CONCORDIA Service – Cybersecurity Tools

Cybersecurity Tools

Our suggestion for your Cybersecurity technical activities

NameTypeCategoryLinkOpenessFurther Information
ApktoolReverse EngineeringReversinghttps://ibotpeaches.github.io/Apktool/Open-SourceA tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc.
BanditStatic Code Analysis Software Developmenthttps://bandit.readthedocs.io/en/latest/Open-SourceBandit is a static code analysis tool to find common security issues in Python code.
binwalkReversingReversinghttps://github.com/ReFirmLabs/binwalkOpen-SourceBinwalk is a tool for analyzing, reverse engineering, and extracting firmware images.
BurpSuiteWeb Application Security TestingWebhttps://portswigger.net/burp/communitydownloadCommercial and Open-Source Versions availableBurp Suite is the world's most widely used web application security testing software.
checkmkMonitoring SystemNetworkhttps://checkmk.com/Open-SourceMonitoring system for applications, servers, networks, etc.
ChizpurfleFuzzerReversinghttps://github.com/dessertlab/fantastic_beastsOpen-SourceChizpurfle, a gray-box fuzzer designed to run on actual Android devices, with a focus on testing vendor-specific system services of Android OS. It was presented at the IEEE ISSRE 2017 conference, and received the best research paper award.
CowrieSSH/Telnet HoneypotNetworkhttps://cowrie.readthedocs.io/Open-SourceMedium to high interaction SSH and Telnet (proxy) honeypot to log attacks and the shell interaction performed with an emulates UNIX system.
CTFdCTF PlatformCTFhttps://ctfd.io/Open-SourcePlatform software with plugins for a CTF
Cuckoo SandboxDynamic Malware AnalysisMalware Analysishttps://cuckoosandbox.org/Open-SourceRun malware in virtual machine and monitor the changes
CyberChefEncoder/DecoderCryptohttps://gchq.github.io/CyberChef/Open-SourceWeb application to decode and encode data
Dependency-TrackSoftware Bill-of-Materials AnalysisRisk Managementhttps://dependencytrack.org/Open-Source"Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components." (Quote from homepage)
DIRBWeb Search ToolWebhttp://dirb.sourceforge.net/Open-SourceDIRB is a tool for automating the search of (normally hidden) web
applications.
Elastic StackRealtime Data Analyzing PlatformData Analysishttps://www.elastic.co/Commercial and Open-Source Versions availableElastic Stack is a group of open source products from Elastic designed to help users take data from any type of source and in any format and search, analyze, and visualize that data in real time. The product group was formerly known as ELK Stack, in which the letters in the name stood for the products in the group: Elasticsearch, Logstash and Kibana.
ExiftoolExif ToolGenerichttps://exiftool.orgOpen-SourceSee, delete, and change exif information, but also see history exif information.
FlowmonNetwork Performance Monitoring & DiagnosticsNetworkhttps://www.flowmon.com/en/overviewCommercialFlowmon is a tool set composed of Probes (monitoring network traffic, export telemetry in form of NetFlow/IPFIX, capture full packet data, etc.) and Collectors to store, process, visualize, analyze, report and alert on network traffic.
Flowmon ADSNetwork Detection & ResponseNetworkhttps://www.flowmon.com/en/products/software-modules/anomaly-detection-systemCommercialFlowmon Anomaly Detection System is a software module running on top of Flowmon system to detect and report on indicators of compromise, attacks against network services, lateral movement, data exfiltration, etc. In combines various detection techniques (machine learning, adaptive base lining, heuristics, etc.) to report on security events out of the box.
Flowmon DDoS DefenderDetection & Mitigation of DDoS AttacksNetworkhttps://www.flowmon.com/en/products/software-modules/ddos-defenderCommercialFlowmon DDoS Defender is a software module running on top of Flowmon system to detect and mitigate volumetric DDoS attacks. It provides the mitigation control using PBR, BGP and BGP Flowspec and integration with third party scrubbing devices and cloud scrubbing centers.
FridaDynamic Instrumentation Tool Reversinghttps://github.com/frida/fridaOpen-SourceDynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Frida is scriptable, portable, and free.
GnuPGPublic Key Cryptography tool for encrypting and signing dataCryptohttps://gnupg.org/Open-SourceOpenPGP implementation, Gpg4win is the Windows version
GorilleMorphological analysis
a breakthrough technology for binary code analysis
Data analysishttps://www.cyber-detect.com/index-en.htmlCommercialBetter threat recognition, Bottleneck issues avoidance in incident response, Delay reduction in incident response time
hashcatPassword RecoveryForensichttps://hashcat.net/hashcat/Open-SourceRecovery different passwords, from Veracrypt to Blockchain.
Hping3Network Packet GeneratorNetworkhttp://www.hping.org/Open-Sourcehping is a command-line oriented TCP/IP packet assembler/analyzer
