In this article, I will bring you over 30 open source security tools that you must have to protect yourself. Synthesis of software, hacking and security tools that are free but very useful if you follow the Pentest route.
| Join the channel Telegram of the AnonyViet 👉 Link 👈 |
1. BetterCAP
BetterCAP commonly used by pentester and security reviewers. This tool and framework is very useful when performing man-in-the-middle (MitM) attacks.
2. MISP (Malware Information Sharing Platform)
MISP collect, store and distribute security metrics and detected threats. This makes the platform very useful for those involved in security incidents and malware research.
Users benefit from having a well-tested platform to structure the large amount of data points available when it comes to security threats.
The tool can also interact with other tools, such as security incident and event management (SIEM) and intrusion detection systems (IDS).
3. TheHive (security incident response platform)
TheHive It is extensible and a complete platform for dealing with security incidents. It allows the person responsible to deal with such incidents and related events.
It can even use MISP project data, making it easy to start analyzing the target network.
4. Archery (vulnerability assessment and management)
Archery is a tool to help collect data about vulnerabilities in a test environment. Instead of focusing on the actual scanning process, it allows the management of findings in a web interface.
This includes options like reporting, searching, and overviewing issues. It can interact with other tools, including well-known vulnerability scanners.
5. Intrigue Core (attack surface discovery)
Intrigue Core provides a framework for measuring the vulnerability of a test environment. This includes infrastructure and application discovery, security research, and vulnerability discovery.
Intrigue also allows to enrich existing data and perform OSINT (open source intelligence) research.
Scans include DNS subdomain brute force, email collection, IP geolocation, port scanning, and use of public search engines such as Censys, Shodan, and Bing.
6. IVRE (network traffic scout)
-digital forensics, information gathering, intrusion detection, network analysis-
IVRE is a framework that performs network traffic monitoring. It leverages other tools to get the data and display it in the web interface.
7. Moloch (cyber security monitoring)
-network security monitoring, security monitoring-
Tools like Moloch is a great addition for those who work with network data. One of the most common use cases is network security monitoring (NSM). This is a way that can make all data more accessible and better find anomalies in the data.
8. GasMask (open source intelligence gathering tool)
-Collect information-
GasMask is an open source intelligence collection tool (OSINT). It can be used to discover more information about a specific goal. The sources it uses include search engines like Bing, Google, and Yandex. In addition, it pulls information from GitHub, YouTube, and social networking platforms like Twitter.
9. Vault (storage secret)
-password manager, secret manager, secure storage-
Vault is a secret management tool created by HashiCorp. It allows users to store secrets, such as key/value pairs.
AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and other sensitive stuff. These secrets are often used by software and scripts.
The benefit of using a secret management tool is that they no longer need to be stored in configuration files. Key features include leasing, key revocation, key revocation, and auditing.
10. Maltrail (malicious traffic detection system)
-intrusion detection, network analysis, security monitoring-
Maltrail monitors traffic on the network and can indicate system intrusions or other bad behavior.
This tool is great to use for intrusion detection and monitoring.
11. Gophish (phishing toolkit)
-security awareness-
Gophish is the best phishing tool to test users’ perception of security in an organization. By setting up a scam project, testers can find out how many people in an organization fall into a pre-prepared trap.
12. AIL framework (data parsing and information leakage framework)
-data extraction, data leak detection, information leak detection, security monitoring-
AIL is a framework module that helps analyze potential information leaks. The framework is quite flexible and can also support different types of formats and data sources. For example, one of AIL’s data sources is Pastebin. A tool like AIL is often used to detect or even prevent data leaks.
13. Manticore (binary analysis tool)
-binary analysis, malware analysis, reverse engineering-
Manticore is a binary analysis tool. It supports Linux ELF binaries and Ethereum smart contracts. This tool helps to study binaries and their behavior. This can be helpful when learning how malware works and troubleshooting.
14. Snallygaster (detects sensitive files on web servers)
-data leak detection, sensitive information detection, information leak detection-
Snallygaster helps detect files that you would normally not want to expose on your web server. Including files related to software repositories (e.g. .git), web shells.
