CINXE.COM

Vulnerability exploitation tools – SecTools Top Network Security Tools

<!DOCTYPE html> <html lang="en"> <head> <title> Vulnerability exploitation tools &ndash; SecTools Top Network Security Tools </title> <meta name="description" content="Rankings and reviews of computer and network security software, programs, and tools."> <link rel="alternate" type="application/rss+xml" href="/feed/"> <link rel="canonical" href="https://sectools.org/tag/sploits/"> <link rel="next" href="https://sectools.org/tag/sploits/?page=2"> <meta name="viewport" content="width=device-width,initial-scale=1"> <meta name="theme-color" content="#2A0D45"> <link rel="preload" as="image" href="/images/sitelogo.png" imagesizes="168px" imagesrcset="/images/sitelogo.png, /images/sitelogo-2x.png 2x"> <link rel="preload" as="image" href="/shared/images/nst-icons.svg"> <link rel="stylesheet" href="/shared/css/nst.css?v=2"> <script async src="/shared/js/nst.js?v=2"></script> <link rel="stylesheet" href="/shared/css/nst-foot.css?v=2" media="print" onload="this.media='all'"> <link rel="stylesheet" href="/site.css"> <!--Google Analytics Code--> <link rel="preload" href="https://www.google-analytics.com/analytics.js" as="script"> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-11009417-1', 'auto'); ga('send', 'pageview'); </script> <!--END Google Analytics Code--> <META NAME="ROBOTS" CONTENT="NOARCHIVE"> <link rel="shortcut icon" href="/shared/images/tiny-eyeicon.png" type="image/png"> </head> <body><div id="nst-wrapper"> <div id="menu"> <div class="blur"> <header id="nst-head"> <a id="menu-open" href="#menu" aria-label="Open menu"> <img width="44" height="44" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#menu"> </a> <a id="menu-close" href="#" aria-label="Close menu"> <img width="44" height="44" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#close"> </a> <a id="nst-logo" href="/" aria-label="Home page"> <img alt="Home page logo" srcset="/images/sitelogo.png, /images/sitelogo-2x.png 2x" src="/images/sitelogo.png" onerror="this.onerror=null;this.srcset=this.src" height=90 width=168></a> <nav id="nst-gnav"> <a class="nlink" href="https://nmap.org/">Nmap.org</a> <a class="nlink" href="https://npcap.com/">Npcap.com</a> <a class="nlink" href="https://seclists.org/">Seclists.org</a> <a class="nlink" href="https://sectools.org">Sectools.org</a> <a class="nlink" href="https://insecure.org/">Insecure.org</a> </nav> <form class="nst-search" id="nst-head-search" action="/search/"> <input class="nst-search-q" name="q" type="search" placeholder="Site Search"> <button class="nst-search-button" title="Search"> <img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search"> </button> </form> </header> </div> </div> <main id="nst-content"> <nav> <div id="nav"> <ul> <li><a href="/">Home</a></li> <li><a href="/about/">About/Help</a></li> <li><a href="/contrib/">Suggest a new tool</a></li> <li><form action="/search/" method="get"><input type="text" name="q" size="10"><input type="submit" value="Search"></form></li> </ul> </div> </nav> <br> <h2>SecTools.Org: Top 125 Network Security Tools</h2> <p>For more than a decade, the <a href="http://nmap.org">Nmap Project</a> has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a <a href="http://sectools.org/contrib/">new tool suggestion form</a>. This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the <a href="http://nmap.org">Nmap Security Scanner</a>, <a href="http://nmap.org/ncat/">Ncat network connector</a>, and <a href="http://nmap.org/nping/">Nping packet manipulator</a>).</p> <p>We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!