HydraNetwork Password and Logon CrackerNetworkhttps://tools.kali.org/password-attacks/hydraOpen-SourceHydra is a parallelized login cracker which supports numerous protocols to attack.
kAFLFuzzerReversinghttps://github.com/RUB-SysSec/kaflOpen-SourceBlazing fast x86-64 VM kernel fuzzing framework with performant VM reloads for Linux, MacOS and Windows.
KaliOSOShttps://kali.orgOpen-SourceLinux with pentesting and forensic tools
KypoCyber Range PlatformRisk management
and training
https://crp.kypo.muni.cz/Open-SourceKYPO Cyber Range Platform is a flexible, scalable, and sophisticated virtual environment. It is based on modern approaches such as containers, infrastructure as code, microservices, and open-source software
MISPThreat Intelligence SharingThreat Intelligencehttps://www.misp-project.org/Open-SourceThreat intelligence sharing platform. Used to detect abnormal behaviors
Moon CloudSecurity Sssurance Evaluation Tool Webhttps://www.moon-cloud.eu/enCommercialMoon Cloud provides a cloud platform for continuous compliance assessment and assurance evaluation of cloud, IoT, and traditional IT applications/infrastructures. It enables infrastructure/application owners to have a complete verification of their services during operation. Though generic, it mainly targets security and performance assurance, and can support security certification of IT systems.
NautilusFuzzerReversinghttps://github.com/nautilus-fuzz/nautilusOpen-SourceNautilus is a coverage guided, grammar based fuzzer
NessusVulnerability ScannerNetworkhttps://de.tenable.com/products/nessusCommercial and Open-Source Versions availableNessus scans cover a wide range of technologies including operating systems, network devices, hypervisors, databases, web servers, and critical infrastructure.
NmapNetwork MapperNetworkhttps://nmap.org/Open-SourceUtility for network discovery and security auditing. Vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.
OSS-Fuzz FuzzerReversinghttps://github.com/google/oss-fuzzOpen-SourceOSS-Fuzz is designed for testing open source software security and stability. It combines modern fuzzing techniques with scalable, distributed execution.
OSSECOpen Source HIDS SECurityNetworkhttps://www.ossec.net/about/Open-SourceHost-based Intrusion Detection System (HIDS/IPS)
OWASP Zed Attack Proxy (ZAP)Penetration Testing ToolWebhttps://www.zaproxy.org/Open-Sourceweb app scanner
plasoTimeline AnalysisForensichttps://github.com/log2timeline/plasoOpen-SourceCreates a timeline out of various sources for analyzing a forensic
QemuEmulatorVirtualisationhttps://www.qemu.org/Open-SourceEmulation and Virtualization
radare2ReversingReversinghttps://www.radare.org/n/Open-SourceA free toolchain for easing several low level tasks like forensics, software reverse engineering, exploiting, debugging.
rekallRAM ForensicsForensichttps://github.com/google/rekallOpen-SourceParses a memory dump and extracts artifacts
ScapyPacket Manipulating Tool Networkhttps://scapy.net/Open-SourceScapy is a Python program that enables the user to send, sniff and dissect and forge network packets. This capability allows construction of tools that can probe, scan or attack networks.
ShodanSearch EngineWebhttps://shodan.ioCommercial and Open-Source Versions availableSearch engine for things in the internet
SleuthkitHard disc ForensicForensichttps://www.sleuthkit.org/Open-SourceAnalysing forensic images with different filesystems
SnortNetwork Intrusion Detection & Preventing SystemNetworkhttps://www.snort.org/Open-SourceIntrusion Detection and Prevention System(NIDS/IPS)
SonarQubeStatic Code Analysis Software Developmenthttps://www.sonarqube.org/Commercial and Open-Source Versions availableSonarQube provides static code analysis for multiple programming languages to support code reliability and application security as well as reduce technical debt.
T-PotAll-in-One Honeypot PlatformNetworkhttps://github.com/dtag-dev-sec/tpotceOpen-SourceT-Pot is based on the network installer Debian (Stable). The honeypot daemons as well as other support components being used have been containerized using docker. This allows us to run multiple honeypot daemons on the same network interface while maintaining a small footprint and constrain each honeypot within its own environment.
TranalyzerPacket Analyzer Networkhttps://tranalyzer.com/aboutOpen-SourceLightweight flow generator and packet analyzer with several plugins
VMRayMalware Analysis PlatformMalware Analysishttps://www.vmray.com/CommercialAutomated malware analysis and detection tool, full customizable from workflow to images.
volatilityRAM ForensicsForensichttps://www.volatilityfoundation.org/Open-SourceParses a memory dump and extracts artifacts
WiresharkNetwork analyzerNetworkhttps://www.wireshark.org/Open-SourceNetwork protocol analyzer
YourAdValueWeb Browsing AnalyzerWebhttps://youradvalue.tid.es:2222/Open-SourceYourAdvalue browser extension tries to detect and report how much the users cost for the advertisers, based on the real-time bidding (RTB) ads the user receives at real time while browsing.