5 - Cybersecurity Tools   for best viewing this tab should be set at a size of 85%  
[return to main]   Link to Protocols   Listings for 1620 Cyber Security Vendors ---------------> https://www.digitaldefense.com/wp-content/uploads/2018/09/Volume-3.1-TAG-Cyber-Security-Annual-Vendor-Listings.pdf  
  Tool Classes              
  SOFTWARE Search; Ingress/Egress/Remote Access; Lateral Movement; Log Cleanup; Credential Harvesting; Internal Reconnaissance; Penetration Testing; Monitoring & Control; Data Analysis/Synthesis; Exploit Tools; General Purpose Tool             
  HARDWARE incl COMM              
  PROTOCOLS & Methodology:Cyber Intel              
  DATA Checks              
SOFTWARE  * indicates it's included in Kali ,Click here to go to Sorted by Category Category Cost Description URL      
1 Acunetix Pen Testing - Web $$ Web Application Vulnerability Testing https://www.acunetix.com/      
2 Aircrack-ng * Pen Testing - Wireless Open Source Provides routines for accessing hashed router pw's in Kali in Kali    
3 Alientvault OSSIM SIEM Open Source Security Information & Event Management Software https://cybersecurity.att.com/products/ossim/download       
4 Analyst Notebook (i2) now part of IBM Collection/Data Analysis/Synthesis $$ Chronological Data & Relationship Record/Display https://www.ibm.com/us-en/marketplace/analysts-notebook      
5 ATT&CK Collection/Data Analysis/Synthesis Open Source Collection of APT, TTP & Malware descriptors https://attack.mitre.org      
6 Autopsy - The Sleuth Kit Forensics - Storage Open Source Hard Drive & Storage Analysis, Web Artifacts, Registry Analysis https://www.autopsy.com/      
7 BCWipe Cyber Hygiene free, $ File and Drive Wiping https://www.jetico.com/data-wiping      
8 BeEF * Pen Testing - Web Open Source Browser Exploitation Framework https://github.com/beefproject/beef      
9 Belarc advisor Routine Security Defense free, $ Inventory of a Computing Machine: HW & Software https://www.belarc.com/en/products_belarc_advisor      
10 Bloodhound Pen Testing - Active Directory Open Source Attack Paths in Active Directory & other apps https://bloodhound.readthedocs.io/en/latest/index.html see video at https://www.youtube.com/watch?v=dPsLVE0R1Tg  identify highly complex attack paths using graph analysis    
11 Brave Anonymous Browser Open Source Browser https://brave.com/      
12 BRO (see Zeek) Collection/Data Analysis/Synthesis Open Source Network Security Monitor https://www.zeek.org/      
13 Burp Suite * Pen Testing - Web Open Source Web Content Vulnerability Scanner https://www.portswigger.net/burp/      
14 Cain & Abel Pen Testing - General Open Source General Purpose Exploit Tool http://cain-abel.en.softonic.com/download      
15 CALDERA Pen Testing - Malware Attacks Open Source Red Team Attack Tool https://github.com/mitre/caldera      
16 Canvas from Immunity Pen Testing - Malware Attacks $$$$ High End Exploit Tool https://www.immunityinc.com/products/canvas/ capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do.    
17 CAPA Explorer Malware Function discovery Open Source FireEye plugin for IDA Pro https://github.com/fireeye/capa      
18 Censys & zMap Reconnaissance - OSI Research Scan of all internet, banners, hosts, certificates https://censys.io/data      
19 CFF Explorer Reverse Engineering Open Source Binary Analysis https://download.cnet.com/CFF-Explorer/3000-2383_4-10431156.html      
20 Cobalt Strike Threat Emulation $$$ Adversary simulation & Red Teaming https://www.cobaltstrike.com $3500/yr single license   has capability for C2 called Beacon
21 Commando VM Pen Testing - General Open Source Windows based Kali-like Tool https://github.com/fireeye/commando-vm      
22 Covenant Pen Testing - Windows Open Source Windows .net attack surface tool https://github.com/cobbr/Covenant      
23 CrowdScrape Indicator Identification   Browser Extension for IOA,IOB & IOC Indicators https://chrome.google.com/webstore/detail/crowdscrape/jjplaeklnlddpkbbdbnogmppffokemej      
24 CSET Risk Assessment Open Source Multiple RA Approaches https://www.us-cert.gov/ics/Downloading-and-Installing-CSET      
25 Cukoo Reverse Engineering Open Source Malware analysis https://cuckoosandbox.org/      
26 CyberChef Data Analysis/Synthesis Open Source Generic Conversion Tool https://gchq.github.io/CyberChef/      
27 Density Scout Forensics Open Source Examines exe, daemons for embedded malware https://github.com/foreni-packages/densityscout      
28 Device42 Forensics $ Application Mapping https://www.device42.com/pages/application-mapping-b/      
29 DIG Domain Information Groper Pen Testing - DNS Open Source Test DNS Zone Transfer Vulnerability https://samsclass.info/40/proj/digwin.htm      
30 Diggity Search Tool for Cyber  Open Source Multi Cyber Sites/Domains/Ranges tool https://resources.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/ See Exploit Database    
31 Dirsearch Search Open Source Search website directories for apps, code, wordlists https://github.com/maurosoria/dirsearch https://github.com/maurosoria/dirsearch    
32 ELK Elasticsearch Logstash Kibana Collection/Data Analysis/Synthesis Open Source Stack of Feeds, Analysis & Display https://www.elastic.co/elk-stack      
33 EternalBlue Pen Testing - OS Open Source Operating System Vulnerabilities https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit      
34 Ettercap Pen Testing - General Open Source Pen Test Toolkit; Session Hijack http://ettercap.sourceforge.net/      
35 Event Tracing for Windows (ETW) Logging Open Source Logs Kernal level events https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/event-tracing-for-windows--etw-      
36 Exploit Database Pen Testing - Malware Attacks Open Source 40K+ exploits https://www.exploit-db.com/      
37 Exploit Pak Pen Testing - Malware Attacks $ 40K+ exploits https://exploitpack.com/      
38 Falcon Sandbox Forensics $$ Sandbox tool for taking apart malware https://www.crowdstrike.com/endpoint-security-products/falcon-sandbox-malware-analysis/      
39 Firepower / FireSight Monitoring & Control $$ IDS Package with CISCO devices / Networks https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.pdf      
40 Flare VM Reverse Engineering Open Source Package with Disassemblers, Debuggers, Parsers, Decompilers, Monitoring Tools and Hex Editors https://github.com/fireeye/flare-vm       
41 FOCA Open Source Collection Reconnaissance - OSI Open Source Fingerprinting Organization w Collected Archives https://github.com/ElevenPaths/FOCA      
42 FTK - Forensics Tool Kit (Access Data) Forensics Conditional Detail Analysis of Media & Memory https://accessdata.com/product-download/ftk-download-page      
43 GHIDRA Reverse Engineering Open Source Windows, Linux & Mac  https://github.com/NationalSecurityAgency/ghidra      
44 GoFetch Lateral Movement Open Source Automates attack graphs from Bloodhound https://github.com/GoFetchAD/GoFetch      
45 Google Hacks / Dorks Reconnaissance - OSI Open Source Using Google search engine to locate "hidden" info on web sites https://www.exploit-db.com/google-hacking-database      
46 Hashcat * Password Cracking Open Source Password Recovery https://github.com/hashcat/hashcat      
47 Hashdump Hashing Open Source extracts hashed passwords https://www.utc.edu/sites/default/files/2021-04/4660-lab6.pdf in Metasploit    
