Netfilter is a framework offering a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack.
Read more
Category: Security
Zeek – network security monitor
Zeek is a powerful framework for network traffic analysis and security monitoring.
Read more
Argus – auditing network software
Audit Record Generation and Usage System (Argus) is a Real Time Flow Monitor that is designed to perform comprehensive IP network traffic auditing.
Read more
ntop – network traffic probe
ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does.
Read more
SEC – tool for advanced event processing
Simple Event Correlator (SEC) is an open source and platform independent event correlation tool. SEC is a simple event correlation tool.
Read more
Scapy – packet manipulation program
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols.
Read more
Knocker – TCP security port scanner
Knocker is a simple, and easy to use TCP security port scanner written in C. It’s able to analyze hosts and the network services which are running on them.
Read more
tcpreplay – Pcap editing and replaying utilities
tcpreplay is a set of tools written which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices.
Read more
Darik’s Boot and Nuke – hard drive eraser and data clearing utility
Darik’s Boot and Nuke (“DBAN”) is a self-contained boot disk that securely wipes the hard disks of most computers.
Read more
Nikto – web server scanner
Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items.
Read more
Stunnel – proxy designed to add TLS encryption functionality
Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer).
Read more
P3Scan – full-transparent proxy-server for email clients
P3Scan is a fully transparent proxy-server for POP3, SMTP, and limited POP3S Clients. It can be used to provide email scanning from the internet.
Read more
GRR Rapid Response: remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics.
Read more
MIG: Mozilla InvestiGator – real-time digital forensics and investigation platform
MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel.
Read more
The Sleuth Kit – analyze disk images and recover files
The Sleuth Kit (TSK) is a library and collection of command line file and volume system forensic analysis tools.
Read more