Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Top 15 Security Tools and Utilities
Top 15 Security Tools and Utilities
1. Nmap
Nmap is a free open source utility for security auditing and network exploration. Nmap("Network Mapper") was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services(application name and version) those hosts are offering, what operating systems(and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap is a very versatile tool, once you fully understand the results. Nmap runs on most types of computers and both console and graphical version are available. Nmap is free and open source
Nmap can be used by beginners(-sT) or by pros alike(-packet_trace).
Nmap available for download here: http://www.insecure.org/nmap/download.html
2. Nessus Remote Security Scanner
Recently went closed source, but still there are free versions available. This tool works with a client-server framework
Nessus is the world's most popular vulnerability scanner used in over 100,000 organizations world-wide. Many of the world's largest organizations are realizing significant cost saving by using Nessus to audit business-critical enterprise device and applications.
Nessus available for download here: http://www.nessus.org/download/
3. John the Ripper
John the Ripper is a fast password cracker, currently available for many distributions of Unix(11 are officially supported), DOS, Win32, BeOS and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt password hash types, it also supports types that are most commonly found on various Unix flavours, Windows NT/2000/XP/2003, Kerberos AFS, LM hashes, plus several more with contributed patches.
John the Ripper available here: http://www.openwall.com/john/
4. Nikto
Nikto us an Open Source(GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 32,000 potentially dangerous files/CGI's, versions on over 625 server, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated(if desired).
Nikto is a good CGI scanner, there are some other tools that go well with Nikto(focus on http fingerprinting or Google hacking/info gathering etc.)
Nikto available for download here: http://www.cirt.net/code/nikto.shtml
5. SuperScan
Powerful TCP port scanner, pinger and resolver. SuperScan 4 is an update of the highly popular Windows Port Scanning Tools, SuperScan.
If you need an alternative for nmap on Windows with a decent interface, you should check this
SuperScan available for download here: http://www.snapfiles.com/get/superscan.html
6. Pof
Pof v.2 is a versatile passive OS fingerprinting tool. Pof can identify the operating system on:
machines that connect to your box(SYN mode)
machines that connect to (SYN + ACK mode)
machines you cannot connect to(RST mode)
machines whose communications you can observe
Basically it can fingerprint anything, just by listening, it doesn't make any active connections to the target machine.
Pof available for download here: http://lcamtuf.coredump.cx/p0f/p0f.shtml
7. Wireshark(Formerly Etheral)
Wireshark is a GTK+ -based network protocol analyser, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyser for Unix and give Wireshark features that are missing from closed-source sniffers.
Works great on both Linux and Windows(with a GUI), easy to use and can reconstruct TCP/IP Streams!
Wireshark available for download here: http://www.wireshark.org/
8. Eraser
Eraser is an advanced security tool(for Windows) which allows you to complete remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Work with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU Genereal Public License
Eraser is an excellent tool for keeping your data really really safe, if you've deleted it, make sure it really gone. You don't want it hanging around to bite you in the ass ;)
Eraser available for download here: http://www.heidi.ie/eraser/download.php
9. PuTTY
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platform, along with an xterm terminal emulator. A must have for any h4xor wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients
PuTTY available for download here: http://www.chiark.greenend.org.uk/~sgtatham/putty/
10. Yersinia
Yersinia is a network tool designed to take advantage of some weakness in different Layer 2 protocols. It pretends to be a solid framework for analysing and testing the deloyed networks and systems. Currently, the following network and protocols are implemented: Spanning Tree Protocol(STP), Cisco Discovery Protocol(CDP), Dynamic Trunking Protocol(DTP), Dynamic Host Configuration Protocol(DHCP), Hot Standby Router Protocol(HSRP), IEEE 802.1q, Inter-Switch Link Protocol(ISL), VLAN Trunking Protocol(VTP).
Yersinia available for download here: http://www.yersinia.net/
11. Cain and Abel
This tools is the a hacker's personal favourite for password cracking of any kind
Cain and Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kinds of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analysing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort
Get Cain and Abel here: http://www.oxid.it/cain.html
12. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring(rfmon) mode , and can sniff 802.11b, 802.11a and 802.11g traffic.
A good wireless tool as long as your card supports rfmon.
Kismet available for download here: http://linux.softpedia.com/progDownload/Kismet-Download-327.html
13. LCP
LCP is mainly used for user account passwords auditing and recovery in Windows NT/2000/XP/2003. Account information import, Passwords recovery, Brute Force session distributionm Hashes computing.
A good alternative for OphCrack
Get LCP here: http://www.lcpsoft.com/english/download.htm
14. NetStumbler
A decent wireless tool for Windows! It is sadly not as powerful as it's linux counterparts, but it's easy to use and has a nice interface, good for the basics of war-driving.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks(WLANs) using 802.11b, 802.11a and 802.11g. It certainly has many uses
Verify that your network is set up the way you intended
Find locations with poor coverage in your WLAN
Detect other networks that may be causing interference on your network
Detect unauthorized "rogue" access points in your workplace
Helps aim directional antennas for long-haul WLAN links
Use it recreationally for WarDriving
Get NetStumber here: http://www.stumbler.net/
15. hping
Something a little more advanced if you want to test your TCP/IP packet monkey skills.
hping is a command line oriented TCP/IP packet assembler/analyser. The interface is inspired to the ping unix command, but hping isn't only able to send ICMP echo requests. It supports TCP, UDP, UCMP and RAW-IP protocols, has a traceroute mode, the abiity to send files between a covered channel, and many other features.
hping available for download: http://www.hping.org/
Darknet(http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/) has a great list of tools helps to check the vulnerabilities of your computer or a friend's computer that gave you permission. If you are interested in hacking, Darknet is a great resource.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment