Password Password cracker

3 ▾ 13. KeeWeb (password manager compatible with KeePass) password management Password managers help to store sensitive data. This may include passwords, secret questions with their answers, or other private information. Password manager Secret storage

3 ▾ 14. Infection Monkey (security testing for data centers and networks) service exploitation, system exploitation This tool is useful for security assessments to test for weaknesses within the network. By automating the exploitation phase as much as possible, it will help finding any weak targets within the boundaries of the data center. Exploitation Infect Propagation Security automation

3 ▾ 15. Faraday (collaboration tool for penetration testing) collaboration, penetration testing, security assessment, vulnerability scanning Faraday helps teams to collaborate when working on penetration tests or vulnerability management. It stores related security information in one place, which can be easily tracked and tested by other colleagues. Collaboration Pentesting Security audit

3 ▾ 16. TheHive (security incident response platform) digital forensics, incident response, intrusion detection TheHive is scalable and a complete platform to deal with security incidents. It allows for collaboration between those responsible for dealing with such incidents and related events. It can even use the data of the MISP project, making it easier to start analyzing from there. Digital forensics Forensics Incident response IOC Malware analysis

3 ▾ 17. Brakeman (static code analyzer for Ruby on Rails) code analysis Brakeman is a static code analysis tool for Ruby on Rails to perform a security review. It comes as an open source project with optional commercial support. Code review Ruby on Rails Static code analysis

3 ▾ 18. PTF (manage your pentesting toolbox) penetration testing, security assessment, software management, software testing PTF or the PenTesters Framework is a Python script to keep your penetration testing toolkit up-to-date. It is designed for distributions running Debian, Ubuntu, Arch Linux, or related clones. PTF will do the retrieval, compilation, and installation of the tools that you use. As it is a modular framework, you can use many of the common pentesting tools or add your own tools. Pentesting Software Software repository Software testing

3 ▾ 19. Archery (vulnerability assessment and management) penetration testing, vulnerability management, vulnerability scanning, vulnerability testing Archery is a tool that helps to collect data about vulnerabilities within an environment. Instead of focusing on the actual scanning, it allows managing findings in a web-based interface. This includes options like reporting, searching, and dashboards. It can interact with other tools, including the well-known vulnerability scanners. Vulnerability discovery Vulnerability management Vulnerability scanner

3 ▾ 20. ClamAV (malware scanner) malware analysis, malware detection, malware scanning ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often... Backdoor Malware Malware scanner Trojan Horse Virus

3 ▾ 21. Intrigue Core (attack surface discovery) asset discovery, attack surface measurement, intelligence gathering, OSINT research, penetration testing, security assessment Intrigue Core provides a framework to measure the attack surface of an environment. This includes discovering infrastructure and applications, performing security research, and doing vulnerability discovery. Intrigue also allows enriching available data and perform OSINT research (open source intelligence). The related scans include DNS subdomain brute-forcing, email harvesting, IP geolocation, port scanning, and using public search engines like Censys, Shodan, and Bing. Asset discovery Data enrichment Malware classification Reconnaissance Vulnerability discovery

3 ▾ 22. Suricata (network IDS, IPS and monitoring) information gathering, intrusion detection, network analysis, threat discovery Suricata can be used as part of a Network Security Monitoring (NSM) ecosystem. You could use it to log HTTP requests, log and store TLS certificates, extract files from flows and store them to disk. IDS IPS NIDS Threat detection

3 ▾ 23. IVRE (reconnaissance for network traffic) digital forensics, information gathering, intrusion detection, network analysis IVRE is a framework to perform reconnaissance for network traffic. It leverages other tools to pull in the data and show it in the web interface. Network analysis Network discovery Network security monitoring Network sniffing Reconnaissance

2 ▾ 24. radare2 (reverse engineering tool and binary analysis) digital forensics, reverse engineering, software exploitation, troubleshooting Radare2 is a popular framework to perform reverse engineering on many different file types. It can be used to analyze malware, firmware, or any other type of binary files. Besides reverse engineering, it can be used for forensics on filesystems and do data carving. Tasks can be scripted and support languages like JavaScript, Go, and Python. Even software exploitation is one of the functions it can be used in. Binary analysis Disk forensics Forensics Malware analysis Reverse engineering