48 HashMyFiles Hashing Open Source computes hash from binary into MDA, SHA, etc  https://nirsoft.net; then submit to virustotal.com      
49 Helix Collection/Data Analysis/Synthesis $$ SIEM, Analytics, User/Entity Behavior, Auto Response https://www.fireeye.com/solutions/helix.html      
50 Hexedit General Purpose Tool Open Source hexidecimal editor https://sourceforge.net/projects/hexedit/      
51 IBM SOAR Collection/Data Analysis/Synthesis $$$ Security Orchestration, Automaiton & Response https://www.ibm.com/products/soar-platform      
52 IDA Pro Reverse Engineering $$ Reverse Engr x32, x64, ARM & ARM 64 binary https://www.hex-rays.com/products/ida/      
53 Inception Password - Bypass Open Source Password Bypass https://github.com/carmaa/inception      
54 Innuendo Pen Testing - C2 & Exfil $$$ C&C Server & Exfil Simulator https://www.immunityinc.com/services/adversary-simulation.html      
55 Intrigue.io Pen Testing  - Attack surface Open Source Fingerprinting, Spidering, DNS  https://github.com/intrigueio       Linux based VM
56 Inveigh Pen Testing - SMB, http, SQL servers Open Source Windows tool for Responder https://github.com/Kevin-Robertson/Inveigh      
57 IOC Finder Scanning Open Source Collecting host system data and reporting the presence of IOCs. IOCs are open-standard XML documents https://www.fireeye.com/services/freeware/ioc-finder.html      
58 IRMA OSS Malware Analysis Open & $$ Malicious File Analysis https://irma-oss.quarkslab.com/      
59 John the Ripper * Password - Harvesting Open Source password hash cracker in Kali in Kali    
60 Kali Linux Pen Testing - General Open Source see below for tools in Kali https://www.kali.org/       
61 Kismet * Pen Testing - Wireless Open Source Wireless Access Point Locator in Kali in Kali    
62 LaZagne Password - Extraction Open Source Password Extraction https://github.com/AlessandroZ/LaZagne      
63 LOIC Denial of Service Open Source low footprint for launching DOS https://sourceforge.net/projects/loic/       
64 Malcolm Traffic Analysis Open Source Tool suite for PCAP & Zeek Logs https://github.com/cisagov/Malcolm      
65 Maltego * Collection/Data Analysis/Synthesis Open & $$ Conglomerating Cyber Intel Info https://www.maltego.com in Threat Pursuit VM    
66 Metasploit / Armitage (gui) * Pen Testing - General Conditional hundreds of exploits e.g. hashdump https://www.offensive-security.com/metasploit-unleashed/meterpreter-basics/      
67 Microsoft Baseline Analyzer 2.1.1 Routine Security Defense Open Source Examine Microsoft OSs for vulnerabilities https://www.microsoft.com/en-us/download/details.aspx?id=19892      
68 Microsoft Event Collector Monitoring - Windows Open Source Event Forwarding https://www.solarwinds.com/free-tools/event-log-forwarder-for-windows https://docs.microsoft.com/en-us/windows/desktop/WEC/windows-event-collector      
69 Microsoft Message Analyzer OS Message Tracing Open Source capture, display, and analyze protocol messaging traffic; and to trace and assess system events and other messages from Windows components. https://www.microsoft.com/en-us/download/details.aspx?id=44226      
70 Microsoft SysInternals Monitoring - Windows Open Source Packaged Microsoft Tools https://docs.microsoft.com/en-us/sysinternals/downloads/      
71 Mimikatz Pen Testing - Authentication Open Source windows authentication exploitation https://github.com/gentilkiwi/mimikatz https://www.sans.org/reading-room/whitepapers/forensics/mimikatz-overview-defenses-detection-36780   
72 MISP (Malware Info Sharing Platfform) Information Sharing Open Source Conglomerating Cyber Intel Info https://github.com/MISP/MISP/tree/v2.4.107 https://www.misp-project.org/     https://github.com/MISP/MISP-maltego
73 Moloch Full Packet Capture Open Source Large scale, open source, indexed packet capture and search. https://molo.ch/      
74 Muraen / Necrobrowser Reverse Proxy Attack Open Source For automating phishing https://github.com/muraenateam/muraena      
75 Nagios Monitoring & Control Open Source IT infrastructure monitoring http://www.nagios.org/ https://www.sans.org/reading-room/whitepapers/forensics/uncovering-indicators-compromise-ioc-powershell-event-logs-traditional-monitoring-tool-36352    
76 National Software Reference Library Hashes Data Base Open Source hash checking https://www.nist.gov/itl/ssd/software-quality-group/national-software-reference-library-nsrl      
77 National Vulnerability Database Vulnerability Assessment Open Source Contains up-to date vulnerabilites list https://nvd.nist.gov      
78 Nessus* Vulnerability Assessment Conditional Scanner http://www.tenable.com/products/nessus      
79 Netcat* or ncat Pen Testing - injection Open Source swiss army knife of network tools https://nmap.org/ncat/ in Kali    
80 Netflow Monitoring - Network Open Source Monitor Network Traffic https://www.solarwinds.com/free-tools/real-time-netflow-analyzer      
81 Netstumbler Pen Testing - Wireless Open Source Wireless Access Point Locator https://www.netstumbler.com/      
82 Network Miner Monitoring - Network Open Source Sniffer, Packet Analyzer https://www.netresec.com/?page=networkminer      
83 Net Witness Collection/Data Analysis/Synthesis $$$ SIEM, Data Collection, Monitoring  https://www.rsa.com/en-us/products/threat-detection-response      
84 Nikto2 * Pen Testing - Web Open Source Web Server Testing in Kali in Kali    
85 Nishang Pen Testing - Powershell Open Source Keylogger, DNS TXT Code Execution, HTTP Backdoor, Powerpreter in Kali in Kali    
86 nMap - Zenmap* General Purpose Tool Open Source Network Mapping https://nmap.org/  in Kali    
87 NSA Tool Set General Purpose Tool Set Open Source 77 tools from parsing to wireless identification https://code.nsa.gov/      
88 Open Cyber Threat Intelligence Platform Collection/Data Analysis/Synthesis Open Source Open Cyber Threat Intel Tools https://www.opencti.io/en/ in Threat Pursuit VM    
89 OpenIOC Editor IOC Collection Open Source From FireEye https://fireeye.market/apps/211404      
90 OpenVAS Vulnerability Assessment Open Source open source Vulnerability Assessment System http://www.openvas.org/       
91 ophcrack Password - Harvesting Open Source pw hash cracking in Kali      
92 Orbot Anonymous Browser Open Source Android based anonymizer https://play.google.com/store/apps/details?id=org.torproject.android      
93 P0f Pen Testing - OS Open Source OS Fingerprinting https://github.com/p0f/p0f      
94 Palantir Collection/Data Analysis/Synthesis $$$ Conglomerating Cyber Intel Info https://www.palantir.com/      
95 Papertrail Log Analysis $   https://www.solarwinds.com/papertrail      
96 Password Checker Password Assurance Open Source Password Check against Captured PW databases https://haveibeenpwned.com      
97 PE Studio Malware Analysis Open Source Static Malware Analysis of Portable Executables (PE) https://www.techspot.com/downloads/6350-pestudio.html      
98 pfsense Firewall Open Source FreeBSD based https://www.pfsense.org/      
99 Plaso Timeline Analysis Open Source collect & aggregate timestamped events for forensic analysis https://github.com/log2timeline/plaso      
100 PowerShell Script Programming MS Windows script creation included in Windows      
101 PowerSploit Script Programming Open source PS scripts used in pen testing https://powersploit.readthedocs.io/en/latest/      
