CONCORDIA Service – Cybersecurity Tools

Cybersecurity Tools

Our suggestion for your Cybersecurity technical activities

NameTypeCategoryLinkOpenessFurther Information
ApktoolReverse EngineeringRevesinghttps://ibotpeaches.github.io/Apktool/Open-SourceA tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc.
ExiftoolExif ToolGenerichttps://exiftool.orgOpen-SourceSee, delete, and change exif information, but also see history exif information.
hashcatPassword RecoveryForensichttps://hashcat.net/hashcat/Open-SourceRecovery different passwords, from Veracrypt to Blockchain.
ScapyPacket Manipulating Tool Networkhttps://scapy.net/Open-SourceScapy is a Python program that enables the user to send, sniff and dissect and forge network packets. This capability allows construction of tools that can probe, scan or attack networks.
DIRBWeb Search ToolWebhttp://dirb.sourceforge.net/Open-SourceDIRB is a tool for automating the search of (normally hidden) web
applications.
BurpSuiteWeb Application Security TestingWebhttps://portswigger.net/burp/communitydownloadCommercial and Open-Source Versions availableBurp Suite is the world's most widely used web application security testing software.
binwalkReversingReversinghttps://github.com/ReFirmLabs/binwalkOpen-SourceBinwalk is a tool for analyzing, reverse engineering, and extracting firmware images.
radare2ReversingReversinghttps://www.radare.org/n/Open-SourceA free toolchain for easing several low level tasks like forensics, software reverse engineering, exploiting, debugging.
QemuEmulatorVirtualisationhttps://www.qemu.org/Open-SourceEmulation and Virtualization
CyberChefEncoder/DecoderCryptohttps://gchq.github.io/CyberChef/Open-SourceWeb application to decode and encode data
TranalyzerPacket Analyzer Networkhttps://tranalyzer.com/aboutOpen-SourceLightweight flow generator and packet analyzer with several plugins
checkmkMonitoring SystemNetworkhttps://checkmk.com/Open-SourceMonitoring system for applications, servers, networks, etc.
CTFdCTF PlatformCTFhttps://ctfd.io/Open-SourcePlatform software with plugins for a CTF
FridaDynamic Instrumentation Tool Reversinghttps://github.com/frida/fridaOpen-SourceDynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Frida is scriptable, portable, and free.
ChizpurfleFuzzerReversinghttps://github.com/dessertlab/fantastic_beastsOpen-SourceChizpurfle, a gray-box fuzzer designed to run on actual Android devices, with a focus on testing vendor-specific system services of Android OS. It was presented at the IEEE ISSRE 2017 conference, and received the best research paper award.
OSS-Fuzz FuzzerReversinghttps://github.com/google/oss-fuzzOpen-SourceOSS-Fuzz is designed for testing open source software security and stability. It combines modern fuzzing techniques with scalable, distributed execution.
Moon CloudSecurity Sssurance Evaluation Tool Webhttps://www.moon-cloud.eu/enCommercialMoon Cloud provides a cloud platform for continuous compliance assessment and assurance evaluation of cloud, IoT, and traditional IT applications/infrastructures. It enables infrastructure/application owners to have a complete verification of their services during operation. Though generic, it mainly targets security and performance assurance, and can support security certification of IT systems.
kAFLFuzzerReversinghttps://github.com/RUB-SysSec/kaflOpen-SourceBlazing fast x86-64 VM kernel fuzzing framework with performant VM reloads for Linux, MacOS and Windows.
NautilusFuzzerReversinghttps://github.com/nautilus-fuzz/nautilusOpen-SourceNautilus is a coverage guided, grammar based fuzzer
FlowmonNetwork Performance Monitoring & DiagnosticsNetworkhttps://www.flowmon.com/en/overviewCommercialFlowmon is a tool set composed of Probes (monitoring network traffic, export telemetry in form of NetFlow/IPFIX, capture full packet data, etc.) and Collectors to store, process, visualize, analyze, report and alert on network traffic.
Flowmon ADSNetwork Detection & ResponseNetworkhttps://www.flowmon.com/en/products/software-modules/anomaly-detection-systemCommercialFlowmon Anomaly Detection System is a software module running on top of Flowmon system to detect and report on indicators of compromise, attacks against network services, lateral movement, data exfiltration, etc. In combines various detection techniques (machine learning, adaptive base lining, heuristics, etc.) to report on security events out of the box.
Flowmon DDoS DefenderDetection & Mitigation of DDoS AttacksNetworkhttps://www.flowmon.com/en/products/software-modules/ddos-defenderCommercialFlowmon DDoS Defender is a software module running on top of Flowmon system to detect and mitigate volumetric DDoS attacks. It provides the mitigation control using PBR, BGP and BGP Flowspec and integration with third party scrubbing devices and cloud scrubbing centers.
