About The Security Tools Available
All tools on this list are free and publicly accessible. They are also well known within the professional security community and among malicious actors. This list of tools, software, and utilities should empower anyone interested in protecting themselves and their online assets by making you aware of the capabilities that exist for analysts and malicious actors. By better understanding the tools that your adversary uses, you can better protect yourself.
Information Gathering and Analysis
Google dorks – Using advanced operators in the Google search engine to locate specific strings of text within search results.
Maltego – An interactive data mining tool that renders directed graphs for link analysis.
FOCA – A tool used to find metadata and hidden information in the documents its scans.
http://checkusernames.com/ – Check the use of a brand or username on 160 social networks.
https://haveibeenpwned.com/ – Check if an account has been compromised in a data breach.
https://www.beenverified.com/ – Search people & public records.
Shodan – Search engine for Internet-connected devices.
Censys – A search engine that allows computer scientists to ask questions about the devices and networks that compose the internet.
Gephi – Visualisation and exploration software for all kinds of graphs and networks.
Fierce – A DNS reconnaissance tool for finding target IPs associated with a domain.
BuiltWith – Find out what websites are built with.
Wappalyzer – A cross-platform utility that uncovers the technologies used on websites.
https://aw-snap.info/ – Tools for owners of hacked websites to help find malware and recover their site.
http://themecheck.org/ – A quick service that lets you verify WordPress themes for security and code quality.
theHarvester – Gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers, and SHODAN.
Cymon.io – Tracker of malware, phishing, botnets, spam, and more.
Mnemonic – A passive DNS database.
Vulnerability Scanning and Penetration Testing
WPScan – A black box WordPress vulnerability scanner.
Sqlmap – An open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers.
BeEF – A penetration testing tool that focuses on the web browser.
Firefox Hackbar – A simple security audit/penetration test tool.
Burp Suite – Software for web security testing.
OpenVAS – An open source vulnerability scanner and manager.
Fiddler – A free web debugging proxy.
Joomscan – Detect Joomla CMS vulnerabilities and analyse them.
Kum0nga – A simple Joomla scan.
Arachni – A feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern web applications.
Forensics and Log Analysis
Lnav – An advanced log file viewer.
Mandiant Highlighter – A free log file analysis tool.
Wp-file-analyser – Find modified, missing and extra files in a WordPress directory.
Auditd – Access monitoring and accounting for Linux.
Araxis Merge – Advanced 2 and 3-way file comparison (diff), merging and folder synchronisation.
WinMerge – An Open Source differencing and merging tool for Windows.
DiffNow – Compare files online.
Code and Malware Analysis
CyberChef – the Cyber Swiss Army Knife
UnPHP – A free service for analysing obfuscated and malicious PHP code.
https://www.base64decode.org/ – Base64 Decode and Encode
https://www.urldecoder.org/ – URL Decode and Encode
http://lombokcyber.com/en/detools/decode-sourcecop – Decode SourceCop v3.x
regex101 – Develop and test regular expressions.
regexpal – Another site to develop and test regular expressions.
HashKiller – Online hash cracking service. Useful to reverse engineer hashes into passwords.
Other Lists of Tools
Awesome Forensics – A curated list of awesome free (mostly open source) forensic analysis tools and resources.
awesome-incident-response – A curated list of tools and resources for security incident response, aimed to help security analysts and DFIR teams.
OSINT Framework – OSINT is short for ‘open source intelligence’. This site provides a graphical directory of OSINT resources.
Kali Linux is a linux distribution that is the favourite of penetration testers and security analysts worldwide. It is a linux distribution that comes packed with security analysis tools. If you want to learn about cyber security, Kali should be one of your starting points.