Top Network security tools

TOP 160+ NETWORK SECURITY TOOLS

1. afpfs-ng (0.8.2)
- A client for the Apple Filing Protocol (AFP)
> https://sites.google.com/site/alexthepuffin/

2. aiengine (2.0.1)
- A packet inspection engine with capabilities of learning without any human intervention.
> https://bitbucket.org/camp0/aiengine/downloads/

3. apacket
- 374.16e7036 Sniffer syn and backscatter packets.
> https://apackets.com/

4. argus (3.0.8.2)
- Network monitoring tool with flow control.
> https://qosient.com/argus/

5. argus-clients (3.0.8.2)
- Network monitoring client for Argus.
> https://openargus.org/

6. arp-scan (1.9.8)
- A tool that uses ARP to discover and fingerprint IP hosts on the local network
> https://github.com/royhills/arp-scan

7. arpalert (2.0.12)
- Monitor ARP changes in ethernet networks.
> https://www.arpalert.org/

8. arptools (13.41cdb23)
- A simple tool about ARP broadcast, ARP attack, and data transmission.
> https://github.com/Lab-Zjt/ARPTools

9. arpwner = (26.f300fdf)
- GUI-based python tool for arp poisoning and dns poisoning attacks.
> https://github.com/ntrippar/ARPwner
10. atftp (0.8.0)
- Client/server implementation of the TFTP protocol that implements RFCs 1350, 2090, 2347, 2348,
and 2349
> https://sourceforge.net/projects/atftp/

11. autovpn = (18.28b1a87)
- Easily connect to a VPN in a country of your choice.
> https://github.com/ttlequalsO/autovpn

12. bind (9.18.7)
- A complete, highly portable implementation of the DNS protocol
> https://www.isc.org/bind/

13. buttinsky (138.1a2a1b2)
- Provide an open source framework for automated botnet monitoring.
> https://github.com/mushorg/buttinsky

14. bypass-firewall-dns-history (33.c5S5b7ce)
- Firewall bypass script based on DNS history records.
> https://github.com/vincentcox/bypass-firewalls-by-DNS-history

15. cadaver = (0.23.3)
- Command-line WebDAV client for Unix
> https://github.com/notroj/cadaver
> https://notroj.github.io/cadaver/

16. chameleon (27.a2f0cf1)
- A tool for evading Proxy categorisation.
> https://github.com/mdsecactivebreach/Chameleon

17. chaosreader
- A freeware tool to trace tcp, udp etc. sessions and fetch application data from snoop or tcpdump logs.
> https://chaosreader.sourceforge.net/

18. chopshop
- Protocol Analysis/Decoder Framework.
> https://github.com/MITRECND/chopshop

19. cidr2range
- Script for listing the IP addresses contained in a CIDR netblock.
> https://www.cpan.org/authors/id/R/RA/RA YNERLUC/cidr2range/

20. creak (40.52b0d74)
- Poison, reset, spoof, redirect MITM script.
> https://github.com/codepr/creak

21. cyberscan (75.ca85794)
- A Network Pentesting Tool
> https://github.com/medbenali/CyberScan

22. depdep (2.0)
- A merciless sentinel which will seek sensitive files containing critical info leaking through your
network.
> https://github.com/bedirhan/depdep

23. det31.417cbce (extensible)
- Data Exfiltration Toolkit.
> https://github.com/sensepost/det

24. dhcpoptinj 123.58al2c6
- DHCP option injector.
> https://github.com/misje/dhcpoptinj

25. dinouml 0.9.5
- A network simulation tool, based on UML (User Mode Linux) that can simulate big Linux networks
on a single PC
> https://en. kali.tools/all/?tool=322

26. dnsdiag 271.edb168f
- DNS Diagnostics and Performance Measurement Tools.
> https://dnsdiag.org/

27. dnsfilexfer 24.126edcd
- File transfer via DNS.
> https://github.com/leonjza/dnsfilexfer

28. dnsobserver 5.£33 1482
- A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities.
> https://github.com/allyomalley/dnsobserver