102 PowerStats Data Analysis/Synthesis Open source Display of captured  https://nces.ed.gov/datalab/  * note also the name of malware written in Powershell    
103 PRET Printer Exploitation Toolkit Pen Testing - Peripherals Open Source Printer Vulnerability Testing https://github.com/RUB-NDS/PRET      
104 Prowler Security Assessment - General Open Source AWS security assessment, auditing, hardening and incident response. https://github.com/prowler-cloud/prowler#description      
105 PSEXEC Script Programming Open Source program execution on remote systems in SysInternals Telnet alternative    
106 Python Script Programming Open Source program & script creation many versions      
107 R Data Analysis/Synthesis Open Source program & script creation many versions      
108 Raft - Response Testing Pen Testing - Web Open Source Web Application  https://github.com/Averroes/raft      
109 Recon-ng Reconnaisance - OSI Open Source Linux based assembly tool in Kali in Kali    
110 Redline Collection/Data Analysis/Synthesis Open Source collect all running processes and drivers from memory, file-system metadata, registry data, event logs, network information, services, tasks and web history https://www.fireeye.com/services/freeware/redline.html     
111 Registry Viewer (Access Data) General Purpose Tool Open Source Improves Registry Access https://accessdata.com/product-download/registry-viewer-2-0-0      
112 Responder Pen Testing - SMB, http, SQL servers Open Source Grabs Hashes from SMB, http & SQL servers https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/introducing-responder-10/      
113 REST API Pen Testing - Web Pages Open Source Test Platform for GET PUT POST DELETE; REpresentational State Transfer https://github.com/octokit/rest.js/      
114 Retina Vulnerability Assessment $$ Scanner http://go.beyondtrust.com/community       
115 Robtex Collection/Data Analysis/Synthesis   IP numbers, domain names, host names, Autonomous systems, routes https://www.robtex.com/      
116 SamuraiWTF Web Test Framework Pen Testing - Web Open Source Package extension of Kali https://sourceforge.net/projects/samurai/      
117 SCAPY Pen Testing - Packets Open Source interactive packet manipulation https://scapy.net extended into SCAPYtrain for campaigns & WifiTap; send, sniff, dissect and forge network packets    
118 SEC Filings Vulnerability Assessment Open Source security filings https://www.sec.gov/edgar.shtml      
119 Security Onion Collection/Data Analysis/Synthesis Open Source Elasticsearch, Logstash, Kibana, Snort, Suricata, Zeek/Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner https://securityonion.net/      
120 Sentry-MBA Pen Testing - Credential Stuffing Open Source considered malware; dark web tool; credential theft https://sentry[.]mba   <- note: this is a dark web link      
121 SET Social Engineering Toolkit Pen Testing - People Open Source For crafting phishing email, etc http://www.social-engineer.org/framework/      
122 Shodan Reconnaissance - OSI Open, $ Links to vulnerable IP addresses https://shodanhq.io      
123 SIFT Forensics Open Source Forensic Tools https://digital-forensics.sans.org/community/downloads      
124 SILK Collection/Data Analysis/Synthesis Open Source The SiLK tool suite supports the efficient collection, storage, and analysis of network flow data, enabling network security analysts to rapidly query large historical traffic data sets. A SiLK installation consists of two categories of applications: the packing system and the analysis suite. The packing system collects IPFIX, NetFlow v9, or NetFlow v5 and converts the data into a more space efficient format, recording the packed records into service-specific binary flat files.  https://tools.netsa.cert.org/silk/      
125 Skipfish (in Kali) Pen Testing - Web Open Source Web Site Recon Tool   in Kali    
126 Snort * Intrusion Detection Open Source Rule based Intrusion Detection Engine https://www.snort.org/  ; https://www.talosintelligence.com/snort      
127 SOC Multi-tool Collection/Data Analysis/Synthesis Open Source Combo of Lookup Site/Tools https://github.com/zdhenard42/SOC-Multitool https://github.com/zdhenard42/SOC-Multitool    
128 Solarwinds goto cell A414 for all software Monitoring & Control $$ Network Activity Capture & Visualization https://www.solarwinds.com/ see list below of all tools      
129 Source Code Testing Tools OWASP Source Code Analysis Open Source, $ List of Testing Tools https://www.owasp.org/index.php/Source_Code_Analysis_Tools      
130 Spark (Apache) Data Analysis/Synthesis Open Source unified analytics engine  https://spark.apache.org/      
131 Spiderfoot Reconnaissance - OSI Open Source IP Address Identification https://github.com/smicallef/spiderfoot in Kali    
132 Splunk User Behavior Analytics Collection/Data Analysis/Synthesis $$ Machine learning for pattern recognition https://www.splunk.com/en_us/software/user-behavior-analytics.html       https://www.splunk.com/en_us/download/splunk-enterprise.html      
133 SQLMap Pen Testing - Database Open Source SQL DB detection & exploitation Testing https://www.sqlmap.org      
134 Squid Proxy for Access Control Open Source   https://github.com/squid-cache/squid      
135 Stack Overflow Technical Q&A Site Open Source   https://stackoverflow.com/      
136 Sumo Logic Collection/Data Analysis/Synthesis $$ Cloud Focused  https://www.sumologic.com/      
137 Suricata Intrusion Detection Open Source Rule based Intrusion Detection Engine https://suricata.io/    
138 SysInternals Suite Monitoring - Windows Open Source Windows OS Monitoring; also Linux https://docs.microsoft.com/en-us/sysinternals/ contains Process Explorere, Process Monitor    
139 Sysmon Monitoring  Open Source Windows OS Monitoring; also Linux in SysInternals monitor and log system activity    
140 THC-Hydra * Pen Testing - Password Crack Open Source Network Login Penetration in Kali in Kali    
141 ThreatPursuit VM Cyber Threat  Intelligence Open Source Development, Analytics and Machine Learning, Visualisation, Triage, Modelling & Hunting, Adversarial Emulation, Information Gathering, Utilities and Links https://github.com/fireeye/ThreatPursuit-VM      
142 TinEye Reconnaissance - OSI Online/Opensource Locates Image Sources https://tineye.com/      
143 TOR Anonymous Browser Open Source The Onion Router for Dark Web Access https://www.torproject.org/      
144 TRAM (MITRE) Threat Extraction Open Source Uses NLP to create ATT&CK Maps from text https://github.com/mitre-attack/tram https://www.signalscorps.com/blog/2022/mitre-attack-105-tram/    
145 TryHackMe Ethical Hacking Open Source Hands-On Hacking learning environment https://tryhackme.com/      
146 URL Scan Pen Testing - Website Open Source Scans a Web Page to examine what user content is being collected and  https://urlscan.io/      
147 VBScripts jknh Open Source Older Windows Scripting Language but still in use https://www.microsoft.com/en-us/download/details.aspx?id=8247      
148 Virtual box Virtual Machine Hypervisor Open Source Hypervisor https://www.virtualbox.org/wiki/Downloads      
149 VirusTotal Vulnerability Assessment Open Source Checks files & sites for malware https://www.virustotal.com/#/home/upload       
150 Volatility Monitoring - Memory Open Source Memory Analysis https://www.volatilityfoundation.org/      