2 ▾ 25. mitmproxy (TLS/SSL traffic interception) network analysis, penetration testing, security assessment The mitmproxy tool allows to intercept, inspect, modify, and replay traffic flows. It may be used for pentesting, troubleshooting, or learning about SSL/TLS. HTTP proxy MitM SSL TLS Traffic analysis

1 ▾ 26. Social-Engineer Toolkit (social engineering toolkit) social engineering The Social-Engineer Toolkit (SET) is an open source penetration testing framework. SET is written in Python and helps with assignments that require social engineering. The toolkit has been presented at large-scale conferences like Black Hat and DEF CON and covered in several books. This publicity definitely helped to make it more familiar in the information security community. Social engineering

1 ▾ 27. aircrack-ng (WiFi auditing toolkit) hardware security, network scanning, security assessment Aircrack-ng is a security toolkit to perform WiFi auditing. It can be useful for security assessments to test the security of the wireless network. WiFi WiFi security Wireless

12 ▴ 29. KeePassXC (cross-platform password manager) password management, secure storage KeePassXC is a cross-platform platform to store sensitive data like passwords, keys, and other secrets. It has a graphical user interface and is written in C++. Password Password manager

2 ▾ 30. Thug (low-interaction honeyclient) learning, malware analysis, threat discovery The honeypot concept is a well-known technique to collect attack patterns on servers and systems. Tools like Thug are considered to be a honeyclient, or client honeypot. These tools collect attacks against client applications. For example by mimicking a web application and visit a malicious page to see if any code is attacking the application. Honeyclient Honeypot

2 ▾ 31. Moloch (network security monitoring) network security monitoring, security monitoring Tools like Moloch are a great addition to everyone working with network data. One common use-case is that of network security monitoring (NSM). Here is can help with making all data more accessible and finding anomalies in the data. Network monitoring NSM Packet capture

2 ▾ 32. Commix (command injection tool for web applications) With Commix it becomes easier to find and exploit a command injection vulnerability in a vulnerable parameter or related HTTP header. Command injection Web application security Web application testing

2 ▾ 33. OpenSSL (TLS and SSL toolkit) certificate management, data encryption This popular toolkit is used by many systems. It provides options like encryption and hashing of data, integrity testing, and digital certificates and signatures. Many software applications use the toolkit to provide support for these functions. OpenSSL also has a client utility that can be used on the command line to test, decrypt and encrypt data, and create certificates. Crypto Digital certificate SSL TLS

2 ▾ 34. CAIRIS (tool to model secure and usable systems) Tools like CAIRIS can be used to build security into your software and system designs. It allows the user to track interactions between objects, data points, and related risks. Security design

2 ▾ 35. django-guardian (per object permissions for Django) application security The django-guardian project is typically used in environments and projects where the default Django permissions are not enough. For example, an application with multiple users and many objects may require detailed permissions on who can see a particular record. This could go as far as giving only the creator of a record (=object) access plus the people with a particular access level. Django

2 ▾ 36. OpenStego (steganography tool) data hiding, watermarking OpenStego is a free steganography solution to hide data in other files like images, or add a watermark to them. Data exfiltration Data hiding Steganography Watermarking

2 ▾ 37. itsdangerous (sign data to ensure integrity) application security, data integrity You may need to send some data to untrusted environments. To do this safely, the data needs to be signed. The receiver can check if the signature is correct, while the sender is the only one who can create the appropriate signature. Data integrity Digital signature

2 ▾ 38. OpenVAS (vulnerability scanner) penetration testing, security assessment, vulnerability scanning OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution. CVE Vulnerability Vulnerability discovery Vulnerability management Vulnerability scanner

2 ▾ 39. testssl.sh (TLS/SSL configuration scanner) application testing, configuration audit testssl.sh is a command line tool which checks a system on any port for the support of TLS/SSL ciphers, protocols, as well as some cryptographic flaws. Crypto SSL TLS Vulnerability scanner

