Ralf Zimmermann SIEGNETZ.IT GmbH

Nützliche Tools

Hier eine Sammlung nützlicher Tools.


Zurück zum Seitenanfang | Aktualisiert am
Tool Beschreibung Link
apachetop Apache top is a curses-based realtime utility to display information from a running copy of Apache.
Arachni Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
BloodHound BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.
Browsersync Time-saving synchronised browser testing.
Burp Proxy Burp Proxy is an intercepting proxy server for security testing of web applications. It operates as a man-in-the-middle between your browser and the target application
curl curl is a command line tool for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
Docker Docker is the world’s leading software containerization platform
dnstop console tool to analyze DNS traffic
freeradius Fast, feature-rich, modular, and scalable RADIUS Server
fwlogwatch fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS and Cisco PIX log summary reports in text and HTML form and has a lot of options to find and display relevant patterns in connection attempts. With the data found it can also generate customizable incident reports from a template and send them to abuse contacts at offending sites or CERT coordination centers. Finally, it can also run as daemon and report anomalies or start countermeasures.
gawk pattern scanning and processing language
grep GNU grep, egrep and fgrep
hping Command-line oriented TCP/IP packet assembler/analyzer
htop interactive processes viewer
httpscreenshot HTTPScreenshot is a tool for grabbing screenshots and HTML of large numbers of websites. The goal is for it to be both thorough and fast which can sometimes oppose each other.
idn2 Internationalized domain names (IDNA2008) command line tool
iftop displays bandwidth usage information on an network interface
ipcalc parameter calculator for IPv4 addresses
iproute networking and traffic control tools
iptstate top-like interface to your netfilter connection-tracking table
iptraf Interactive Colorful IP LAN Monitor
ipv6calc small utility for manipulating IPv6 addresses
Jenkins An extensible open source continuous integration server
letsencrypt The Let’s Encrypt Client is a fully-featured, extensible client for the Let’s Encrypt CA (or any other CA that speaks the ACME protocol) that can automate the tasks of obtaining certificates and configuring webservers to use them.
logtail Print log file lines that have not been read
lsof Utility to list open files
masscan TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
mc Midnight Commander - a powerful file manager
Metasploit The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
MonoDraw Powerful ASCII art editor
mtr Full screen ncurses and X11 traceroute tool
multitail view multiple logfiles windowed on console
mytop Mytop is a console-based tool for monitoring queries and the performance of MySQL. It supports version 3.22.x, 3.23.x, 4.x and 5.x servers. It's written in Perl and support connections using TCP/IP and UNIX sockets.
mutt text-based mailreader supporting MIME, GPG, PGP and threading
ncdu ncurses disk usage viewer
nedi NeDi discovers, maps and inventories your network devices and tracks connected endnodes.
nethogs Net top tool grouping bandwidth per process
Nessus Nessus is a proprietary comprehensive vulnerability scanner which is developed by Tenable Network Security. It is free of charge for personal use in a non-enterprise environment.
Netbeans Quickly and easily develop desktop, mobile and web applications with Java, JavaScript, HTML5, PHP, C/C++ and more.
Nikto Nikto is a pluggable web server and CGI scanner written in Perl, using rfp's LibWhisker to perform fast security or informational checks.
nmon nmon is a systems administrator, tuner, benchmark tool. It can display the CPU, memory, network, disks (mini graphs or numbers), file systems, NFS, top processes, resources (Linux version & processors) and on Power micro-partition information.
nload realtime console network usage monitor
OpenVAS OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
PHP CodeSniffer The most commonly used tool for static analysis of PHP code. It is typically used to detect violations of code formatting standards but also supports software metrics as well as the detection of potential defects.
PHP Metrics PhpMetrics provides various metrics about PHP projects.
pwgen Automatic Password generation
ripmime ripMIME's primary pupose is to extract attachments out of a MIME encoded email packages.
rsync fast, versatile, remote (and local) file-copying tool
scapy Scapy is a Python program that enables the user to send, sniff and dissect and forge network packets. This capability allows construction of tools that can probe, scan or attack networks.
screen terminal multiplexer with VT100/ANSI terminal emulation
sed The GNU sed stream editor
sslscan SSLScan is a fast SSL port scanner. SSLScan connects to SSL ports and determines what ciphers are supported, which are the servers prefered ciphers, which SSL protocols are supported and returns the SSL certificate. Client certificates / private key can be configured and output is to text / XML.
SonarQube The SonarQube platform offers numerous features to help you make your Continuous Inspection process a success.
SPARTA SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands and tools, more time can be spent focusing on analysing results.
speedtest-cli Command-line interface for https://speedtest.net bandwidth tests
strace System call tracer
Suricata Suricata is a network Intrusion Detection System (IDS). It is based on rules (and is fully compatible with snort rules) to detect a variety of attacks / probes by searching packet content.
swaks SMTP command-line test tool
tcpdump command-line network traffic analyzer
testssl.sh Tool which checks for the support of TLS/SSL ciphers and flaws
tls-interposer The TLS Interposer for Linux provides an easy way to upgrade the security of existing SSL/TLS applications based on OpenSSL without having to recompile them or having to switch to newer versions with incompatible configuration or interfaces. TLS Interposer is directed at server applications, but nothing prevents you from using it with client applications.
tshark console version of wireshark
vim Vi IMproved - enhanced vi editor
w3af w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities.
wapiti Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scan the web pages of the deployed web applications, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.
wget retrieves files from the web
whatweb WhatWeb identifies websites. It recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices.
whois intelligent WHOIS client
XCA - X Certificate and key management This application is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smartcards and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use there are customiseable templates that can be used for certificate or request generation. All crypto data is stored in an endian-agnostic file format portable across operating systems.
Xdebug Xdebug provides debugging and profiling capabilities for PHP
zmap ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 5 minutes, approaching the theoretical limit of ten gigabit Ethernet.
zaproxy An easy to use integrated penetration testing tool for finding vulnerablities in web applications.