29. dnsteal 28.1b09d21
- DNS Exfiltration tool for stealthily sending files over DNS requests..
> https://github.com/m57/dnsteal

30. dnsvalidator 67.b12accO
- Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring
accurate responses.
> https://github.com/vortexau/dnsvalidator

31. dripcap 0.6.15
- Caffeinated Packet Analyzer.
> https://en.kali.tools/all/?tool=369

32. dtp-spoof 5.3ae05fc
- Python script/security tool to test Dynamic Trunking Protocol configuration on a switch.
> https://github.com/fleetcaptain/dtp-spoof

33. dublin-traceroute 332.16c002c
- NAT-aware multipath tracerouting tool.
> https://github.com/insomniacslk/dublin-traceroute

34. dump 1090 386.bff92c4
- A simple Mode S decoder for RTLSDR devices.
> https://github.com/MalcolmRobb/dump 1090

35. etherape 0.9.20
- Graphical network monitor for various OSI layers and protocols
> https://etherape.sourceforge.io/

36. evillimiter36.46d2033
- Tool that limits bandwidth of devices on the same network without access.
> https://github.com/bitbrute/evillimiter

37. exabgp 4961.ba5c0506
- The BGP swiss army knife of networking.
> https://github.com/Exa-Networks/exabgp

38. filibuster 167.c54ac80
- A Egress filter mapping application with additional functionality.
> https://github.com/subinacls/Filibuster

39. firecat  6.b5205c8
- A penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised
network.
> https://github.com/BishopFox/firecat

40. flowinspect 97.34759ed
- A network traffic inspection tool.
> https://github.com/7h3rAm/flowinspect

41. fping 3.1
- Utility to ping multiple hosts at once
> https://www.fping.org/

42. freeipmi 1.6.10
- IPMI remote console and system management software
> https://www.gnu.org/software/freeipmi/

43. geoip 1.6.12
- Non-DNS IP-to-country resolver C library & utils
> https://dev.maxmind.com/geoip/release-notes/2022#geoip-legacy-databases-have-been-retired?lang=en

44. girsh v0.40.12.g0fa6870
- Automatically spawn a reverse shell fully interactive for Linux or Windows victim.
> https://github.com/nodauf/Girsh

45. gsocket = 1.4.38
- Global Socket moving data from here to there securely, fast and trough NAT/Firewalls
> https://www.gsocket.io/

46. gspoof = 3.2
- A simple GTK/command line TCP/IP packet generator.
> https://gspoof.sourceforge.net/

47. gweheck 0.1
- A simple program that checks if a host in an ethernet network is a gateway to Internet.
> https://packetstormsecurity.com/files/62047/gwcheck.c.html

48. haka 0.2.2
- A collection of tool that allows capturing TCP/IP packets and filtering them based on Lua policy
files.
> https://github.com/haka-security/haka

49. hharp lbeta
- This tool can perform man-in-the-middle and switch flooding attacks. It has 4 major functions, 3 of
which attempt to man-in-the-middle one or more computers on a network with a passive method or
flood type method.
> https://packetstormsecurity.com/files/8 1368/Hackers-Hideaway-ARP-Attack-Tool.html

50. hping 3.0.0
- A command-line oriented TCP/IP packet assembler/analyzer.
> http://www.hping.org/

51. http-traceroute 0.5
- This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-
like scanning functionality.
> https://packetstormsecurity.com/files/107167/Traceroute-Like-HTTP-Scanner.html

52. httping = =2..5
- A ping-like tool for http-requests
> https://www.vanheusden.com/httping/

53. hyde 11.ec09462
- Just another tool in C to do DDoS (with spoofing).
> https://github.com/CoolerVoid/Hyde

54. hyenae (0..36_1
- Flexible platform independent packet generator.
> https://sourceforge.net/projects/hyenae/

55. hyperfox 121.1la8c26f
- A security tool for proxying and recording HTTP and HTTPs traffic.
> https://github.com/malfunkt/hyperfox

56. i2pd 2.43.0
- A full-featured C++ implementation of the I2P router
> https://i2pd.website/

57. impacket 0.9.24
- Collection of classes for working with network protocols
> https://github.com/Secure AuthCorp/impacket