151 W3af Pen Testing - Web Open Source Web Application & Attack Framework https://w3af.org      
152 Wbstego Steganography Open Source Steganography encrypting & decryption http://www.bailer.at/wbstego/pr_4ix0.htm      
153 Webgoat Pen Testing - Web Open Source Web  https://github.com/WebGoat/WebGoat      
154 WhoisXMLAPI Pen Testing Open Source Checks for open sub-domains in web access https://subdomains.whoisxmlapi.com/      
155 WiFite Pen Testing - Wireless Open Source Wireless transmission identification https://code.google.com/archive/p/wifite/      
156 Wireshark Packet Capture Open Source Packet Capture and Analysis https://wiki.wireshark.org/SampleCaptures       
157 Yara Collection/Data Analysis/Synthesis Open Source Malware Pattern Matching https://virustotal.github.io/yara/  "aimed at (but not limited to) helping malware researchers to identify and classify malware samples"    
158 Yet Another BacNet Explorer Packet Capture Open Source   https://sourceforge.net/projects/yetanotherbacnetexplorer/      
159 Yeti Platform Collection/Data Analysis/Synthesis Open Source organize observables, indicators of compromise, TTPs, and knowledge on threats https://yeti-platform.github.io/      
160 ZED attack Prozy (ZAP) Pen Testing - Web Open Source web vulnerability scanner https://www.zaproxy.org/       
161 Zeek Collection/Data Analysis/Synthesis Open Source Network Security Monitor https://www.zeek.org/      
                 
               
HARDWARE   Go to Home this page            
1 Shark Tap Ethernet Tap $180 Ethernet Tap https://www.amazon.com/midBit-Technologies-LLC-100-1000/dp/B0175EODCE      
2 HackRF One Multispectrum RF $300 Provides access to send/receive on multiple frequencies https://www.amazon.com/HackRF-One-Software-Defined-Platform/dp/B01COVX464/      
3 Alpha Wireless Transceiver $32 Contains Monitor Mode Chipset https://www.amazon.com/Alfa-AWUSO36NH-Wireless-Long-Rang-Network/dp/B0035APGP6/      
4 I/O Traffic capture SPI Interface $10-20 Serial Peripheral Interface - read  i/o traffic https://learn.sparkfun.com/tutorials/serial-peripheral-interface-spi/all https://learn.sparkfun.com/tutorials/serial-peripheral-interface-spi/all    
5 SCM Smart Card Chip Reader $15   https://www.cdw.com/product/SCM-Smart-Card-Reader/3444664      
6 Time Domain Reflectometer Discover line taps/faults -  Home project build https://www.youtube.com/watch?v=I1gfUNh5PJQ https://www.allaboutcircuits.com/projects/build-your-own-time-domain-reflectometer/    
7 Rigol Signal Generrator Signal Generator $299   https://hackaday.com/2015/07/27/hackers-measure-cable-lengths-with-time-domain-reflectometers/      
8 Time Domain Reflectometer to discover line taps < $20 build it yourself  https://hackaday.com/2016/04/15/poor-mans-time-domain-reflectometer/      
9 RFID Readers - all types RFID Reader / Writer     https://gaorfid.com/category/rfid-readers-2/      
10 UART UART   Universal Asynchronus Reciever Transmitter        
11 EZ Tap Pro Passive RS 232 422 Tap $320   https://www.stratusengineering.com/product/ez-tap-pro/      
12 Multiple USB traffic capture/analysis USB Keylogger     https://nerdtechy.com/reviews-best-usb-keyloggers      
13 Mag Card reader & stamp Mag Card Reader $352 Tracks 1&2 on card & embossing https://www.nuix.com/blog/howd-they-do-part-2-you-stole-my-credit-card-number      
14 Slotscreamer PCIe Attack Platform $100 Access memory and IO, cross-platform transparent to the OS https://www.slideshare.net/44Con/stupid-pc-ie-tricks-44-con      
15 Bus Pirate       https://www.sparkfun.com/products/12942      
16 Attify JTAG Analysis   Learning kits and security assessment gear for practical and hands-on IoT Security research. https://www.attify-store.com/      
17 Goodfet JTAG Analysis            
18 EMF Reader Signal Reader $309 Electromagnetic Field locator & strength measure https://www.alliedelec.com/product/flir-commercial-systems-inc-extech-division/emf450/71117984/      
19 Raspberry Pi Inexpensive Linux Platform     https://www.raspberrypi.org/      
20 Orange Pi Inexpensive Linux Platform     http://www.orangepi.org/      
21 Arduino Inexpensive Linux Platform     https://www.arduino.cc/      
Frameworks, Methodologies, Metrics, Protocols & Formats for Cyber Intelligence       Home this page        
1 ATT&CK Methodology Open Source Adversary Tactics, and Techniques (same as IOCs) https://attack.mitre.org      
2 CAPEC Methodology Open Source Common Attack Pattern Enumeration and Classification https://capec.mitre.org/      
3 CAR Methodology Open Source Cyber Analytics Repository https://car.mitre.org/      
4 CIF Methodology / Tool Open Source Collective Intelligence Framework https://github.com/csirtgadgets/cif-v5 https://www.ericooi.com/threat-intelligence-cif/     https://csirtg.io/
5 CRITS Threat Feed Open Source Malware Repository https://crits.github.io/      
6 CVE Metric Open Source Common Vulnerabilites and Exposures https://nvd.nist.gov/vuln/search https://cve.mitre.org/    
7 Cybox Format / Tool Open Source language for info on cyber observables,  dynamic events / stateful measures https://cybox.mitre.org/about/ https://cyboxproject.github.io/    
8 IDMEF Format Open Source Intrusion Detection Message Exchange Format        
9 IKEv2   Open Source          
10 IOCs [MITRE equivalent is Techniques] Methodology / Metrics Open Source Indicators of Compromise        
11 IODef Format Open Source Incident Object Description Exchange Format https://tools.ietf.org/html/rfc7970 XML     
12 IPSEC Protocol Open Source Internet Protocol Security RFC 4301    
13 MAEC Format Open Source Malware Attribute Enumeration & Categorization http://maecproject.github.io/  
14 MILE Protocol Open Source Managed Incident Lightweight Exchange https://datatracker.ietf.org/group/mile/documents/  
15 MISP Format (and Tool - see Tools Tab) Open Source Sharing Protocol https://www.misp-project.org/datamodels/#misp-core-format  
16 OASIS Collective Open Source STIX & TAXII APIs https://wiki.oasis-open.org/cti/  
17 Open DXL Format / Protocol Open Source Open Data Xchange Layer https://www.opendxl.com/  
18 OpenIOC IOCs Open Source Open Indicators of Compromise http://www.openioc.org; https://fireeye.market/apps/211404
19 OTX Threat Feed Open Source Open Threat Exchange https://otx.alienvault.com  
20 RID Protocol Open Source Real-time Inter-Network Defense RFC 6545 https://tools.ietf.org/html/rfc6545  
21 ROLIE (ietf) Format / Protocol Open Source Resource-Oriented Lightweight Information Exchange https://datatracker.ietf.org/doc/rfc8322/  
22 SCAP Method & Tools Open Source Security Content Automation Protocol https://en.wikipedia.org/wiki/Security_Content_Automation_Protocol  
23 SDEE & CIDEE Protocol Open Source Security Device Event Exchange https://www.cisco.com/c/en/us/td/docs/security/ips/specs/CIDEE_Specification.html  
24 SSH - Secure Shell Protocol Open Source Multi Layer RFC4253  
25 STIX Format Open Source Structured Threat Information Expression https://stixproject.github.io/getting-started/whitepaper/   
26 TAXII Protocol Open Source Trusted Automated Exchange Indicator Information https://wiki.oasis-open.org/cti/  
27 TLP Metric DHS Traffic Light Protocol    
28 TLS 1.3 Protocol  Open Source Transport Layer Security RFC 8466 https://datatracker.ietf.org/doc/html/rfc8446  