2 ▾ 40. hBlock (ad blocking and tracker/malware protection) malware protection, privacy enhancement, provide anonymity For the privacy-aware users, tools like hBlock can be helpful to block malicious domains, malware, advertisements, and trackers. Trackers could be pixels added to websites to track which pages you visited, which might invade your privacy. Ad blocker Anonymity Anti-tracking Malware Privacy

2 ▾ 41. The Sleuth Kit (toolkit for forensics) criminal investigations, digital forensics, file system analysis The Sleuth Kit is a forensics tool to analyze volume and file system data on disk images. With its modular design, it can be used to carve out the right data, find evidence, and use it for digital forensics. Digital forensics Disk forensics Forensics

2 ▾ 42. Safety (vulnerability scanner for software dependencies) penetration testing, security assessment, security monitoring, vulnerability scanning When having applications deployed in your environment, not all of those may be installed via a package manager. When your infrastructure grows, it becomes even harder to know which tools are properly patched and which ones are not. For Python applications, this is where Safety comes in that can help scan installed software components via pip. It will also look at any of the dependencies that are installed. Vulnerability discovery Vulnerability scanner

1 ▾ 43. SpiderFoot (OSINT tool) information gathering SpiderFoot can be used offensively during penetration tests, or defensively to learn what information is available about your organization. CLI Footprinting OSINT Reconnaissance Web interface

160 ▴ 44. sslh (SSL/SSH multiplexer) bypassing firewall rules, protocol multiplexing A typical use case for multiplexing is to allow serving several services on one port. Port 443 is commonly used, as that is typically opened on firewalls to allow HTTPS traffic. By multiplexing it, you can also use SSH or other services on the same port. Multiplexer SSH SSL

1 ▾ 45. Loki (file scanner to detect indicators or compromise) digital forensics, intrusion detection, security monitoring Loki is security tool to find so-called indicators of compromise (IOC). It does this by scanning files and then uses pattern matching. Indicators of compromise Intrusion Detection IOC Malware detection Malware scanner

1 ▾ 46. graudit (static code analysis tool) code analysis Analysis of source code helps to find programming flaws including those that can lead to software vulnerabilities. Graudit helps to uncover these by searching through the files and discover possible flaws. The tool supports languages like ASP, C, Perl, PHP, Python, and others. Analysis Code review Code security Static code analysis Vulnerability discovery

1 ▾ 47. Cppcheck (static code analyzer) code analysis Cppcheck is a static code analysis tool for C and C++ code. It helps to discover bugs that would not be picked up by compilers, yet avoid any false positives. Code review Static code analysis

1 ▾ 48. cve-search (local CVE and CPE database) password strength testing, security assessment, vulnerability management, vulnerability scanning The primary objective of this software is to avoid doing direct lookups into public CVE databases. This reduces leaking sensitive queries and improves performance. Common Vulnerabilities and Exposures CPE CVE

1 ▾ 49. Cowrie (SSH/telnet honeypot) information gathering, learning, security monitoring, threat discovery Cowrie is a honeypot to emulate SSH and telnet services. It can be used to learn attack methods and as an additional layer for security monitoring. Honeypot Service emulation SSH SSH honeypot

1 ▾ 50. BleachBit (system cleaner and privacy tool) BleachBit is an open source tool focused on maintaining your privacy by cleaning up sensitive data on the system. Browser history Log files Privacy

1 ▾ 51. ntopng network analysis, troubleshooting ntopng is the successor of the original ntop utility. It shows network usage by capturing traffic and provide insights on the usage. Analysis Network Network sniffing Traffic analysis

52. GasMask (open source intelligence gathering tool) information gathering GasMask is an open source intelligence gathering tool (OSINT). It can be used to discover more information about a particular target. The sources it uses include search engines like Bing, Google, and Yandex. Additionally it retrieves information from GitHub, YouTube, and social media platforms like Twitter. OSINT