58. infection-monkey v1.13.0.14344.gdbaa56c39
- Automated security testing tool for networks.
> https://github.com/guardicore/monkey

59. interlace 342.97ee2le
- Easily turn single threaded command line applications into a fast, multi-threaded application with
CIDR and glob support.
> https://github.com/codingo/Interlace/releases

60. ipaudit = 1.1
- Monitors network activity on a network.
> https://ipaudit.sourceforge.net/

61. ipdecap 96.45d2a7d
- Can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, and can also
remove IEEE 802.1Q (virtual lan) header.
> https://en.kali.tools/all/?tool=666

62. ipmitool 1.8.19
- Command-line interface to IPMI-enabled devices
> https://github.com/ipmitool/ipmitool

63. iputils 20211215
- Network monitoring tools, including ping
> http://www.skbuff.net/iputils/

64. ipv4bypass 21.99bb285
- Using IPv6 to Bypass Security.
> https://github.com/milo2012/ipv4Bypass

65. jnetmap 0.5.5
- A network monitor of sorts.
> https://sourceforge.net/projects/jnetmap/files/

66. kickthemout 212.86 laea2
- Kick devices off your network by performing an ARP Spoof attack.
> https://github.com/k4m4/kickthemout

67. latd 1.31
- A LAT terminal daemon for Linux and BSD.
> https://sourceforge.net/projects/linux-decnet/files/latd/1.31/

68. libparistraceroute 378 .6fb8f48
- A library written in C dedicated to active network measurements with examples, such as paris-ping
and paris-traceroute.
> https://github.com/libparistraceroute/libparistraceroute

69. libtins 1288.eb997f5
- High-level, multiplatform C++ network packet sniffing and crafting library.
> https://github.com/mfontanini/libtins

70. loic 2.9.9.99
- An open source network stress tool for Windows.
> https://github.com/NewEraCracker/LOIC

71. macchanger 1.7.0
- A small utility to change your NIC’s MAC address
> https://github.com/alobbs/macchanger

72. maclookup 0.4
- Lookup MAC addresses in the IEEE MA-L/OUI public listing.
> https://dnschecker.org/mac-lookup.php

73. maketh 0.2.0
- A packet generator that supports forging ARP, IP, TCP, UDP, ICMP and the ethernet header as well.
> https://packetstormsecurity.com/files/83892/Maketh-Packet-Generator.2.0.html

74. malcom = 708.02e55b9
- Analyze a system's network communication using graphical representations of network traffic.
> https://github.com/tomchop/malcom

75. massdns = 275.2cee317
- A high-performance DNS stub resolver in C.
> https://github.com/blechschmidt/massdns

76. middler 1.0
- A Man in the Middle tool to demonstrate protocol middling attacks.
> https://en.kali.tools/all/?tool=825

77. mitm 8.bd2b35 1
- A simple yet effective python3 script to perform DNS spoofing via ARP poisoning.
> https://github.com/blackeko/mitm

78. moloch = 0.11.3
- An open source large scale IPv4 full PCAP capturing, indexing and database system.
> https://github.com/hadojae/moloch

79. mptcp 1.9.0
- A tool for manipulation of raw packets that allows a large number of options.
> https://packetstormsecurity.com/files/119132/Mptcp-Packet-Manipulator.9.0.html

80. mptcp-abuse 6.b0eeb27
- A collection of tools and resources to explore MPTCP on your network. Initially released at Black
Hat USA 2014.
> https://github.com/CiscoCXSecurity/mptcp-abuse

81. mtr 0.95
- Combines the functionality of traceroute and ping into one tool (CLI version)
> https://www.bitwizard.nl/mtr/

82. mylg 659.faba867
- Network Diagnostic Tool.
> https://github.com/mehrdadrad/mylg

83. nacker =. 23.b67bb39
- A tool to circumvent 802.1x Network Access Control on a wired LAN.
> https://github.com/carmaa/nacker

84. nbtool 2.bf90c76
- Some tools for NetBIOS and DNS investigation, attacks, and communication.
> https://github.com/g2nb/nbtools

