CONCORDIA Service – Cybersecurity Tools

Cybersecurity Tools

Our suggestion for your Cybersecurity technical activities

NameTypeCategoryLinkOpenessFurther Information
ApktoolReverse EngineeringRevesing tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc.
ExiftoolExif ToolGenerichttps://exiftool.orgOpen-SourceSee, delete, and change exif information, but also see history exif information.
hashcatPassword RecoveryForensic different passwords, from Veracrypt to Blockchain.
ScapyPacket Manipulating Tool Network is a Python program that enables the user to send, sniff and dissect and forge network packets. This capability allows construction of tools that can probe, scan or attack networks.
DIRBWeb Search ToolWeb is a tool for automating the search of (normally hidden) web
BurpSuiteWeb Application Security TestingWeb and Open-Source Versions availableBurp Suite is the world's most widely used web application security testing software.
binwalkReversingReversing is a tool for analyzing, reverse engineering, and extracting firmware images.
radare2ReversingReversing free toolchain for easing several low level tasks like forensics, software reverse engineering, exploiting, debugging.
QemuEmulatorVirtualisation and Virtualization
CyberChefEncoder/DecoderCrypto application to decode and encode data
TranalyzerPacket Analyzer Network flow generator and packet analyzer with several plugins
checkmkMonitoring SystemNetwork system for applications, servers, networks, etc.
CTFdCTF PlatformCTF software with plugins for a CTF
FridaDynamic Instrumentation Tool Reversing instrumentation toolkit for developers, reverse-engineers, and security researchers. Frida is scriptable, portable, and free.
ChizpurfleFuzzerReversing, a gray-box fuzzer designed to run on actual Android devices, with a focus on testing vendor-specific system services of Android OS. It was presented at the IEEE ISSRE 2017 conference, and received the best research paper award.
OSS-Fuzz FuzzerReversing is designed for testing open source software security and stability. It combines modern fuzzing techniques with scalable, distributed execution.
Moon CloudSecurity Sssurance Evaluation Tool Web Cloud provides a cloud platform for continuous compliance assessment and assurance evaluation of cloud, IoT, and traditional IT applications/infrastructures. It enables infrastructure/application owners to have a complete verification of their services during operation. Though generic, it mainly targets security and performance assurance, and can support security certification of IT systems.
kAFLFuzzerReversing fast x86-64 VM kernel fuzzing framework with performant VM reloads for Linux, MacOS and Windows.
NautilusFuzzerReversing is a coverage guided, grammar based fuzzer
FlowmonNetwork Performance Monitoring & DiagnosticsNetwork is a tool set composed of Probes (monitoring network traffic, export telemetry in form of NetFlow/IPFIX, capture full packet data, etc.) and Collectors to store, process, visualize, analyze, report and alert on network traffic.
Flowmon ADSNetwork Detection & ResponseNetwork Anomaly Detection System is a software module running on top of Flowmon system to detect and report on indicators of compromise, attacks against network services, lateral movement, data exfiltration, etc. In combines various detection techniques (machine learning, adaptive base lining, heuristics, etc.) to report on security events out of the box.
Flowmon DDoS DefenderDetection & Mitigation of DDoS AttacksNetwork DDoS Defender is a software module running on top of Flowmon system to detect and mitigate volumetric DDoS attacks. It provides the mitigation control using PBR, BGP and BGP Flowspec and integration with third party scrubbing devices and cloud scrubbing centers.
MISPThreat Intelligence SharingThreat Intelligence intelligence sharing platform. Used to detect abnormal behaviors
WiresharkNetwork analyzerNetwork protocol analyzer
NmapNetwork MapperNetwork for network discovery and security auditing. Vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.
OSSECOpen Source HIDS SECurityNetwork Intrusion Detection System (HIDS/IPS)
SnortNetwork Intrusion Detection & Preventing SystemNetwork Detection and Prevention System(NIDS/IPS)
HydraNetwork Password and Logon CrackerNetwork is a parallelized login cracker which supports numerous protocols to attack.
Hping3Network Packet GeneratorNetwork is a command-line oriented TCP/IP packet assembler/analyzer
GnuPGPublic Key Cryptography tool for encrypting and signing dataCrypto implementation, Gpg4win is the Windows version
OWASP Zed Attack Proxy (ZAP)Penetration Testing ToolWeb app scanner
CowrieSSH/Telnet HoneypotNetwork to high interaction SSH and Telnet (proxy) honeypot to log attacks and the shell interaction performed with an emulates UNIX system.
Dependency-TrackSoftware Bill-of-Materials AnalysisRisk Management"Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components." (Quote from homepage)
SonarQubeStatic Code Analysis Software Development and Open-Source Versions availableSonarQube provides static code analysis for multiple programming languages to support code reliability and application security as well as reduce technical debt.
BanditStatic Code Analysis Software Development is a static code analysis tool to find common security issues in Python code.
YourAdValueWeb Browsing AnalyzerWeb browser extension tries to detect and report how much the users cost for the advertisers, based on the real-time bidding (RTB) ads the user receives at real time while browsing.
T-PotAll-in-One Honeypot PlatformNetwork is based on the network installer Debian (Stable). The honeypot daemons as well as other support components being used have been containerized using docker. This allows us to run multiple honeypot daemons on the same network interface while maintaining a small footprint and constrain each honeypot within its own environment.
Elastic StackRealtime Data Analyzing PlatformData Analysis and Open-Source Versions availableElastic Stack is a group of open source products from Elastic designed to help users take data from any type of source and in any format and search, analyze, and visualize that data in real time. The product group was formerly known as ELK Stack, in which the letters in the name stood for the products in the group: Elasticsearch, Logstash and Kibana.
VMRayMalware Analysis PlatformMalware Analysis malware analysis and detection tool, full customizable from workflow to images.
SleuthkitHard disc ForensicForensic forensic images with different filesystems
plasoTimeline AnalysisForensic a timeline out of various sources for analyzing a forensic
volatilityRAM ForensicsForensic a memory dump and extracts artifacts
rekallRAM ForensicsForensic a memory dump and extracts artifacts
Cuckoo SandboxDynamic Malware AnalysisMalware Analysis malware in virtual machine and monitor the changes
ShodanSearch EngineWebhttps://shodan.ioCommercial and Open-Source Versions availableSearch engine for things in the internet
KaliOSOShttps://kali.orgOpen-SourceLinux with pentesting and forensic tools
NessusVulnerability ScannerNetwork and Open-Source Versions availableNessus scans cover a wide range of technologies including operating systems, network devices, hypervisors, databases, web servers, and critical infrastructure.