29 TTPs Methodology Open Source Tactics, Techniques & Procedures https://csrc.nist.gov/glossary/term/Tactics_Techniques_and_Procedures  
30 YARA Format  & Tool Specification Open Source Malware Identification Specification/Rules Standard & Tool https://yara.readthedocs.io/en/stable/ https://github.com/Yara-Rules/rules
NOTE: There are many Protocols upon which Security protocols "ride" such as TCP & RDP. 
DATA Checks Home this page        
1 National Vulnerability Database     Vulnerabilities https://nvd.nist.gov/vuln/search
2 National Software Reference Library     Hashes https://www.nist.gov/software-quality-group/national-software-reference-library-nsrl
3 Password Rainbow Tables     One Way Password Hashes http://ophcrack.sourceforge.net/tables.php
4 National Checklist Repository     Checklists https://nvd.nist.gov/ncp/repository
5 Malware Check Virus Total   Has all known malware signatures https://www.virustotal.com/gui/home/upload
6 Virus Bay       https://beta.virusbay.io/
7 UNB Cyber Datasets     Wide array of captured traffic: botnets, dark web,  https://www.unb.ca/cic/datasets/index.html
8 Los Alamos Cyber Data Set     The data sources include Windows-based authentication events from both individual computers and centralized Active Directory domain controller servers; process start and stop events from individual Windows computers; Domain Name Service (DNS) lookups as collected on internal DNS servers; network flow data as collected on at several key router locations; and a set of well-defined red teaming events that present bad behavior within the 58 days. https://csr.lanl.gov/data/cyber1/
         
Kali Tools Home this page Threat Pursuit  Tools (Linux Base) Video at https://www.youtube.com/watch?v=GrVj8h7uin0 start at 3:00
Aircrack-ng is one of the best wireless password hack tools for WEP/WAP/WPA2 cracking utilized worldwide! It works by taking packets of the network, analyses it via passwords recovered. It also possesses a console interface. In addition to this, Aircrack-ng also makes use of standard FMS (Fluhrer, Mantin, and Shamir) attack along with a few optimizations such as the KoreK attacks and PTW attack to quicken the attack which is faster than the WEP. If you find Aircrack-ng hard to use, simply check for tutorials available online. Shogun Machine Learning MITRE Calderra
BeEF, as the name implies, is a penetration tool that focuses on browser vulnerabilities. With it you can asses the security strength of a target environment using client-side attack vectors. Tensorflow Red Canary ATOMIC Red Team
Burp Suite Scanner is a professional integrated GUI platform for testing the security vulnerabilities of web applications. Pytorch Mordor Re-play Adversarial Techniques
Fern Wifi Cracker is a Python-based GUI wireless security tool for auditing network vulnerabilities. With it, you can crack and recover WEP/WPA/WPS keys as well as several network-based attacks on Ethernet-based networks. Rstudio MITRE Caltack (CALDERA Plugin)
GNU MAC Changer is a network utility that facilitates an easier and quicker manipulation of network interfaces’ MAC addresses. RTools APTSimulator
Hashcat is known in the security experts’ community among the world’s fastest and most advanced password cracker and recovery utility tool. It is open-source and features an in-kernel rule engine, 200+ Hash-types, a built-in benchmarking system, etc. Darwin FlightSim
John the Ripper is another popular cracking tool used in the penetration testing (and hacking) community. It was initially developed for Unix systems but has grown to be available on over 10 OS distros. It features a customizable cracker, automatic password hash detection, brute force attack, and dictionary attack (among other cracking modes).  Keras Maltego
Kismet Wireless is a intrusion detection system, network detector, and password sniffer. It works predominantly with Wi-Fi (IEEE 802.11) networks and can have its functionality extended using plugins. Apache Spark nmap
Maltego is propriety software but is widely used for open-source forensics and intelligence. It is a GUI link analysis utility tool that provides real-time data mining along with illustrated information sets using node-based graphs and multiple order connections. Elasticsearch search & analytics engine intelmq
Metasploit Framework is an open source framework with which security experts and teams verify vulnerabilities as well as run security assessments in order to better security awareness. It features a plethora of tools with which you can create security environments for vulnerability testing and it works as a penetration testing system.  Kibana dnsrecon
Nessus is a remote scanning tool that you can use to check computers for security vulnerabilities. It does not actively block any vulnerabilities that your computers have but it will be able to sniff them out by quickly running 1200+ vulnerability checks and throwing alerts when any security patches need to be made. Apache Zeppelin orbit
Netcat, usually abbreviated to nc, is a network utility with which you can use TCP/IP protocols to read and write data across network connections. You can use it to create any kind of connection as well as to explore and debug networks using tunneling mode, port-scanning, etc. Jupyter Notebook FOCA
Nikto2 is a free and open-source web scanner for performing quick comprehensive tests against items on the web. It does this by looking out for over 6500 potentially dangerous files, outdated program versions, vulnerable server configurations, and server-specific problems. MITRE Caret CyberChef
nMap or Network Mapper is a free and open-source utility tool used by system administrators to discover networks and audit their security. It is swift in operation, well documented, features a GUI, supports data transfer, network inventory, etc. Python (x64) KeepPass
Pixiewps is a C-based brute-force offline utility tool for exploiting software implementations with little to no entropy.  Constellation FLOSS
Snort is a free and open-source NIDS with which you can detect security vulnerabilities in your computer’. With it you can run traffic analysis, content searching/matching, packet logging on IP networks, and detect a variety of network attacks, among other features, all in real-time. Neo4J peview
THC Hydra uses brute force attack to crack virtually any remote authentication service. It supports rapid dictionary attacks for 50+ protocols including ftp, https, telnet, etc.You can use it to crack into web scanners, wireless networks, packet crafters, gmail, etc. CMAP VLC
Wifite2 is a free and open-source Python-based wireless network auditing utility tool designed to work perfectly with pen-testing distros. It does a good job at decloaking and cracking hidden access points, cracking weak WEP passwords using a list of cracking techniques, etc. MISP AutoIt3
WireShark is an open-source packet analyzer that you can use free of charge. With it you can see the activities on a network from a microscopic level coupled with pcap file access, customizable reports, advanced triggers, alerts, etc. It is reportedly the world’s most widely-used network protocol analyzer for Linux. OpenCTI Chrome
Yersinia, named after the yersinia bacteria, is a network utility too designed to exploit vulnerable network protocols by pretending to be a secure network system analyzing and testing framework. It features attacks for IEEE 802.1Q, Hot Standby Router Protocol (HSRP), Cisco Discovery Protocol (CDP), etc. Maltego OpenVPN
