Nessus is the world's most popular vulnerability scanner used in over 75,000 organizations world-wide. The "Nessus" Project was started by Renaud Deraison in 1998 to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner. Nessus is currently rated among the top products of its type throughout the security industry and is endorsed by professional information security organizations such as the SANS Institute. Read more hot
Auto Scanning to SSL Vulnerability (A2SV) is a security tool to scan for SSL and TLS vulnerabilities. It can be used during security assessments.
Angry IP Scanner
Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports. Read more
Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern web applications.
bluebox-ng is a pentesting framework using Node.js powers. It id focused in VoIP/UC.
Bluelog is a very simple Bluetooth scanner written to do a single task, log devices that are in discoverable mode. It is intended to be used as a site survey tool, determining how many discoverable Bluetooth devices there are in a given environment.
braa is a mass snmp scanner. The intended usage of such a tool is of course making SNMP queries - but unlike snmpget from net-snmp, it is able to query dozens or hundreds of hosts simultaneously, and in a single process.
buck-security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system.
Cancerbero is a scan service engine based in Nmap. Allows to have a historical service/port snapshot of each host of a network range. It's a good tool for network administrators with a high number of host to take care.
Computer Breaker is a network testing tool that allows networking administrators to test if a computer is vulnerable to malicious attacks. Using the Nessus scanner, computer-breaker scans the remote host and automaticaly exploits its vulnerabilities.
GnoScan is a multi-threaded network scan and security utility with an intuitive graphical user interface. It runs under the Gnome environment and is an independent application that does not need further third-party toolkits.
Hackbot is a host exploration tool and bannergrabber. It scans numerous services and vulnerabilities.
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn't only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. Read more
Inguma is a penetration testing toolkit entirely written in Python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits.
KDE Network Mapper
KDE Network Mapper is a network discovery, scanning, and probing tool for KDE.
KNetScan is a full featured frontend for the following net tools: nmap , ping , traceroute , whois. You can also print and save your results. It is a reunion of kpinger, knmapfe , ktroute and whois client.
KNmap is a graphical frontend for the popular nmap scanner.
Knocker is a simple and easy to use TCP security port scanner written in C to analyze hosts and all of the different services started on them. It is available for Linux, FreeBSD, HP-UX, and Windows9x/2000/NT and it is licensed under the GNU General Public License GPL. Read more
localscan is a Perl-based frontend for nmap.
LPVS (Linux Package Vulnerability Scanner) is a Linux distribution news feed based package version scanner that shows which security advisories apply to your system, which packages are installed in a vulnerable version, and to which versions you should upgrade.
Lynis is an auditing tool for Unix (specialists). It scans the system configuration and creates an overview of system information and security issues usable by professional auditors.
Multi Threaded TCP Port Scanner
Multi Threaded TCP Port Scanner allows you to scan 65535 TCP ports on an IP address.
Multiscan is a simple portscanner coded in C, which allows you to scan a range of IP addresses.
NDiff compares two nmap scans and outputs the differences. It allows monitoring of your network(s) for interesting changes in port states and visible hosts.
Nessconnect is a GUI, CLI, and API client for Nessus and Nessus compatible servers. With its user interface, it provides local session management, scan templates, report generation through XSLT, charts, and graphs, and vulnerability trending.
Netbios Share Samba Scanner
The Netbios Share Samba Scanner can scan C classes and reveal all open shares. It will tell you all the information and even show the content of the shares.
Network Security Analysis Tool
Network Security Analysis Tool is a stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine, and much more.
Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Read more
NiX - WVS
NiX - WVS is a an easy-to-use tool for Web masters to audit their Web sites' security. A fully multithreaded engine is used everywhere. It currently supports a maximum of 10 proxies and will use a random proxy for every request, unless no proxies are used. You can configure how many threads will be used for each module. A ramdisk is used for better performance. The program is very customizable, and you can define timeouts and threads.
NiX Security scanner
NiX Security scanner is a security scanner for Linux distributions. It will try find rootkits, backdoors and try to determine is your system hacked or not.
Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Read more
NmapFE is a front end for Nmap written in GTK+.
NmapSi4 is a Qt-based GUI designed to provide a complete nmap interface for users.
nmbscan scans the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. It is useful for acquiring information on a local area network for such purposes as security auditing.
NSAT is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine and much more. Read more
Nscan is a fast Network scanner optimized for internet-wide scanning purposes and inspired by Masscan and Zmap. It has its own tiny TCP/IP stack and uses Raw sockets to send TCP SYN probes.