</p> <div class="inline-tags"> <p> Filtering by tag: </p> <ul> <li><a href="/tag/sploits/">sploits</a></li> </ul> <small><a href="/">remove filters</a></small> </div> <div style="float:right; margin-right:1em"> Sort by: <span style="margin-left:2em" title="Sort based on favorite tool votes by 2,959 people"> popularity </span> <span style="margin-left:2em" title="Sort based on tool ratings from site users like you"> <a href="/?sort=rating">rating</a> </span> <span style="margin-left:2em" title="Sort with the most recently released (including new versions) software first"> <a href="/?sort=release">release date</a> </span> </div> <p> Tools 1&ndash;10 of 11 <a style="margin-left:2em" href="?page=2">next page →</a> </p> <h2 class="toolhead"> <a href="/tool/metasploit/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(9)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★½</span> </a> <a style="margin-right:1em" href="/tool/metasploit/">Metasploit</a> (#2,&nbsp;<span class="rank-up" title="Change in popularity since last survey"><img src="/flags/uparrow.gif">3</span>) </h2> <div class="logo"><a href="/tool/metasploit/"><img src="/logos/metasploit-39x49.png" alt="Metasploit logo"></a></div> <p> Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their <a href="http://www.metasploit.com/modules/">list of modules</a>. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is <a href="https://community.rapid7.com/docs/DOC-1875">Metasploitable</a>, an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers. <p>Metasploit was completely free, but the project was acquired by <a href="http://www.rapid7.com">Rapid7</a> in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($5,000 per year per user), and a full-featured Pro edition. Other paid exploitation tools to consider are <a class="local" href="/tool/impact/">Core Impact</a> (more expensive) and <a class="local" href="/tool/canvas/">Canvas</a> (less). <p>The Metasploit Framework now includes an <a href="http://pauldotcom.com/2010/07/metasploit-new-gui.html">official Java-based GUI</a> and also Raphael Mudge's excellent <a href="http://www.fastandeasyhacking.com/">Armitage</a>. The Community, Express, and Pro editions have web-based GUIs. <a href="/tool/metasploit/#comments">Read 15 reviews.</a> </p> <p> <strong>Latest release:</strong> version 4.11 on Dec. 18, 2014 (10 years, 3 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://www.metasploit.com/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> <li><a href="http://en.wikipedia.org/wiki/Metasploit_Project"><img src="/flags/wiki-icon.png" title="Wikipedia" alt="Wikipedia icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/costs/"><img src="/flags/dollarlogo_20x30.gif" title="A commercial (paid) version is available. Free/limited/trial versions may also be offered." alt="$" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/gui/"><img src="/flags/mouse-30x30.png" title="Offers a GUI (point and click) interface." alt="Mouse icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/w3af/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(15)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★½</span> </a> <a style="margin-right:1em" href="/tool/w3af/">w3af</a> (#18,&nbsp;<a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a>) </h2> <div class="logo"><a href="/tool/w3af/"><img src="/logos/w3af-80x80.png" alt="w3af logo"></a></div> <p> W3af is an extremely popular, powerful, and flexible framework for finding and exploiting web application vulnerabilities. It is easy to use and extend and features dozens of web assessment and exploitation plugins. In some ways it is like a web-focused <a class="local" href="/tool/metasploit/">Metasploit</a>. <a href="/tool/w3af/#comments">Read 18 reviews.</a> </p> <p> <strong>Latest release:</strong> version 1.1 on Oct. 11, 2011 (13 years, 6 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://w3af.sourceforge.net/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> <li><a href="http://en.wikipedia.org/wiki/w3af"><img src="/flags/wiki-icon.png" title="Wikipedia" alt="Wikipedia icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/free/"><img src="/flags/free_30x30.png" title="All official versions are free of charge" alt="&quot;Free&quot; price tag icon" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/fuzzers/" title="Fuzzers">fuzzers</a></li> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> <li><a href="/tag/web-scanners/" title="Web vulnerability scanners">web-scanners</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/impact/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(7)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★½</span> </a> <a