Kali Tools Home this page Splunk Sublime
Microsoft MSTIC Jupyter and Python Security Tools Notepad++
Cyber Threat Analyst Basic Skills Needed MITRE ATT&CK Navigator Docker Desktop
ELK, IPS/IDS, Proxy, DNS, Full Packet Capture technologies, Sandbox technologies, Memory analysis, Host based analysis, Red Team techniques;  Cortex Analyzer HxD
Have experience with scripting languages such as Python, PowerShell, and Shell scripting;  Greynoise API and GNQL Sysinternals
Have experience applying JSON, XML, REST/RESTful APIs to interact with systems;  threatcrowd API Putty
threatcmd  
ViperMonkey  
Threat Hunters Playbook  
MITRE TRAM  
SIGMA  
YETI  
Azure Zentinel  
  AMITT Framework  
SOFTWARE sorted by category   Category Cost Description URL              
1 Brave Anonymous Browser Open Source Browser https://brave.com/      
2 Orbot Anonymous Browser Open Source Android based anonymizer https://play.google.com/store/apps/details?id=org.torproject.android      
3 TOR Anonymous Browser Open Source The Onion Router for Dark Web Access https://www.torproject.org/      
4 Analyst Notebook (i2) now part of IBM Collection/Data Analysis/Synthesis $$ Chronological Data & Relationship Record/Display https://www.ibm.com/us-en/marketplace/analysts-notebook      
5 ATT&CK Collection/Data Analysis/Synthesis Open Source Collection of APT, TTP & Malware descriptors https://attack.mitre.org      
6 BRO (see Zeek) Collection/Data Analysis/Synthesis Open Source Network Security Monitor https://www.zeek.org/      
7 ELK Elasticsearch Logstash Kibana Collection/Data Analysis/Synthesis Open Source Stack of Feeds, Analysis & Display https://www.elastic.co/elk-stack      
8 Helix Collection/Data Analysis/Synthesis $$ SIEM, Analytics, User/Entity Behavior, Auto Response https://www.fireeye.com/solutions/helix.html      
9 IBM SOAR Collection/Data Analysis/Synthesis $$$ Security Orchestration, Automaiton & Response https://www.ibm.com/products/soar-platform      
10 Maltego * Collection/Data Analysis/Synthesis Open & $$ Conglomerating Cyber Intel Info https://www.maltego.com in Threat Pursuit VM    
11 Net Witness Collection/Data Analysis/Synthesis $$$ SIEM, Data Collection, Monitoring  https://www.rsa.com/en-us/products/threat-detection-response      
12 Open Cyber Threat Intelligence Platform Collection/Data Analysis/Synthesis Open Source Open Cyber Threat Intel Tools https://www.opencti.io/en/ in Threat Pursuit VM    
13 Palantir Collection/Data Analysis/Synthesis $$$ Conglomerating Cyber Intel Info https://www.palantir.com/      
14 Redline Collection/Data Analysis/Synthesis Open Source collect all running processes and drivers from memory, file-system metadata, registry data, event logs, network information, services, tasks and web history https://www.fireeye.com/services/freeware/redline.html       
15 Robtex Collection/Data Analysis/Synthesis   IP numbers, domain names, host names, Autonomous systems, routes https://www.robtex.com/      
16 Security Onion Collection/Data Analysis/Synthesis Open Source Elasticsearch, Logstash, Kibana, Snort, Suricata, Zeek/Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner https://securityonion.net/    
17 SILK Collection/Data Analysis/Synthesis Open Source The SiLK tool suite supports the efficient collection, storage, and analysis of network flow data, enabling network security analysts to rapidly query large historical traffic data sets. A SiLK installation consists of two categories of applications: the packing system and the analysis suite. The packing system collects IPFIX, NetFlow v9, or NetFlow v5 and converts the data into a more space efficient format, recording the packed records into service-specific binary flat files.  https://tools.netsa.cert.org/silk/      
18 SOC Multi-tool Collection/Data Analysis/Synthesis Open Source Combo of Lookup Site/Tools https://github.com/zdhenard42/SOC-Multitool https://github.com/zdhenard42/SOC-Multitool    
19 Splunk User Behavior Analytics Collection/Data Analysis/Synthesis $$ Machine learning for pattern recognition https://www.splunk.com/en_us/software/user-behavior-analytics.html       https://www.splunk.com/en_us/download/splunk-enterprise.html      
20 Sumo Logic Collection/Data Analysis/Synthesis $$ Cloud Focused  https://www.sumologic.com/      
21 Yara Collection/Data Analysis/Synthesis Open Source Malware Pattern Matching https://virustotal.github.io/yara/  "aimed at (but not limited to) helping malware researchers to identify and classify malware samples"    
22 Yeti Platform Collection/Data Analysis/Synthesis Open Source organize observables, indicators of compromise, TTPs, and knowledge on threats https://yeti-platform.github.io/      
23 Zeek Collection/Data Analysis/Synthesis Open Source Network Security Monitor https://www.zeek.org/      
24 BCWipe Cyber Hygiene free, $ File and Drive Wiping https://www.jetico.com/data-wiping      
25 ThreatPursuit VM Cyber Threat  Intelligence Open Source Development, Analytics and Machine Learning, Visualisation, Triage, Modelling & Hunting, Adversarial Emulation, Information Gathering, Utilities and Links https://github.com/fireeye/ThreatPursuit-VM      
26 CyberChef Data Analysis/Synthesis Open Source Generic Conversion Tool https://gchq.github.io/CyberChef/      
27 PowerStats Data Analysis/Synthesis Open source Display of captured  https://nces.ed.gov/datalab/  * note also the name of malware written in Powershell    
28 R Data Analysis/Synthesis Open Source program & script creation many versions      
29 Spark (Apache) Data Analysis/Synthesis Open Source unified analytics engine  https://spark.apache.org/      
30 LOIC Denial of Service Open Source low footprint for launching DOS https://sourceforge.net/projects/loic/       
31 pfsense Firewall Open Source FreeBSD based https://www.pfsense.org/      
32 Density Scout Forensics Open Source Examines exe, daemons for embedded malware https://github.com/foreni-packages/densityscout      
33 Device42 Forensics $ Application Mapping https://www.device42.com/pages/application-mapping-b/      
34 Falcon Sandbox Forensics $$ Sandbox tool for taking apart malware https://www.crowdstrike.com/endpoint-security-products/falcon-sandbox-malware-analysis/      
35 FTK - Forensics Tool Kit (Access Data) Forensics Conditional Detail Analysis of Media & Memory https://accessdata.com/product-download/ftk-download-page      
36 SIFT Forensics Open Source Forensic Tools https://digital-forensics.sans.org/community/downloads      
37 Autopsy - The Sleuth Kit Forensics - Storage Open Source Hard Drive & Storage Analysis, Web Artifacts, Registry Analysis https://www.autopsy.com/      
38 Moloch Full Packet Capture Open Source Large scale, open source, indexed packet capture and search. https://molo.ch/      
39 Hexedit General Purpose Tool Open Source hexidecimal editor https://sourceforge.net/projects/hexedit/      
40 nMap - Zenmap* General Purpose Tool Open Source Network Mapping https://nmap.org/  in Kali    
41 Registry Viewer (Access Data) General Purpose Tool Open Source Improves Registry Access https://accessdata.com/product-download/registry-viewer-2-0-0      
42 NSA Tool Set General Purpose Tool Set Open Source 77 tools from parsing to wireless identification https://code.nsa.gov/      
