This is a list of available software and hardware tools that are designed for or are particularly suited to various kinds of security assessment and security testing.
Operating systems and tool suites
Several operating systems and tool suites provide bundles of tools useful for various types of security assessment.
Operating system distributions
- Kali Linux (formerly BackTrack), a penetration-test-focused Linux distribution based on Debian
- Pentoo, a penetration-test-focused Linux distribution based on Gentoo
- ParrotOS, a Linux distro focused on penetration testing, forensics, and online anonymity.
Tools
Tool | Vendor | Type | License | Tasks | Commercial status |
---|---|---|---|---|---|
Aircrack-ng | GPL | Packet sniffer and injector; WEP encryption key recovery | Free | ||
Metasploit | Rapid7 | application, framework | EULA | Vulnerability scanning, vulnerability development | Multiple editions with various licensing terms, including one free-of-charge. |
Nessus | Tenable Network Security | Proprietary; GPL (2.2.11 and earlier) | Vulnerability scanner | ||
Nmap | terminal application | GPL v2 | computer security, network management | Free | |
OpenVAS | GPL | ||||
Nikto Web Scanner | GPL | ||||
SQLmap | |||||
Wireshark | Riverbed Technology (sponsor) | desktop application | GPL2 | Network sniffing, traffic analysis | Free. also offers limited vendor support, professional tools, and hardware for a fee |
External links
- SecTools.org: Top 125 Network Security Tools – a list of security tools suggested by a community