style="margin-right:1em" href="/tool/impact/">Core Impact</a> (#29,&nbsp;<span class="rank-up" title="Change in popularity since last survey"><img src="/flags/uparrow.gif">15</span>) </h2> <div class="logo"><a href="/tool/impact/"><img src="/logos/impact-80x50.gif" alt="Core Impact logo"></a></div> <p> Core Impact isn't cheap (be prepared to spend at least $30,000), but it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. Other good options include <a class="local" href="/tool/metasploit/">Metasploit</a> and <a class="local" href="/tool/canvas/">Canvas</a>. <a href="/tool/impact/#comments">Read 11 reviews.</a> </p> <p> <strong>Latest release:</strong> version 12 on Aug. 8, 2011 (13 years, 8 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://www.coresecurity.com/content/core-impact-overview"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/costs/"><img src="/flags/dollarlogo_20x30.gif" title="A commercial (paid) version is available. Free/limited/trial versions may also be offered." alt="$" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/gui/"><img src="/flags/mouse-30x30.png" title="Offers a GUI (point and click) interface." alt="Mouse icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> <li><a href="/tag/vuln-scanners/" title="Vulnerability scanners">vuln-scanners</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/sqlmap/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(9)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★½</span> </a> <a style="margin-right:1em" href="/tool/sqlmap/">sqlmap</a> (#30,&nbsp;<a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a>) </h2> <div class="logo"><a href="/tool/sqlmap/"><img src="/logos/sqlmap-80x93.png" alt="sqlmap logo"></a></div> <p> sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features, from database fingerprinting to fetching data from the DB and even accessing the underlying file system and executing OS commands via out-of-band connections. The authors recommend using the development release from their Subversion repository. <a href="/tool/sqlmap/#comments">Read 11 reviews.</a> </p> <p> <strong>Latest release:</strong> version 0.9 on April 11, 2011 (14 years ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://sqlmap.sourceforge.net/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/free/"><img src="/flags/free_30x30.png" title="All official versions are free of charge" alt="&quot;Free&quot; price tag icon" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> <li><a href="/tag/web-scanners/" title="Web vulnerability scanners">web-scanners</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/canvas/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(1)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★★</span> </a> <a style="margin-right:1em" href="/tool/canvas/">Canvas</a> (#51,&nbsp;<span class="rank-up" title="Change in popularity since last survey"><img src="/flags/uparrow.gif">37</span>) </h2> <div class="logo"><a href="/tool/canvas/"><img src="/logos/canvas-97x66.gif" alt="Canvas logo"></a></div> <p> Canvas is a commercial vulnerability exploitation tool from Dave Aitel's <a href="http://www.immunitysec.com">ImmunitySec</a>. It includes more than 370 exploits and is less expensive than <a class="local" href="/tool/impact/">Core Impact</a> or the commercial versions of <a class="local" href="/tool/metasploit/">Metasploit</a>. It comes with full source code, and occasionally even includes zero-day exploits. <a href="/tool/canvas/#comments">Read 1 review.</a> </p> <p> <strong>Latest release:</strong> version 6.73 on Oct. 26, 2011 (13 years, 5 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://www.immunitysec.com/products-canvas.shtml"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/costs/"><img src="/flags/dollarlogo_20x30.gif" title="A commercial (paid) version is available. Free/limited/trial versions may also be offered." alt="$" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/gui/"><img src="/flags/mouse-30x30.png" title="Offers a GUI (point and click) interface." alt="Mouse icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/socialengineeringtoolkit/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(57)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★★</span> </a> <a style="margin-right:1em" href="/tool/socialengineeringtoolkit/">Social Engineer Toolkit</a> (#58,&nbsp;<a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a>) </h2> <p> The Social Engineer Toolkit incorporates many useful social-engineering attacks all in one interface. The main purpose of SET is to automate and improve on many of the social-engineering attacks out there. It can automatically generate exploit-hiding web pages or email messages, and can use Metasploit payloads to, for example, connect back with a shell once the page is opened. <a href="/tool/socialengineeringtoolkit/#comments">Read 74 reviews.</a> </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_(SET)"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/free/"><img src="/flags/free_30x30.png" title="All official versions are free of charge" alt="&quot;Free&quot; price tag icon" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/sqlninja/#comments"> <span style="float:right; min-width:5em; margin-left:0.5em">no rating</span> </a> <a style="margin-right:1em" href="/tool/sqlninja/">sqlninja</a> (#72,&nbsp;<a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a>) </h2> <p> sqlininja exploits web applications that use Microsoft SQL Server as a database backend. Its focus is on getting a running shell on the remote host. sqlninja doesn't find an SQL injection in the first place, but automates the exploitation process once one has been discovered. <a href="/tool/sqlninja/#comments">Review this tool.</a> </p> <p> <strong>Latest release:</strong> version 0.2.6-r1 on April 29, 2012 (12 years, 11 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://sqlninja.sourceforge.net/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/free/"><img src="/flags/free_30x30.png" title="All official versions are free of charge" alt="&quot;Free&quot; price tag icon" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/netsparker/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(5)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★★</span> </a> <a style="margin-right:1em" href="/tool/netsparker/">Netsparker</a> (#75,&nbsp;<a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a>) </h2> <div class="logo"><a href="/tool/netsparker/"><img src="/logos/netsparker-43x43.png" alt="Netsparker logo"></a></div> <p> Netsparker is a web application security scanner, with support for both detection and exploitation of vulnerabilities. It aims to be false positive&ndash;free by only reporting confirmed vulnerabilities after successfully exploiting or otherwise testing them. <a href="/tool/netsparker/#comments">Read 6 reviews.</a> </p> <p> <strong>Latest release:</strong> version 1.8.3.3 on Feb. 10, 2011 (14 years, 2 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://www.mavitunasecurity.com/netsparker/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/costs/"><img src="/flags/dollarlogo_20x30.gif" title="A commercial (paid) version is available. Free/limited/trial versions may also be offered." alt="$" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/command-line/"><img src="/flags/term-30x30.png" title="Features a command-line interface." alt="Terminal window icon" border="0"></a></li> <li><a href="/tag/gui/"><img src="/flags/mouse-30x30.png" title="Offers a GUI (point and click) interface." alt="Mouse icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> <li><a href="/tag/web-scanners/" title="Web vulnerability scanners">web-scanners</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/beef/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(1)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★★</span> </a> <a style="margin-right:1em" href="/tool/beef/">BeEF</a> (#77,&nbsp;<a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a>) </h2> <div class="logo"><a href="/tool/beef/"><img src="/logos/beef-32x32.png" alt="BeEF logo"></a></div> <p> BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers. It is designed to make the creation of new exploit modules easy. <a href="/tool/beef/#comments">Read 4 reviews.