43 National Software Reference Library Hashes Data Base Open Source hash checking https://www.nist.gov/itl/ssd/software-quality-group/national-software-reference-library-nsrl      
44 Hashdump Hashing Open Source extracts hashed passwords https://www.utc.edu/sites/default/files/2021-04/4660-lab6.pdf in Metasploit    
45 HashMyFiles Hashing Open Source computes hash from binary into MDA, SHA, etc  https://nirsoft.net; then submit to virustotal.com       https://github.com/MISP/MISP-maltego
46 CrowdScrape Indicator Identification   Browser Extension for IOA,IOB & IOC Indicators https://chrome.google.com/webstore/detail/crowdscrape/jjplaeklnlddpkbbdbnogmppffokemej      
47 MISP (Malware Info Sharing Platfform) Information Sharing Open Source Conglomerating Cyber Intel Info https://github.com/MISP/MISP/tree/v2.4.107 https://www.misp-project.org/    
48 Snort * Intrusion Detection Open Source Rule based Intrusion Detection Engine https://www.snort.org/  ; https://www.talosintelligence.com/snort      
49 Suricata Intrusion Detection Open Source Rule based Intrusion Detection Engine https://suricata.io/      
50 OpenIOC Editor IOC Collection Open Source From FireEye https://fireeye.market/apps/211404      
51 VBScripts jknh Open Source Older Windows Scripting Language but still in use https://www.microsoft.com/en-us/download/details.aspx?id=8247      
52 GoFetch Lateral Movement Open Source Automates attack graphs from Bloodhound https://github.com/GoFetchAD/GoFetch      
53 Papertrail Log Analysis $   https://www.solarwinds.com/papertrail      
54 Event Tracing for Windows (ETW) Logging Open Source Logs Kernal level events https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/event-tracing-for-windows--etw-      
55 IRMA OSS Malware Analysis Open & $$ Malicious File Analysis https://irma-oss.quarkslab.com/      
56 PE Studio Malware Analysis Open Source Static Malware Analysis of Portable Executables (PE) https://www.techspot.com/downloads/6350-pestudio.html      
57 CAPA Explorer Malware Function discovery Open Source FireEye plugin for IDA Pro https://github.com/fireeye/capa      
58 Sysmon Monitoring  Open Source Windows OS Monitoring; also Linux in SysInternals monitor and log system activity    
59 Volatility Monitoring - Memory Open Source Memory Analysis https://www.volatilityfoundation.org/      
60 Netflow Monitoring - Network Open Source Monitor Network Traffic https://www.solarwinds.com/free-tools/real-time-netflow-analyzer      
61 Network Miner Monitoring - Network Open Source Sniffer, Packet Analyzer https://www.netresec.com/?page=networkminer      
62 Microsoft Event Collector Monitoring - Windows Open Source Event Forwarding https://www.solarwinds.com/free-tools/event-log-forwarder-for-windows https://docs.microsoft.com/en-us/windows/desktop/WEC/windows-event-collector      
63 Microsoft SysInternals Monitoring - Windows Open Source Packaged Microsoft Tools https://docs.microsoft.com/en-us/sysinternals/downloads/      
64 SysInternals Suite Monitoring - Windows Open Source Windows OS Monitoring; also Linux https://docs.microsoft.com/en-us/sysinternals/ contains Process Explorere, Process Monitor    
65 Firepower / FireSight Monitoring & Control $$ IDS Package with CISCO devices / Networks https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.pdf      
66 Nagios Monitoring & Control Open Source IT infrastructure monitoring http://www.nagios.org/ https://www.sans.org/reading-room/whitepapers/forensics/uncovering-indicators-compromise-ioc-powershell-event-logs-traditional-monitoring-tool-36352    
67 Solarwinds goto cell A414 for all software Monitoring & Control $$ Network Activity Capture & Visualization https://www.solarwinds.com/ see list below of all tools      
68 Microsoft Message Analyzer OS Message Tracing Open Source capture, display, and analyze protocol messaging traffic; and to trace and assess system events and other messages from Windows components. https://www.microsoft.com/en-us/download/details.aspx?id=44226      
69 Wireshark Packet Capture Open Source Packet Capture and Analysis https://wiki.wireshark.org/SampleCaptures       
70 Yet Another BacNet Explorer Packet Capture Open Source   https://sourceforge.net/projects/yetanotherbacnetexplorer/      
71 Inception Password - Bypass Open Source Password Bypass https://github.com/carmaa/inception    
72 LaZagne Password - Extraction Open Source Password Extraction https://github.com/AlessandroZ/LaZagne      
73 John the Ripper * Password - Harvesting Open Source password hash cracker in Kali in Kali    
74 ophcrack Password - Harvesting Open Source pw hash cracking in Kali       Linux based VM
75 Password Checker Password Assurance Open Source Password Check against Captured PW databases https://haveibeenpwned.com      
76 Hashcat * Password Cracking Open Source Password Recovery https://github.com/hashcat/hashcat      
77 WhoisXMLAPI Pen Testing Open Source Checks for open sub-domains in web access https://subdomains.whoisxmlapi.com/      
78 Intrigue.io Pen Testing  - Attack surface Open Source Fingerprinting, Spidering, DNS  https://github.com/intrigueio      
79 Bloodhound Pen Testing - Active Directory Open Source Attack Paths in Active Directory & other apps https://bloodhound.readthedocs.io/en/latest/index.html see video at https://www.youtube.com/watch?v=dPsLVE0R1Tg  identify highly complex attack paths using graph analysis    
80 Mimikatz Pen Testing - Authentication Open Source windows authentication exploitation https://github.com/gentilkiwi/mimikatz https://www.sans.org/reading-room/whitepapers/forensics/mimikatz-overview-defenses-detection-36780     
81 Innuendo Pen Testing - C2 & Exfil $$$ C&C Server & Exfil Simulator https://www.immunityinc.com/services/adversary-simulation.html      
82 Sentry-MBA Pen Testing - Credential Stuffing Open Source considered malware; dark web tool; credential theft https://sentry[.]mba   <- note: this is a dark web link      
83 SQLMap Pen Testing - Database Open Source SQL DB detection & exploitation Testing https://www.sqlmap.org      
84 DIG Domain Information Groper Pen Testing - DNS Open Source Test DNS Zone Transfer Vulnerability https://samsclass.info/40/proj/digwin.htm      
85 Cain & Abel Pen Testing - General Open Source General Purpose Exploit Tool http://cain-abel.en.softonic.com/download      
86 Commando VM Pen Testing - General Open Source Windows based Kali-like Tool https://github.com/fireeye/commando-vm      
87 Ettercap Pen Testing - General Open Source Pen Test Toolkit; Session Hijack http://ettercap.sourceforge.net/      
88 Kali Linux Pen Testing - General Open Source see below for tools in Kali https://www.kali.org/       
89 Metasploit / Armitage (gui) * Pen Testing - General Conditional hundreds of exploits e.g. hashdump https://www.offensive-security.com/metasploit-unleashed/meterpreter-basics/      
90 Netcat* or ncat Pen Testing - injection Open Source swiss army knife of network tools https://nmap.org/ncat/ in Kali    
91 CALDERA Pen Testing - Malware Attacks Open Source Red Team Attack Tool https://github.com/mitre/caldera      
92 Canvas from Immunity Pen Testing - Malware Attacks $$$$ High End Exploit Tool https://www.immunityinc.com/products/canvas/ capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do.    
