Resources
Home

Top 100 Security Tools

Welcome to Ciphent’s community-powered Top 100 Security Tools list! Here you will find links to your favorite security tools, from the “latest and greatest” to “old school”. The list includes both Open Source and Commercial tools and is a compendium of both “Attack“ (hacking tools) and “defensive” (security) tools. In some instances the tools are inter-changeable.

We hope that our “Tool Shed” becomes an invaluable resource for you. Please feel free to contact us if you know of any tools that you think we may have overlooked in our list, or any tools that you have developed and would like to share these with the community. Otherwise, take some time to vote on the tools to make sure your favorites makes it to the top of the list.

  • NitroGuard IPS

    Is an intrusion prevention appliance that actively detects, analyzes, and protects the network from an array of security attacks, including viruses, worms, spyware, Denial-of-Service (DoS) attacks, an

     

  • VMware

    Is Multi-platform Virtualization Software that lets you run one operating system within another, which is quite useful for security researchers who commonly need to test code, exploits, etc on multipl

     

  • OpenSSL

    Is a commercial-grade, and open source toolkit used for the implementation of Secure (SSL v2/v3) and (TLS v1) protocols.
     

  • Pwdump

    Is a Windows password recovery tool. Pwdump can extract NTLM and LanMan hashes from a Windows box, and is capable of displaying password histories.

     

  • Kismet

    Is a wireless sniffer that identifies networks by passively sniffing traffic. It has the ability to de-cloak hidden networks (when in use).

     

  • Netcat

    Is a utility that has been called the network Swiss army knife. This utility reads and writes data across TCP or UDP network connections.

     

  • NetWitness

    Is the most comprehensive network security monitoring solution ever developed.
     

  • Nessus3

    Was an open source vulnerability scanner until they closed the source code in 2005 and removed the free version in 2008.

     

  • Nmap ("Network Mapper")

    Is a free and open source (license) utility for network exploration or security auditing.

     

  • ArcSight

    The ArcSight SIEM Platform is an integrated set of products for collecting, analyzing, and managing enterprise events.

     

  • AccessData Forensics Toolkit

    This court-validated platform delivers cutting edge analysis, decryption and password. In addition, with FTK, you have the option of utilizing a back-end database.

     

  • Aircrack

    Aircrack is a suite of tools that can be leveraged as a WEP/WPA 802.11a/b/g cracking tool.

     

  • Arpwatch

    Keeps track of Ethernet/IP address pairings and can detect classic ARP man-in-the-middle attacks. In addition, it syslogs activity and reports changes via email.
     

  • Aruba Networks

    Is a complete wireless solution that has been highly rated as good or excellent.

     

  • BackTrack

    Is a Linux distribution Pen testing toolkit. It is an excellent CD bootable Linux distribution. It has a huge variety of Security and Forensics tools and a rich development environment.

     

  • Core Impact

    Is a very comprehensive penetration tool; perhaps the most powerful tool available.
     

  • Firewalk

    Is an advanced traceroute utility that utilizes traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks.

     

  • Fport™

    Is Foundstone's enhanced version of netstat. Freports all open TCP/IP and UDP ports on the machine you run it on and shows what application opened each port.
     

  • IDA PRO

    Is a Windows/Linux disassembler and debugger that facilitates the dissection of MS patches to discover silently fixed bugs and examines binaries to determine why an exploit fails to work.

     

  • IP Filter

    Is a portable UNIX Packet Filter that can be used to provide network address translation (NAT) as well as firewall services.

     

  • John the Ripper

    Is a powerful, multi-platform password hash cracker; that is currently available for many flavors of Unix, DOS, Win32, BeOS, and OpenVMS.
     

  • Knoppix

    Is a general-purpose bootable distro on CD or DVD.
     

  • LSoF : LiSt Open Files

    Is a Unix-specific diagnostic and forensics tool that lists information about any files that are open by processes currently running on the system.

     

  • Metasploit Framework

    Is an advanced open-source platform for developing, testing, and using exploit code.

     

  • OpenVPN

    Is an SSL VPN solution that is an open-source SSL VPN package that includes: remote access, site-to-site VPNs, WiFi security, load balancing, failover, and access-controls