53. Cutter (graphical user interface for radare2) binary analysis, malware analysis, reverse engineering Cutter is a graphical user interface for radare2, the well-known reverse engineering framework. It focuses on those who are not familiar enough with radare2, or rather have a graphical interface instead of the command-line interface that radare2 provides. Binary analysis GUI Malware analysis Reverse engineering

54. r2frida (bridge between Radare2 and Frida) application testing, binary analysis, memory analysis Both Radare2 and Frida have their own area of expertise. This project combines both, to allow a more extensive analysis of files and processes. Dynamic analysis Reverse engineering Static analysis

55. OpenSCAP (suite with tools and security data) security assessment, vulnerability scanning Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines SCAP System hardening Vulnerability scanner

56. UPX (executable packer) UPX is the abbreviation for "Ultimate Packer for eXecutables". It is considered to be a tool with a good compression ratio and fast decompression. It can be used to compress executables, making them smaller, while still having a low overhead of memory due to in-place decompression. Executables Packer

57. sqlmap (SQL injection and database takeover tool) penetration testing, security assessment, vulnerability scanning, web application analysis Tools like sqlmap are used to test the security of a database. The typical goal is to get control over the database instance by using different types of attacks like SQL injection. Exploitation SQL injection Vulnerability scanner

58. Vault (storage of secrets) password management, secrets management, secure storage Vault is a secret management tool created by HashiCorp. It allows storing secrets, such as key/value pairs, AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and other sensitive details. These secrets are typically used by software components and scripts. The benefit of using a secret management tool is that they no longer need to be stored in configuration files. Main features include leasing, key revocation, key rolling, and auditing. Password manager Secret Secret storage

59. LIEF (library for analysis of executable formats) binary analysis, malware analysis, reverse engineering In several occasions, it may be useful to perform analysis on binary file formats. Such occasion could be incident response, digital forensics, or as part of reverse engineering tasks. In these cases, a toolkit like LIEF can help to perform this job. It allows you to parse and modify the files. LIEF also will make information available an application programmable interface (API) for automated processing. Binary analysis ELF MachO Malware analysis Parser

17 ▾ 60. Fail2ban (log parser and blocking utility) network traffic filtering, security monitoring Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks Authentication Brute force SSH

61. django-axes (track failed login attempts for Django) application security This tool may be used by developers that work with the Django framework. It adds a security layer on top of the application by looking at login attempts and track them. Brute force Defense Django Web application security

62. Maltrail (malicious traffic detection system) intrusion detection, network analysis, security monitoring Maltrail monitors for traffic on the network that might indicate system compromise or other bad behavior. It is great for intrusion detection and monitoring. Heuristics Intrusion Detection Malware detection Sensor Traffic analysis

63. SSLyze (SSL/TLS server scanning library) penetration testing, security assessment, web application analysis SSLyze provides a library for scanning services that use SSL/TLS for encrypted communications. It can be used to test their implementation. Cipher Scanner SSL SSL/TLS scanner TLS

64. uncompyle6 (Python decompiler) binary analysis, code analysis A decompiler like uncompyle6 can be used to investigate Python-based software components that are compiled. These files can be recognized by their .pyc file extension. This tool has been written as several other decompilers were no longer maintained. So far this software seems to have a good number of contributors and regular updates. Decompiler Python

65. Manticore (dynamic binary analysis tool) binary analysis, malware analysis, reverse engineering Manticore is a so-called symbolic execution tool to perform a binary analysis. It supports Linux ELF binaries and Ethereum smart contracts. The tool helps with researching binaries and their behavior. This might be useful to learn how malware works and troubleshooting. Binary analysis ELF Reverse engineering Taint analysis

66. snallygaster (discover sensitive files on web servers) data leak detection, discovery of sensitive information, information leak detection This tool helps with detecting those files that you typically do not want to have exposed on your webservers. This includes files related to software repositories (e.g. .git), web shells,