85. ncpfs 2.2.6
- Allows you to mount volumes of NetWare servers under Linux.
> https://linux.softpedia.com/get/S ystem/Filesystems/ncpfs-1464.shtml

86. nemesis 329.b1d398c
- A command-line network packet crafting and injection utility.
> https://github.com/libnet/nemesis

87. netactview 0.6.4
- A graphical network connections viewer similar in functionality to netstat.
> https://netactview.sourceforge.net/index.html

88. netcon 0.1
- A network connection establishment and management script.
> https://en.kali.tools/all/?tool=896

89. netmap 0.1.3
- Can be used to make a graphical representation of the surrounding network.
> https://en.kali.tools/all/?tool=898

90. netreconn 1.78
- A collection of network scan/recon tools that are relatively small compared to their larger cousins.
> https://packetstormsecurity.com/files/86076/NetReconn-Scanning-Tool-Collection.76.html

91. netsed 1.3
- Small and handful utility design to alter the contents of packets forwarded thru network in real time.
> https://en.kali.tools/all/?tool=903

92. networkmap 58.f5fafl7
- Post-exploitation network mapper.
> https://github.com/lorenzog/NetworkMap

93. nextnet 3.c8dc7a6
- Pivot point discovery tool.
> https://github.com/hdm/nextnet

94. nfdump = 1.6.23
- A set of tools to collect and process netflow data.
> https://github.com/phaag/nfdump

95. ngrep 1.47
- A grep-like utility that allows you to search for network packets on an interface.
> https://github.com/jpr5/ngrep/

96. nield 38 .0cO848d
- A tool to receive notifications from kernel through netlink socket, and generate logs related to
interfaces, neighbor cache(ARP,NDP), IP address(IPv4,IPv6), routing, FIB rules, traffic control.
> https://en.kali.tools/all/?tool=9 15

97. nipper =: 0.11.7
- Network Infrastructure Parser
> https://packetstormsecurity.com/files/66253/nipper-0.11.7.zip-html

98. nsdtool = 0.1
- A netgear switch discovery tool. It contains some extra features like bruteoforce and setting a new
password.
> https://curesec.com/en/publications/tools.html

99. nsoq 1.9.5
- A Network Security Tool for packet manipulation that allows a large number of options.
> http://www.nsoq.org/

100. packet-o-matic 351
- A real time packet processor. Reads the packet from an input module, match the packet using rules
and connection tracking information and then send it to a target module.
> https://www.packet-o-matic.org/

101. packeth 2.1
- Linux GUI packet generator tool for ethernet
> https://packeth.sourceforge.net/

102. packetq 278.a4c5f14
- A tool that provides a basic SQL-frontend to PCAP-files.
> https://packeth.sourceforge.net/packeth/Home.html

103. packetsender 770.c907ae8&
- An open source utility to allow sending and receiving TCP and UDP packets.
> https://github.com/dannagle/PacketSender

104. packit 1.0
- A network auditing tool. Its value is derived from its ability to customize, inject, monitor, and
manipulate IP traffic.
> http://packetfactory.openwall.net/projects/packit/index.html

105. peapfex 60.c51055a
- Packet CAPture Forensic Evidence eXtractor.
> https://github.com/vikwin/pcapfex

106. peapfix 1.1.7
- Tries to repair your broken pcap and pcapng files.
> https://f001.de/pcapfix/

107. phantap 63.e80be64
- An ‘invisible’ network tap aimed at red teams.
> https://github.com/ncc group/phantap

108. pivotsuite 19.9078dle
- A portable, platform independent and powerful network pivoting toolkit.
> https://github.com/RedTeamOperations/PivotSuite

109. pkt2flow 69.868a2e8
- A simple utility to classify packets into flows.
> https://github.com/caesar0301/pkt2flow

110. pmacct 4281.db67590d
- Small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP
BMP IGP Streaming Telemetry].
> https://github.com/pmacct/pmacct

111. prometheus-firewall 176.a316d66
- A Firewall analyzer written in ruby
> https://github.com/averagesecurityguy/prometheus

