Essential tools for security professionals, organized by category.
Packet Analysis:
- Wireshark - Network protocol analyzer
- tcpdump - Command-line packet analyzer
- tshark - Terminal-based Wireshark
Network Scanning:
- Nmap - Network discovery and security auditing
- Masscan - Fast port scanner
- Angry IP Scanner - Fast network scanner
Network Monitoring:
- ntopng - Network traffic monitoring
- NetworkMiner - Network forensic analysis
- Zeek - Network security monitor
Vulnerability Scanners:
- Nessus - Vulnerability scanner
- OpenVAS - Open-source vulnerability scanner
- Qualys - Cloud-based vulnerability management
- Rapid7 Nexpose - Vulnerability management
Web Application Scanners:
- Burp Suite - Web application security testing
- OWASP ZAP - Web app security scanner
- Nikto - Web server scanner
- Acunetix - Automated web vulnerability scanner
Dependency & Container Scanning:
- Snyk - Developer security platform
- OWASP Dependency-Check - Software composition analysis
- Trivy - Container vulnerability scanner
- Clair - Container static analysis
Exploitation Frameworks:
- Metasploit - Penetration testing framework
- Cobalt Strike - Adversary simulation
- Empire - Post-exploitation framework
- Covenant - .NET command and control
Password Attacks:
- Hashcat - Password recovery
- John the Ripper - Password cracker
- Hydra - Network login cracker
- Medusa - Brute force tool
Wireless Security:
- Aircrack-ng - WiFi security auditing
- Kismet - Wireless network detector
- Wifite - Automated wireless attack tool
SIEM Platforms:
- Splunk - Data analytics and SIEM
- ELK Stack - Elasticsearch, Logstash, Kibana
- QRadar - IBM security intelligence
- ArcSight - Security analytics
Log Management:
EDR Solutions:
- CrowdStrike Falcon - Cloud-native endpoint protection
- SentinelOne - Autonomous endpoint protection
- Carbon Black - Endpoint security
- Microsoft Defender for Endpoint - Enterprise endpoint security
Open-Source EDR:
- Wazuh - Open-source security platform
- OSQuery - SQL-powered operating system instrumentation
- OSSEC - Host-based intrusion detection
Static Application Security Testing (SAST):
- SonarQube - Code quality and security
- Checkmarx - Application security testing
- Fortify - Static code analyzer
- Semgrep - Lightweight static analysis
Dynamic Application Security Testing (DAST):
- Burp Suite Pro - Web vulnerability scanner
- OWASP ZAP - Dynamic security testing
- Acunetix - Automated DAST
Malware Analysis:
- Cuckoo Sandbox - Automated malware analysis
- Any.run - Interactive malware sandbox
- VirusTotal - File and URL analysis
- Hybrid Analysis - Free malware analysis
Forensic Tools:
- Autopsy - Digital forensics platform
- Volatility - Memory forensics
- FTK Imager - Forensic imaging
- EnCase - Digital investigation
Incident Response:
- TheHive - Incident response platform
- GRR Rapid Response - Incident response framework
- Velociraptor - Endpoint visibility and collection
Cloud Security Tools:
- Prowler - AWS security assessment
- ScoutSuite - Multi-cloud security auditing
- CloudSploit - Cloud security configuration scanner
- Cloud Custodian - Cloud security and governance
Container Security:
- Trivy - Container vulnerability scanner
- Falco - Runtime security monitoring
- Anchore - Container analysis and compliance
Threat Intel Platforms:
- MISP - Threat intelligence sharing
- OpenCTI - Cyber threat intelligence platform
- ThreatConnect - Threat intelligence operations
- Anomali - Threat intelligence management
Threat Hunting:
- Yara - Pattern matching for malware
- Sigma - Generic signature format for SIEM
- RITA - Real intelligence threat analytics
Security Distributions:
- Kali Linux - Penetration testing distribution
- Parrot Security OS - Security and privacy-focused
- BlackArch Linux - Penetration testing distribution
General Operating Systems:
- Ubuntu - Popular Linux distribution
- Red Hat Enterprise Linux - Enterprise Linux
- Windows Server - Microsoft server OS
Virtualization:
- Oracle VirtualBox - Virtual machines
- VMware Workstation - Virtualization platform
- Docker - Container platform
Version Control:
- GitHub - Version control and collaboration
- GitLab - DevOps platform
- Bitbucket - Git repository management
CI/CD Security:
- GitGuardian - Secrets detection
- TruffleHog - Find credentials in git repos
- Gitleaks - Detect hardcoded secrets