67. BDA (vulnerability scan for Hadoop and Spark) application testing, vulnerability scanning, vulnerability testing BDA is a vulnerability scanner for big data tools like Hadoop and Spark. It searches for configuration weaknesses and reports them. Hadoop and Spark are one of the few applications that encounter a lot of data. So by securing these applications, a big leap can be made as it covers a lot of data. Hadoop Spark

68. Magic Unicorn (shellcode injection with PS downgrade attack) penetration testing, shellcode injection Magic Unicorn is a tool to perform a PowerShell downgrade attack and inject shellcode into memory. PowerShell

69. droopescan (CMS vulnerability scanner) web application analysis Droopescan can be used to test the security of several Content Management Systems (CMS). It mainly focuses on Drupal, SilverStripe, and Wordpress installations. Drupal Joomla SilverStripe WordPress

70. airgeddon (wireless security assessment tool) network analysis Tools like Airgeddon can be used to test the security of wireless networks. It is flexible and written in shell script, making it fairly easy to understand what is does and how it works. WiFi WiFi security Wireless

71. PCredz (extract data from pcap files) data extraction This tool can be of a great use to see what sensitive data leaks onto the network. This may be a public network or your own private network. Data extraction Pcap

72. gitleaks (repository search for secrets and keys) security assessment Gitleaks scans the repository, including history, for secrets and other sensitive data. This can be useful for both developers as security professionals to discover any leaks. Data leak Git Git mining

73. boofuzz (fuzzing framework) application fuzzing, vulnerability scanning Boofuzz is a framework written in Python that allows hackers to specify protocol formats and perform fuzzing. It does the heavy lifting of the fuzzing process. It builds on its predecessor Sulley and promises to be much better. Examples include the online documentation, support to extend the tooling, easier installation, and far fewer bugs. It comes with built-in support for serial fuzzing, the ethernet and IP layers, and UDP broadcasts. Fuzzing

74. BAP (binary analysis toolkit) binary analysis, malware analysis The main purpose of BAP is to provide a toolkit for program analysis. This platform comes as a complete package with a set of tools, libraries, and related plugins. There are bindings available for C, Python, and Rust. Binary analysis Dynamic analysis

75. ssh_scan (SSH configuration and policy scanner) penetration testing, security assessment, system hardening, vulnerability scanning The ssh_scan utility is a SSH configuration and policy scanner maintained by the Mozilla Foundation. It helps to secure Linux systems running the OpenSSH. Configuration audit Scanner SSH Vulnerability scanner

76. Gophish (phishing toolkit) security awareness Phishing tools are a good option to test the security awareness within an organization. By setting up a phishing project, the tester can find out how many people in an organization fall for a predefined trap. Phishing Security awareness

77. kubeaudit (Kubernetes security scanner) configuration audit, security awareness Kubeaudit is a command line tool to audit Kubernetes clusters. It helps to test on various security risks, that may be introduced during deployment. Kubernetes

78. AIL framework (framework to parse data of information leaks) data extraction, data leak detection, information leak detection, security monitoring AIL is a modular framework which helps to analyze potential information leaks. The framework is flexible and supports different kinds of data formats and sources. For example, one of the sources is the collection of pastes from Pastebin. A tool like AIL is commonly used to detect or even prevent data leaks. Data leak Information leaks

79. TANNER (intelligence engine for SNARE tool) security monitoring TANNER is the 'brain' of the SNARE tool. It evaluates its events and alters the responses to incoming requests depending on the type of attacks. Honeypot Web application honeypot

80. gosec (Golang security checker) code analysis, safe software development Gosec is a security tool that performs a static code analysis for Golang projects for security flaws. The scan is performed on the so-called abstract syntax tree (AST). Gosec checks for common flaws that may be part of the selected project. Code review Code security Static code analysis

81. Ruler (Exchange pentest tool) penetration testing, security assessment The main aim for this tool is abusing the client-side Outlook features and gain a shell remotely. Exploitation Microsoft Exchange Shell

82. BlackBox (store secrets in Git/Mercurial/Subversion) password management, secure storage Typically you do not want to store any secrets in a software repository or version control system repository. However when there is still a need to give people access to sensitive parts, then BlackBox helps to do this in a more secure way. Git Password manager Password vault Secret Secret storage

83. Bleach (sanitizing library for Django) data sanitizing Bleach is a library for Django that can sanitize HTML by escaping and stripping harmful content. It provides a filter for untrusted content and disarms potential unwanted scripts from the input. This may be useful to apply to data that is transmitted via HTML forms or otherwise. Data Data sanitizing Django

84. changeme (credential scanner) password strength testing, security assessment Supported protocols: HTTP/HTTPS

MSSQL

MySQL

PostgreSQL

SSH

SSH with key Credentials Scanner

2 ▴ 85. BeEF (browser exploitation framework) The Browser Exploitation Framework (or BeEF) is a penetration testing tool that focuses on the web browser. Exploitation Pentesting Web browser

2 ▴ 86. CIRCLean (USB stick and drives cleaner) data sanitizing, data transfers Malware regularly uses USB sticks to infect victims. This solution can convert documents with potentially harmful code into disarmed data formats. This converted data is then stored on a trusted device. Data extraction Data sanitizing USB

3 ▴ 87. Kube-Bench (security benchmark testing for Kubernetes) Tools like Kube-Bench help with quickly checking configuration weaknesses or discovering bad defaults. Kubernetes

3 ▾ 88. Crowbar (brute forcing tool) penetration testing While most brute forcing tools take a similar approach, Crowbar can use different methods that are not always available in other utilities. For example, Crowbar can use SSH keys, instead of the typical username and password combination. This might be useful during penetration testing when these type of details are discovered. Brute force

3 ▾ 89. Docker Bench (by Aqua) (Docker security scanner) configuration audit Docker Bench is one of the tools that can be used to perform a security analysis on Docker and its configuration. It can find common configuration flaws that may impose risks to other containers or the host itself. Docker

1 ▾ 90. Sublist3r (subdomains enumeration tool) Sublist3r helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. DNS enumeration Enumeration Subdomain

91. pwdlyser (Password analysis and reporting tool) password strength testing, penetration testing The pwdlyser tool can help during penetration tests and security assignments to analyze cracked passwords and their strength. Password audit Password strength

92. passhport (OpenSSH proxy gateway) identity and access management With passhport SSH access can be done via a centralized system. There is support for roles, accounting, and authorizations of what commands can be used.

93. sudo_pair (paired system management with sudo) identity and access management, privileged access This plugin is useful for companies with strict regulations on access to systems, especially when its a privileged session. It may also be used for allowing a third party access to your systems with strict control and real-time monitoring of the session. Access control Least Privilege Sudo

94. GGRC (GRC solution) compliance testing The GGRC project has the goal to provide a solution to manage the challenges that come with complying with regulations. It provides a system to record information and capture the relationships between all the pieces. Compliance GRC

95. Patator (multi-purpose brute-force tool) password discovery, penetration testing, reconnaissance, vulnerability scanning Patator is based on similar tools like Hydra, yet with the goal to avoid the common flaws these tools have like performance limitations. The tool is modular and supports different types of brute-force attacks or enumeration of information. Brute force Password cracker Password guessing

96. Albatar (SQL injection exploit tool) penetration testing, security assessment, web application analysis Albatar has the focus on the situations where tools like sqlmap need to be adjusted to make an exploit work. It is written in Python and unlike sqlmap, it does not detect SQL injection vulnerabilities. SQL injection

97. SIPVicious (VoIP security testing) application testing SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It can be useful during penetrating testing and security assignments. Session Initiation Protocol SIP VoIP

98. arping (ARP scanner) network analysis arping is a tool for the discovery of hosts on a computer network using the Address Resolution Protocol (ARP). ARP Discovery Network

99. SMBMap (SMB enumeration tool) data leak detection, information gathering, penetration testing SMBMap allows scanning of file resources that are shared with the SMB protocol. The tool will list share drives, drive permissions, the share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. The tool was created for pentesters to simplify finding sensitive data, or at least test for it. Data leak Enumeration SMB