MISPThreat Intelligence SharingThreat Intelligencehttps://www.misp-project.org/Open-SourceThreat intelligence sharing platform. Used to detect abnormal behaviors
WiresharkNetwork analyzerNetworkhttps://www.wireshark.org/Open-SourceNetwork protocol analyzer
NmapNetwork MapperNetworkhttps://nmap.org/Open-SourceUtility for network discovery and security auditing. Vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.
OSSECOpen Source HIDS SECurityNetworkhttps://www.ossec.net/about/Open-SourceHost-based Intrusion Detection System (HIDS/IPS)
SnortNetwork Intrusion Detection & Preventing SystemNetworkhttps://www.snort.org/Open-SourceIntrusion Detection and Prevention System(NIDS/IPS)
HydraNetwork Password and Logon CrackerNetworkhttps://tools.kali.org/password-attacks/hydraOpen-SourceHydra is a parallelized login cracker which supports numerous protocols to attack.
Hping3Network Packet GeneratorNetworkhttp://www.hping.org/Open-Sourcehping is a command-line oriented TCP/IP packet assembler/analyzer
GnuPGPublic Key Cryptography tool for encrypting and signing dataCryptohttps://gnupg.org/Open-SourceOpenPGP implementation, Gpg4win is the Windows version
OWASP Zed Attack Proxy (ZAP)Penetration Testing ToolWebhttps://www.zaproxy.org/Open-Sourceweb app scanner
CowrieSSH/Telnet HoneypotNetworkhttps://cowrie.readthedocs.io/Open-SourceMedium to high interaction SSH and Telnet (proxy) honeypot to log attacks and the shell interaction performed with an emulates UNIX system.
Dependency-TrackSoftware Bill-of-Materials AnalysisRisk Managementhttps://dependencytrack.org/Open-Source"Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components." (Quote from homepage)
SonarQubeStatic Code Analysis Software Developmenthttps://www.sonarqube.org/Commercial and Open-Source Versions availableSonarQube provides static code analysis for multiple programming languages to support code reliability and application security as well as reduce technical debt.
BanditStatic Code Analysis Software Developmenthttps://bandit.readthedocs.io/en/latest/Open-SourceBandit is a static code analysis tool to find common security issues in Python code.
YourAdValueWeb Browsing AnalyzerWebhttps://youradvalue.tid.es:2222/Open-SourceYourAdvalue browser extension tries to detect and report how much the users cost for the advertisers, based on the real-time bidding (RTB) ads the user receives at real time while browsing.
T-PotAll-in-One Honeypot PlatformNetworkhttps://github.com/dtag-dev-sec/tpotceOpen-SourceT-Pot is based on the network installer Debian (Stable). The honeypot daemons as well as other support components being used have been containerized using docker. This allows us to run multiple honeypot daemons on the same network interface while maintaining a small footprint and constrain each honeypot within its own environment.
Elastic StackRealtime Data Analyzing PlatformData Analysishttps://www.elastic.co/Commercial and Open-Source Versions availableElastic Stack is a group of open source products from Elastic designed to help users take data from any type of source and in any format and search, analyze, and visualize that data in real time. The product group was formerly known as ELK Stack, in which the letters in the name stood for the products in the group: Elasticsearch, Logstash and Kibana.
VMRayMalware Analysis PlatformMalware Analysishttps://www.vmray.com/CommercialAutomated malware analysis and detection tool, full customizable from workflow to images.
SleuthkitHard disc ForensicForensichttps://www.sleuthkit.org/Open-SourceAnalysing forensic images with different filesystems
plasoTimeline AnalysisForensichttps://github.com/log2timeline/plasoOpen-SourceCreates a timeline out of various sources for analyzing a forensic
volatilityRAM ForensicsForensichttps://www.volatilityfoundation.org/Open-SourceParses a memory dump and extracts artifacts
rekallRAM ForensicsForensichttps://github.com/google/rekallOpen-SourceParses a memory dump and extracts artifacts
Cuckoo SandboxDynamic Malware AnalysisMalware Analysishttps://cuckoosandbox.org/Open-SourceRun malware in virtual machine and monitor the changes
ShodanSearch EngineWebhttps://shodan.ioCommercial and Open-Source Versions availableSearch engine for things in the internet
KaliOSOShttps://kali.orgOpen-SourceLinux with pentesting and forensic tools
NessusVulnerability ScannerNetworkhttps://de.tenable.com/products/nessusCommercial and Open-Source Versions availableNessus scans cover a wide range of technologies including operating systems, network devices, hypervisors, databases, web servers, and critical infrastructure.