Free and Open-Source Software: Difference between revisions
From SecurityTools
(→S: Added smap, link to Shodan) |
(Change all references to "Web Fuzzer" to "Fuzzer" and change text description to "fuzzing tool") |
||
(7 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
=== A === | === A === | ||
* [[Advanced Policy Firewall]] (apf) - A [[NetFilter]] firewall command-line management tool similar to [[IPTables]] | |||
* [[Advanced Port Scanner]] - A graphical port scanner for Windows which has the capability of identifying programs running on listening ports | * [[Advanced Port Scanner]] - A graphical port scanner for Windows which has the capability of identifying programs running on listening ports | ||
* [[AirCrack-NG]] - A complete suite of tools to assess WiFi network security | * [[AirCrack-NG]] - A complete suite of tools to assess WiFi network security | ||
Line 16: | Line 17: | ||
=== D === | === D === | ||
* [[dirb]] - A CLI [[Fuzzer|fuzzing t]]<nowiki/>[[Fuzzer|ool]] for finding hidden web objects based on dictionary attacks | |||
* [[dirb-gendict]] - A command line tool for generating dictionaries to be used with the above [[dirb]] tool | |||
* [[DirBuster JF|DirBuster]] (James Fischer) - A Java-based, [[Fuzzer|fuzzing tool]] with a graphical interface used for finding hidden URIs/web resources | |||
* [[DirBuster 1llusion|DirBuster]] (Mr1llusion) - A Python script [[Fuzzer|fuzzing tool]] used for finding hidden URIs/web resources from the command line | |||
=== E === | === E === | ||
Line 24: | Line 30: | ||
=== F === | === F === | ||
* [[ffuf - Fuzz Faster U Fool]] - A fast web fuzzer written in Go | * [[ffuf - Fuzz Faster U Fool]] - A fast web [[fuzzer]] written in Go | ||
* [[Firewall-cmd]] - The command-line client for the firewalld daemon | |||
* [[Firewall builder]] - A no-longer-maintained graphical interface to manage Netfilter/iptables, ipfw, PF, Cisco PIX, and other firewall rules | |||
* [[froggy]] - A subdomain enumeration tool | * [[froggy]] - A subdomain enumeration tool | ||
Line 30: | Line 38: | ||
* [[Garud]] - An automated reconnaisance tool which enumerates a target and all sub-domains and finds low-hanging fruit | * [[Garud]] - An automated reconnaisance tool which enumerates a target and all sub-domains and finds low-hanging fruit | ||
* [[GoBuster]] - A [[Brute Forcer|brute-forcing]] tool finding for hidden URIs, cloud hosts, DNS subdomains, and more | |||
* [[Gufw]] - A graphical interface for managing [[Uncomplicated Firewall]] rules | |||
=== H === | === H === | ||
Line 35: | Line 45: | ||
* [[Hashcat]] - A multi-operating system, high-speed password recovery tool | * [[Hashcat]] - A multi-operating system, high-speed password recovery tool | ||
* [[Hash Suite]] - A Windows-based high-performance password cracker | * [[Hash Suite]] - A Windows-based high-performance password cracker | ||
*[[httpx]] - A fast HTTP toolkit | * [[httpx]] - A fast HTTP toolkit | ||
=== I === | === I === | ||
* [[INetSim]] - A suite of tools for simulating Internet services to test network behavior of tools or unknown software | * [[INetSim]] - A suite of tools for simulating Internet services to test network behavior of tools or unknown software | ||
*[[IPTables]] - The userspace command line program used to configure | * [[IPTables]] - The userspace command line program used to configure Linux 2.4.x and later packet filtering rulesets | ||
=== J === | === J === | ||
Line 67: | Line 77: | ||
* [[NetCat]] - A networking utility which reads and writes data across network connections, using the [[wikipedia:Internet_protocol_suite|TCP/IP protocol]] | * [[NetCat]] - A networking utility which reads and writes data across network connections, using the [[wikipedia:Internet_protocol_suite|TCP/IP protocol]] | ||
* [[NetStumbler]] - A Windows-based wireless network detection tool used for wardriving and WiFi mapping | * [[NetStumbler]] - A Windows-based wireless network detection tool used for wardriving and WiFi mapping | ||
* [[ | * [[NFTables]] - The newer [[NetFilter]] userspace program replacing [[IPTables]] for Linux firewall management | ||
* [[Nikto]] - A free command-line utility vulnerability scanner | * [[Nikto]] - A free command-line utility vulnerability scanner | ||
* [[NMap]] - A network discovery and security auditing port/host scanner | * [[NMap]] - A network discovery and security auditing port/host scanner | ||
Line 95: | Line 105: | ||
=== S === | === S === | ||
* [[ | * [[SMap]] - A command-line options compatible replacement for [[NMap]] powered for the [https://www.shodan.io/ Shodan] port scanning API | ||
* [[Snort|Snort (Community Ruleset)]] - A free and open-source network intrusion detection system (NIDS) and intrusion prevention system (IPS) | * [[Snort|Snort (Community Ruleset)]] - A free and open-source network intrusion detection system (NIDS) and intrusion prevention system (IPS) | ||
Line 107: | Line 117: | ||
=== U === | === U === | ||
* [[Uncomplicated Firewall]] (UFW) - A command-line tool for managing NetFilter firewalls, available in Ubuntu and Debian distributions | |||
=== V === | === V === | ||
=== W === | === W === | ||
* [[Wfuzz]] - A web | * [[Wfuzz]] - A [[Fuzzer|fuzzing tool]] for finding hidden web resources | ||
* [[Wireshark]] - The world’s foremost, widely-used network protocol analyzer | * [[Wireshark]] - The world’s foremost, widely-used network protocol analyzer | ||
Latest revision as of 16:01, 27 September 2023
Free and Open-Source Software (FOSS) is software that is Free Software and Open-Source Software. There is so much FOSS in the security domain that I believe this warrants its own wiki page.