</a> </p> <p> <strong>Latest release:</strong> version 0.4.5.0 on April 25, 2014 (10 years, 11 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://beefproject.com/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> <li><a href="http://en.wikipedia.org/wiki/BeEF_(Browser_Exploitation_Framework)"><img src="/flags/wiki-icon.png" title="Wikipedia" alt="Wikipedia icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/free/"><img src="/flags/free_30x30.png" title="All official versions are free of charge" alt="&quot;Free&quot; price tag icon" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/gui/"><img src="/flags/mouse-30x30.png" title="Offers a GUI (point and click) interface." alt="Mouse icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> </ul> </li> </ul> <h2 class="toolhead"> <a href="/tool/dradis/#comments"> <span style="float:right; font-size:smaller; font-weight:normal">(1)</span> <span style="float:right; min-width:5em; margin-left:0.5em">★★★★★</span> </a> <a style="margin-right:1em" href="/tool/dradis/">dradis</a> (#107,&nbsp;<a href="/tag/new/" class="rank-new" title="New in latest survey">new!</a>) </h2> <div class="logo"><a href="/tool/dradis/"><img src="/logos/dradis-80x80.png" alt="dradis logo"></a></div> <p> dradis is an open source framework to enable effective sharing of information among participants in a penetration test. It is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. It has plugins to read and collect the output of a variety of network scanning tools, like <a href="http://nmap.org/">Nmap</a>, <a class="local" href="/tool/burpsuite/">Burp Suite</a>, and <a class="local" href="/tool/nikto/">Nikto</a>. <a href="/tool/dradis/#comments">Read 1 review.</a> </p> <p> <strong>Latest release:</strong> version 2.6.1 on Feb. 11, 2011 (14 years, 2 months ago). </p> <ul class="inline-tags-container"> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="http://dradisframework.org/"><img src="/flags/home-icon.png" title="Homepage" alt="Home icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/new/"><img src="/flags/new_30x30.gif" title="New in latest survey." alt="New!" border="0"></a></li> <li><a href="/tag/free/"><img src="/flags/free_30x30.png" title="All official versions are free of charge" alt="&quot;Free&quot; price tag icon" border="0"></a></li> <li><a href="/tag/linux/"><img src="/flags/linuxpenguinlogo_30x30.gif" title="Works natively on Linux." alt="Linux penguin icon" border="0"></a></li> <li><a href="/tag/os-x/"><img src="/flags/osx-30x30.png" title="Works natively on Apple Mac OS X." alt="OS X icon" border="0"></a></li> <li><a href="/tag/windows/"><img src="/flags/winlogo_30x30.gif" title="Works natively on Microsoft Windows." alt="Windows icon" border="0"></a></li> <li><a href="/tag/gui/"><img src="/flags/mouse-30x30.png" title="Offers a GUI (point and click) interface." alt="Mouse icon" border="0"></a></li> <li><a href="/tag/source/"><img src="/flags/magnifying-glass-19x30.png" title="Source code available for inspection." alt="Magnifying glass icon" border="0"></a></li> </ul> </li> <li class="inline-tags-container"> <ul class="inline-tags"> <li><a href="/tag/sploits/" title="Vulnerability exploitation tools">sploits</a></li> </ul> </li> </ul> <p> Tools 1&ndash;10 of 11 <a style="margin-left:2em" href="?page=2">next page →</a> </p> <h3 id="categories">Categories</h3> <ul> <li><a href="/tag/antimalware/">Antimalware (3)</a></li> <li><a href="/tag/app-scanners/">Application-specific scanners (3)</a></li> <li><a href="/tag/browser/">Web browser–related (4)</a></li> <li><a href="/tag/crypto/">Encryption tools (8)</a></li> <li><a href="/tag/debuggers/">Debuggers (5)</a></li> <li><a href="/tag/firewalls/">Firewalls (2)</a></li> <li><a href="/tag/forensics/">Forensics (4)</a></li> <li><a href="/tag/fuzzers/">Fuzzers (4)</a></li> <li><a href="/tag/general/">General-purpose tools (8)</a></li> <li><a href="/tag/ids/">Intrusion detection systems (6)</a></li> <li><a href="/tag/packet-crafters/">Packet crafting tools (6)</a></li> <li><a href="/tag/pass-audit/">Password auditing (12)</a></li> <li><a href="/tag/port-scanners/">Port