OpenVAS (previously GNessUs) is a fork of the Nessus security scanner to ensure continued development of the project as open source. The fork is based on the current Nessus 2.2.5 packages from GNU/Debian.
Packetfence is an open-source network registration and worm detection system. It also provides vulnerability scanning, system inventory (OS fingerprinting), and user-directed remediation functionality.
PacketFence Zero Effort NAC (ZEN) is a network access control (NAC) system. It supports registration of new network devices, detection of abnormal network activities, isolation of problematic devices, remediation through a captive portal, registration-based and scheduled vulnerability scans, VLAN isolation with VoIP support (even in heterogeneous environments) for multiple switch vendors, support for 802.1X through a FreeRADIUS module, wireless integration with FreeRADIUS, DHCP fingerprinting, and more.
pkdump detects any TCP, UDP port scanning or open connection attempt from foreign host over the internet with IP protocol version 4 or IP protocol version 6.
Port Scanner will try to connect on every port you define for a particular host. If a connection is made, it will try to read any data returned.
prescanic is a fully featured IP scanner. It supports SYN scanning, banner grabbing, forking, a debug mode, a verbose mode, anonymous login detection, telnet parsing, HTTP server information, RPC scanning, and more.
propecia is a multi-threaded class C network scanner. Loosely based on propecia.c by Bind.
psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic.
pxytest is a command line utility to test a host for open proxies that are vulnerable to spammer abuse. It is written in Perl.
QNmap is just another KDE nmap frontend. The main difference is that it can be run as a non-root user with some functionality.
Remote nmap is a pair of client and server programs which allow for various authorised clients to run their port scans from a centralised server.
RogueScanner is a network security tool for automatically discovering rogue wireless access points by scanning a wired network. It can also find all other network connected devices like printers, routers, Web cameras, and PCs.
Rootkit Hunter is a scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits. Read more
(commercial) Security Administrator's Integrated Network Tool, the successor to SATAN. Detect and fix possible weaknesses in your network's security before they can be exploited by intruders.
Sambascan2 is a small bash script, which can scan for SMB-shares in a given Netz. It currently needs nmap, find, smbclient, sed and grep.
The Security Auditor's Research Assistant (SARA) is a third generation security analysis tool that is based on the SATAN model. Read more
SBScan is a localhost security scanner. It checks for numerous security problems on a linux box.
Scan Detect listens on a given TCP port and if any host on the internet connects to that TCP port, Scan Detect uses Ipchains to block that host from connecting to your Linux system.
Simple scAnning Tool
SAT (Simple scAnning Tool) is a simple and fast network scanner. It is used to identify network devices and services. The identification is based on recieved data such as banners.
Springenwerk is a cross site scripting (XSS) security scanner. It finds the most common XSS vulnerabilites by extracting forms and input elements from given Web pages and follows the form action targets to one level. It can check custom HTTP GET and POST data arguments and optionally generates an HTML report file with exploits to demonstrate the vulnerabilites. An easy to use GUI is included.
ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic.
sslyze is a cross-platform tool to analyze the configuration of SSL servers. It supports cipher suites scanning, insecure renegotiation verification, session resumption testing, client certificates, and more.
Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment Language.
Synscan is a fast asynchronous half-open port scanner. This tool will send TCP packets with the SYN flag to any block of destination addresses at very high speed. Synscan endeavors to send traffic as fast as the host network interface can support.
TN-GW-Scan is a scanner for scanning telnet proxies. It is implemented using FWTK.
UMIT is an nmap frontend. It is meant to be an nmap frontend that is really useful for advanced users and easy to used for newbies. With UMIT, a network admin can create scan profiles for faster and easier network scanning and can even compare scan results to see any changes easily. A regular user will also be able to construct powerful scans with UMIT command creator wizards.
Unhide.rb finds hidden processes on your system. It looks for active processes in many different ways.
Unicornscan is an information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. Read more
xNetTools is composed of several scanning utilities used to determine if certain services are available across a range of addresses. It also contains several other graphical utitilies such as finger, whois, and portscan.
XPortScan is a fast port scanner. It uses multiple threads to speed up scans, it has logging capabilities, along with some other nice little features.
Zenmap is an Nmap frontend. It is meant to be useful for advanced users and to make Nmap easy to use by beginners. Read more