A[edit | edit source]
- Advanced Policy Firewall (apf) - A NetFilter firewall command-line management tool similar to IPTables
- Advanced Port Scanner - A graphical port scanner for Windows which has the capability of identifying programs running on listening ports
- AirCrack-NG - A complete suite of tools to assess WiFi network security
- Angry IP Scanner - A port and host scanner for Windows.
- AutoRecon - A multi-threaded network reconnaisance tool intended to save time in penetration testing environments and CTFs
B[edit | edit source]
- Burp Suite Community Edition - Web Application testing software
C[edit | edit source]
- Cain and Abel - A freely available Windows password sniffer and cracker
D[edit | edit source]
- dirb - A CLI fuzzing tool for finding hidden web objects based on dictionary attacks
- dirb-gendict - A command line tool for generating dictionaries to be used with the above dirb tool
- DirBuster (James Fischer) - A Java-based, fuzzing tool with a graphical interface used for finding hidden URIs/web resources
- DirBuster (Mr1llusion) - A Python script fuzzing tool used for finding hidden URIs/web resources from the command line
E[edit | edit source]
- EtherApe - A graphical network monitor and sniffer
- Ettercap - A suite of tools for Man-in-the-Middle (MITM) attacks
F[edit | edit source]
- ffuf - Fuzz Faster U Fool - A fast web fuzzer written in Go
- Firewall-cmd - The command-line client for the firewalld daemon
- Firewall builder - A no-longer-maintained graphical interface to manage Netfilter/iptables, ipfw, PF, Cisco PIX, and other firewall rules
- froggy - A subdomain enumeration tool
G[edit | edit source]
- Garud - An automated reconnaisance tool which enumerates a target and all sub-domains and finds low-hanging fruit
- GoBuster - A brute-forcing tool finding for hidden URIs, cloud hosts, DNS subdomains, and more
- Gufw - A graphical interface for managing Uncomplicated Firewall rules
H[edit | edit source]
- Hashcat - A multi-operating system, high-speed password recovery tool
- Hash Suite - A Windows-based high-performance password cracker
- httpx - A fast HTTP toolkit
I[edit | edit source]
- INetSim - A suite of tools for simulating Internet services to test network behavior of tools or unknown software
- IPTables - The userspace command line program used to configure Linux 2.4.x and later packet filtering rulesets
J[edit | edit source]
- John the Ripper - A multi-platform password cracker
K[edit | edit source]
- Kismet - A suite of tools for wireless sniffing, network and device detection, and wardriving
L[edit | edit source]
- L0phtCrack - An open-source password hash cracker
- Lynis - An open-source security auditing tool for Unix-based operating systems
M[edit | edit source]
- Maltego Community Edition - An open-source intelligence and graphical link analysis tool
- MASSSCAN - An extremely high-speed port scanner. Most famously used for scanning the entire internet in mere minutes
- mdk3 - A tool for exploiting common IEEE 802.11 protocol weaknesses
- Medusa - The massively speedy, highly parallel, modular login brute-forcing password cracker
N[edit | edit source]
- NCrack - A high-speed, multi-platform network authentication cracking tool
- NetCat - A networking utility which reads and writes data across network connections, using the TCP/IP protocol
- NetStumbler - A Windows-based wireless network detection tool used for wardriving and WiFi mapping
- NFTables - The newer NetFilter userspace program replacing IPTables for Linux firewall management
- Nikto - A free command-line utility vulnerability scanner
- NMap - A network discovery and security auditing port/host scanner
O[edit | edit source]
- OpenVAS - A full-featured vulnerability scanner forked from the Nessus code base in 2006
- ophCrack - An open-source Windows-password cracking program
- Oracle VirtualBox - An open-source system virtualization tool
- OSSEC - A free Host Intrusion Detection System (HIDS) tool
P[edit | edit source]
- p0f - An open-source, passive-listening traffic fingerprinting tool for Unix-based systems
- PimpMyKali - A script for fixing Kali virtualized system problems
- Port Authority - An Android based, high-speed scanner that allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts
- PortQry - A command-line port scanner which runs on Windows 2000 based servers
- PortQryUI - A graphical interface the the above-listed PortQry tool
- pwncat - A post-exploit tool for streamlining red team operations
Q[edit | edit source]
R[edit | edit source]
- Raccoon - An offensive security tool for reconnaissance and information gathering
S[edit | edit source]
- SMap - A command-line options compatible replacement for NMap powered for the Shodan port scanning API
- Snort (Community Ruleset) - A free and open-source network intrusion detection system (NIDS) and intrusion prevention system (IPS)
T[edit | edit source]
- tcpdump - A powerful command-line packet analyzer
- TCP Port Scanner - An application that uses high-speed SYN scanning to find open ports on a network
- Test My Defenses - A free website by ZScaler to test and advise on how to improve your protection against Ransomware
- THC-Hydra - A GPLed proof-of-concept password cracking tool
U[edit | edit source]
- Uncomplicated Firewall (UFW) - A command-line tool for managing NetFilter firewalls, available in Ubuntu and Debian distributions
V[edit | edit source]
W[edit | edit source]
- Wfuzz - A fuzzing tool for finding hidden web resources
- Wireshark - The world’s foremost, widely-used network protocol analyzer
X[edit | edit source]
Y[edit | edit source]
- Yuki Chan The Auto Pentest - A Linux-based automated penetration testing tool to audit standard security settings
Z[edit | edit source]
- Zed Attack Proxy - The world's most widely used web application scanner