112. pwnat 14.d3c2b05
- A tool that allows any number of clients behind NATs to communicate with a server behind a
separate NAT with *no* port forwarding and *no* DMZ setup on any routers in order to directly
communicate with each other.
> http://samy.pl/pwnat/

113. pyersinia 49.73f4056
- Network attack tool like yersinia but written in Python.
> https://github.com/nottinghamprisateam/pyersinia

114. pyexfil  81.2ef1b8c
- A couple of beta stage tools for data exfiltration.
> https://github.com/ytisf/PyExfil

115. pyminifakedns 0.1
- Minimal DNS server written in Python; it always replies with a 127.0.0.1 A-record.
> https://code.activestate.com/recipes/49 1264/

116. python-cymruwhois 1.6
- Python client for the whois.cymru.com service
> https://pypi.org/project/cymruwhois/#files

117. python2-cymruwhois 1.6
- Python client for the whois.cymru.com service
> https://pypi.org/project/cymruwhois/#files

118. rinetd 0.62
- internet redirection server
> https://netbsd.pkgs.org/9/netbsd-amd64/rinetd-0.62nb3.tgz.html
> https://manpages.ubuntu.com/manpages/bionic/man8/rinetd.8 .html

119. rtpbreak = 1.3a
- Detects, reconstructs and analyzes any RTP session
> https://www.kali.org/tools/rtpbreak/

120. rustcat —-v3.0.0.r1.g6e421b3
- A modern port listener and reverse shell.
> https://github.com/robiot/rustcat

121. samplicator 175.ceeb1d2
- Send copies of (UDP) datagrams to multiple receivers, with optional sampling and spoofing.
> https://github.com/sleinen/samplicator

122. scapy 2.4.5
- Powerful interactive packet manipulation program written in Python (tools)
> https://scapy-net/

123. sdn-toolkit 1.21
- Discover, Identify, and Manipulate SDN-Based Networks
> https://sourceforge.net/projects/sdn-toolkit/

124. sessionlist 6.3efc3b2
- Sniffer that intents to sniff HTTP packets and attempts to reconstruct interesting authentication data
from websites that do not employ proper secure cookie auth.
seth  100.80b3813 Perform a MitM attack and extract clear text credentials from RDP connections.
> https://Oxrage.com/
> https://github.com/iamrage/sessionlist

125. silk 3.19.2
- A collection of traffic analysis tools developed by the CERT NetSA to facilitate security analysis of
large networks.
> https://github.com/SySS-Research/Seth

126. skydive 0.28.0
- An open source real-time network topology and protocols analyzer.
> https://tools.netsa.cert.org/silk/download.html

127. sniffer 4.688854e
- Packet Trace Parser for TCP, SMTP Emails, and HTTP Cookies.
> https://en.kali.tools/all/?tool=1865

128. sniffles 469.118e93f
- A Packet Capture Generator for IDS and Regular Expression Evaluation.
> https://github.com/petabi/sniffles

129. snmpattack 1.8
- SNMP scanner and attacking tool.
> https://cOdecafe.de/
> https://en.kali.tools/all/?tool=1294

130. snmpcheck 1.9
- A free open source utility to get information via SNMP protocols.
> http://www.nothink.org/codes/snmpcheck/index.php

131. socat 1.7.4.3
- Multipurpose relay
> http://www.dest-unreach.org/socat/

132. sockstat 0.4.1
- A tool to let you view information about open connections. It is similar to the tool of the same name
that is included in FreeBSD, trying to faithfully reproduce as much functionality as is possible.
> https://packages.debian.org/unstable/main/sockstat

133. spiped = 1.6.2
- Secure pipe daemon
> http://www.tarsnap.com/spiped.html

134. sps 4.3
- A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6
over IPv4.
> https://sites.google.com/site/simplepacketsender/

135. sslh 1.22.c
- SSL/SSH/OpenVPN/XMPP/Ytinc port multiplexer
> https://www.rutschle.net/tech/sslh/README. html

136. stunnel 5.66
- A program that allows you to encrypt arbitrary TCP connections inside SSL
> https://www.stunnel.org/