scanners (4)</a></li> <li><a href="/tag/rootkit-detectors/">Rootkit detectors (5)</a></li> <li><a href="/tag/sec-distros/">Security-oriented operating systems (5)</a></li> <li><a href="/tag/sniffers/">Packet sniffers (14)</a></li> <li><a href="/tag/sploits/">Vulnerability exploitation tools (11)</a></li> <li><a href="/tag/traffic-monitors/">Traffic monitoring tools (10)</a></li> <li><a href="/tag/vuln-scanners/">Vulnerability scanners (11)</a></li> <li><a href="/tag/web-proxy/">Web proxies (4)</a></li> <li><a href="/tag/web-scanners/">Web vulnerability scanners (20)</a></li> <li><a href="/tag/wireless/">Wireless tools (5)</a></li> </ul> </main><!-- content --> <footer id="nst-foot"> <form class="nst-search" id="nst-foot-search" action="/search/"> <input class="nst-search-q" name="q" type="search" placeholder="Site Search"> <button class="nst-search-button" title="Search"> <img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search"> </button> </form> <div class="flexlists"> <div class="fl-unit"> <h2><a class="nlink" href="https://nmap.org/">Nmap Security Scanner</a></h2> <ul> <li><a class="nlink" href="https://nmap.org/book/man.html">Ref Guide</a> <li><a class="nlink" href="https://nmap.org/book/install.html">Install Guide</a> <li><a class="nlink" href="https://nmap.org/docs.html">Docs</a> <li><a class="nlink" href="https://nmap.org/download.html">Download</a> <li><a class="nlink" href="https://nmap.org/oem/">Nmap OEM</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://npcap.com/">Npcap packet capture</a></h2> <ul> <li><a class="nlink" href="https://npcap.com/guide/">User's Guide</a> <li><a class="nlink" href="https://npcap.com/guide/npcap-devguide.html#npcap-api">API docs</a> <li><a class="nlink" href="https://npcap.com/#download">Download</a> <li><a class="nlink" href="https://npcap.com/oem/">Npcap OEM</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://seclists.org/">Security Lists</a></h2> <ul> <li><a class="nlink" href="https://seclists.org/nmap-announce/">Nmap Announce</a> <li><a class="nlink" href="https://seclists.org/nmap-dev/">Nmap Dev</a> <li><a class="nlink" href="https://seclists.org/fulldisclosure/">Full Disclosure</a> <li><a class="nlink" href="https://seclists.org/oss-sec/">Open Source Security</a> <li><a class="nlink" href="https://seclists.org/dataloss/">BreachExchange</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://sectools.org">Security Tools</a></h2> <ul> <li><a class="nlink" href="https://sectools.org/tag/vuln-scanners/">Vuln scanners</a> <li><a class="nlink" href="https://sectools.org/tag/pass-audit/">Password audit</a> <li><a class="nlink" href="https://sectools.org/tag/web-scanners/">Web scanners</a> <li><a class="nlink" href="https://sectools.org/tag/wireless/">Wireless</a> <li><a class="nlink" href="https://sectools.org/tag/sploits/">Exploitation</a> </ul> </div> <div class="fl-unit"> <h2><a class="nlink" href="https://insecure.org/">About</a></h2> <ul> <li><a class="nlink" href="https://insecure.org/fyodor/">About/Contact</a> <li><a class="nlink" href="https://insecure.org/privacy.html">Privacy</a> <li><a class="nlink" href="https://insecure.org/advertising.html">Advertising</a> <li><a class="nlink" href="https://nmap.org/npsl/">Nmap Public Source License</a> </ul> </div> <div class="fl-unit social-links"> <a class="nlink" href="https://twitter.com/nmap" title="Visit us on Twitter"> <img width="32" height="32" src="/shared/images/nst-icons.svg#twitter" alt="" aria-hidden="true"> </a> <a class="nlink" href="https://facebook.com/nmap" title="Visit us on Facebook"> <img width="32" height="32" src="/shared/images/nst-icons.svg#facebook" alt="" aria-hidden="true"> </a> <a class="nlink" href="https://github.com/nmap/" title="Visit us on Github"> <img width="32" height="32" src="/shared/images/nst-icons.svg#github" alt="" aria-hidden="true"> </a> <a class="nlink" href="https://reddit.com/r/nmap/" title="Discuss Nmap on Reddit"> <img width="32" height="32" src="/shared/images/nst-icons.svg#reddit" alt="" aria-hidden="true"> </a> </div> </div> </footer> </div><!-- wrapper --> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10