15. OpenSCAP (data security toolkit)
-security assessment, vulnerability scanning-
OpenSCAP is a group of tools that help administrators and auditors evaluate, measure, and enforce security baselines.
16. OpenVAS (vulnerability scanner)
-penetration testing, security assessment, vulnerability scanning-
OpenVAS is a framework that includes a number of services and tools that provide vulnerability scanning and vulnerability detection in a management solution.
17. CAIRIS (safety systems modeling tool)
Tools like CAIRIS can be used to build security measures for your software and system design. It allows users to track interactions between objects, data points, and associated risks.
18. Infection Monkey (security test for data centers and networks)
Infection Monkey Very useful for security assessment to check for weaknesses in the network. By automating the mining phase as much as possible, it will help us find any easy targets in the data center.
19. Lynis (security scanner and configuration checker)
Lynis can detect vulnerabilities and configuration errors. The tool has a scanner to find vulnerabilities, Lynis aims for continuous improvement.
For this reason, it requires to be executed on the host system itself and needs to provide more information than conventional vulnerability scanners.
20. Vuls (untargeted vulnerability scanner)
-system booster, vulnerability scan-
Vuls is a vulnerability scanner for Linux and FreeBSD. It is written in Go, and can be logged remotely to find software vulnerabilities. It has multiple scan levels, from quick scan to deep scan with extensive analysis.
21. The Zeek Network Security Monitor
Zeek It is a very powerful framework for network traffic analysis and security monitoring.
22. RapidScan – Multi-Tool Web Vulnerability Scanner
Target of RapidScan is to solve problems through automation. For example, run multiple scanning engines to detect vulnerabilities, evaluate effectiveness, etc.
23. TheFatRat
Thefatrat a Hack tool with many functions: Tool to easily create backdoors and exploit attacks like browser attacks, etc. This tool compiles malware with common payloads and then the malware is compiled can be executed on windows, android, mac. Malware created with this tool is also capable of bypassing most antivirus protections.
24. Osmedeus
Osmedeus allows you to automatically run a great collection of tools for reconnaissance and vulnerability scanning against your target.
25. Vulscan – Vulnerability Scan with Nmap
Vulscan is an enhanced module of nmap for vulnerability scanners. The nmap -sV option enables per-service versioning to be used to identify potential product flaws. The data will be looked up in the offline version of VulDB.
26. Sn1per
Sn1per Community Edition is an automated scanner that can be used during penetration testing to list and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting add-on for professional pentesters, bug hunters, and enterprise security teams to manage large environments.
27. Phpsploit
Phpsploit is full of features, and it can silently exist on the web server through the PHP oneliner.
28. Anubis
Anubis is a subdomain statistics and information gathering tool. Anubis collates data from a variety of sources, including HackerTarget, DNSDumpster, x509 certs, VirusTotal, Google, Pkey, and NetCraft.
29. BlackWidow
BlackWidow is a python based web application to collect subdomains, URLs, dynamic parameters, email addresses and phone numbers from a particular website. This project also includes Inject-X fuzzer for dynamic URL scanning for common OWASP vulnerabilities.
30. VulnX
Vulnx is an Intelligent Bot Auto Shell Injector tool that detects vulnerabilities in many types of Cms.
31. Trape
Trape is an OSINT research and analysis tool that allows anyone to track and execute attacks social engineering in real time.
32. Tool-EXP
Tool-X is a Kali Linux hack tool installer for Termux and linux systems. Tool-X is developed for Termux and linux based systems. Using Tool-X, you can install closer to 370 hacking tools in Termux (android) and other Linux-based distributions. Currently Tool-X is available for Ubuntu, Debian, …
33. OWASP Nettacker
Project OWASP Nettacker is created to automatically collect information, scan for vulnerabilities, and ultimately generate reports, including services, errors, vulnerabilities, misconfigurations, and other information.
This software will use TCP SYN, ACK, ICMP and many other protocols to detect and bypass Firewall / IDS / IPS devices. By leveraging a unique method in OWASP Nettacker to discover protected devices and services such as SCADA. It gives a pretty big competitive advantage over other scanners making it one of the best.