137. swaks 20201014.0
- Swiss Army Knife SMTP; Command line SMTP testing, including TLS and AUTH
> https://jetmore.org/john/code/swaks/

138. tcpcopy = 1243.2365b36
- A TCP stream replay tool to support real testing of Internet server applications.
> https://github.com/session-replay-tools/tcpcopy

139. tepdstat 4.be5bd28
- Get protocol statistics from tcpdump pcap files.
> https://blackarch.org/networking.html

140. tcpdump 4.99.1
- Powerful command-line packet analyzer
> https://www.tcpdump.org/

141. tcpextract 1.1
- Extracts files from captured TCP sessions. Support live streams and pcap files.
> https://pypi.org/project/tcpextract/

142. tcpflow 1.6.1
- Captures data transmitted as part of TCP connections then stores the data conveniently
> https://github.com/simsong/tcpflow

143. tepreplay 4.4.2
- Gives the ability to replay previously captured traffic in a ibpcap format
> https://tepreplay.appneta.com/

144. tcptrace 6.6.7
- A TCP dump file analysis tool.
> http://tcptrace.org/

145. tcptraceroute 1.5beta7
- A traceroute implementation using TCP packets.
> https://pkgs.org/download/tcptraceroute

146. tcpwatch 1.3.1
- A utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy
connections.
> https://en.kali.tools/all/?tool=1409

147. tgcd 1.1.1
- TCP/IP Gender Changer Daemon utility.
> https://tgcd.sourceforge.net/

148. the-ipv6 3.8
- Complete tool set to attack the inherent protocol weaknesses of IPv6 and ICMP6
> https://github.com/vanhauser-the/thc-ipv6

149. tinc 1.0.36
- VPN (Virtual Private Network) daemon
> https://www.tinc-vpn.org/

150. torpy 60.ebf000c
- Pure python Tor client implementation.
> https://github.com/torpyorg/torpy

151. tunna 41.cba006d
- a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to
bypass network restrictions in fully firewalled environments.
> https://github.com/SECFORCE/Tunna

152. udpastcp 29.683b5e3
- This program hides UDP traffic as TCP traffic in order to bypass certain firewalls.
> https://github.com/Hello7 1/udpastcp

153. udptunnel 19
- Tunnels TCP over UDP packets.
> https://github.com/astroza/udptunnel
> https://manpages.ubuntu.com/manpages/xenial/man 1/udptunnel. 1 html

154. umit 1.0
- A powerful nmap frontend.
> https://reposcope.com/package/umit

155. uw-offish 0.1
- Clear-text protocol simulator.
> https://uberwall.org/bin/download/42/U W_offish. 1 .tar.gz

156. websockify 900.713385
- WebSocket to TCP proxy/bridge.
> https://github.com/novnc/websockify

157. wondershaper 48.98792b5
- Limit the bandwidth of one or more network adapters.
> https://github.com/magnificO/wondershaper

158. xerosploit 33.2a65f3d
- Efficient and advanced man in the middle framework.
> https://github.com/LionSec/xerosploit

159. xxeserv 12.046c559
- A mini webserver with FTP support for XXE payloads.
> https://github.com/staaldraad/xxeserv

160. yaf 2.12.2
- Yet Another Flowmeter.
> https://tools.netsa.cert.org/yaf/download.html

161. yersinia 00.8.2
- A network tool designed to take advantage of some weakness in different network protocols.
> https://www.kali.org/tools/yersinia/

162. zackattack5.1f96c14
- A new tool set to do NTLM Authentication relaying unlike any other tool currently out there.
> https://github.com/urbanesec/ZackA ttack/

163. zdns 249.bfbfae2
- Fast CLI DNS Lookup Tool.
> https://github.com/zmap/zdns

164. zeek 13053.0c2f04548
- A powerful network analysis framework that is much different from the typical IDS you may know.
> https://github.com/zeek/zeek

165. zeek-aux 526.6defd70
- Handy auxiliary programs related to the use of the Zeek Network Security Monitor.
> https://github.com/zeek/zeek-aux

166. zssh 1.5c
- SSH and Telnet client with ZMODEM file transfer capability
> https://zssh.sourceforge.net/