93 Exploit Database Pen Testing - Malware Attacks Open Source 40K+ exploits https://www.exploit-db.com/      
94 Exploit Pak Pen Testing - Malware Attacks $ 40K+ exploits https://exploitpack.com/      
95 EternalBlue Pen Testing - OS Open Source Operating System Vulnerabilities https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit      
96 P0f Pen Testing - OS Open Source OS Fingerprinting https://github.com/p0f/p0f      
97 SCAPY Pen Testing - Packets Open Source interactive packet manipulation https://scapy.net extended into SCAPYtrain for campaigns & WifiTap; send, sniff, dissect and forge network packets    
98 THC-Hydra * Pen Testing - Password Crack Open Source Network Login Penetration in Kali in Kali    
99 SET Social Engineering Toolkit Pen Testing - People Open Source For crafting phishing email, etc http://www.social-engineer.org/framework/      
100 PRET Printer Exploitation Toolkit Pen Testing - Peripherals Open Source Printer Vulnerability Testing https://github.com/RUB-NDS/PRET      
101 Nishang Pen Testing - Powershell Open Source Keylogger, DNS TXT Code Execution, HTTP Backdoor, Powerpreter in Kali in Kali    
102 Inveigh Pen Testing - SMB, http, SQL servers Open Source Windows tool for Responder https://github.com/Kevin-Robertson/Inveigh      
103 Responder Pen Testing - SMB, http, SQL servers Open Source Grabs Hashes from SMB, http & SQL servers https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/introducing-responder-10/      
104 Acunetix Pen Testing - Web $$ Web Application Vulnerability Testing https://www.acunetix.com/      
105 BeEF * Pen Testing - Web Open Source Browser Exploitation Framework https://github.com/beefproject/beef      
106 Burp Suite * Pen Testing - Web Open Source Web Content Vulnerability Scanner https://www.portswigger.net/burp/      
107 Nikto2 * Pen Testing - Web Open Source Web Server Testing in Kali in Kali    
108 Raft - Response Testing Pen Testing - Web Open Source Web Application  https://github.com/Averroes/raft      
109 SamuraiWTF Web Test Framework Pen Testing - Web Open Source Package extension of Kali https://sourceforge.net/projects/samurai/      
110 Skipfish (in Kali) Pen Testing - Web Open Source Web Site Recon Tool   in Kali    
111 W3af Pen Testing - Web Open Source Web Application & Attack Framework https://w3af.org      
112 Webgoat Pen Testing - Web Open Source Web  https://github.com/WebGoat/WebGoat      
113 ZED attack Prozy (ZAP) Pen Testing - Web Open Source web vulnerability scanner https://www.zaproxy.org/       
114 REST API Pen Testing - Web Pages Open Source Test Platform for GET PUT POST DELETE; REpresentational State Transfer https://github.com/octokit/rest.js/      
115 URL Scan Pen Testing - Website   Scans a Web Page to examine what user content is being collected and  https://urlscan.io/      
116 Covenant Pen Testing - Windows Open Source Windows .net attack surface tool https://github.com/cobbr/Covenant      
117 Aircrack-ng * Pen Testing - Wireless Open Source Provides routines for accessing hashed router pw's in Kali in Kali    
118 Kismet * Pen Testing - Wireless Open Source Wireless Access Point Locator in Kali in Kali    
119 Netstumbler Pen Testing - Wireless Open Source Wireless Access Point Locator https://www.netstumbler.com/      
120 WiFite Pen Testing - Wireless Open Source Wireless transmission identification https://code.google.com/archive/p/wifite/      
121 Squid Proxy for Access Control Open Source   https://github.com/squid-cache/squid      
122 Recon-ng Reconnaisance - OSI Open Source Linux based assembly tool in Kali in Kali    
123 Censys & zMap Reconnaissance - OSI Research Scan of all internet, banners, hosts, certificates https://censys.io/data      
124 FOCA Open Source Collection Reconnaissance - OSI Open Source Fingerprinting Organization w Collected Archives https://github.com/ElevenPaths/FOCA      
125 Google Hacks / Dorks Reconnaissance - OSI Open Source Using Google search engine to locate "hidden" info on web sites https://www.exploit-db.com/google-hacking-database      
126 Shodan Reconnaissance - OSI Open, $ Links to vulnerable IP addresses https://shodanhq.io      
127 Spiderfoot Reconnaissance - OSI Open Source IP Address Identification in Kali in Kali    
128 TinEye Reconnaissance - OSI Online/Opensource Locates Image Sources https://tineye.com/      
129 CFF Explorer Reverse Engineering Open Source Binary Analysis https://download.cnet.com/CFF-Explorer/3000-2383_4-10431156.html      
130 Cukoo Reverse Engineering Open Source Malware analysis https://cuckoosandbox.org/      
131 Flare VM Reverse Engineering Open Source Package with Disassemblers, Debuggers, Parsers, Decompilers, Monitoring Tools and Hex Editors https://github.com/fireeye/flare-vm       
132 GHIDRA Reverse Engineering Open Source Windows, Linux & Mac  https://github.com/NationalSecurityAgency/ghidra      
133 IDA Pro Reverse Engineering $$ Reverse Engr x32, x64, ARM & ARM 64 binary https://www.hex-rays.com/products/ida/      
134 Muraen / Necrobrowser Reverse Proxy Attack Open Source For automating phishing https://github.com/muraenateam/muraena      
135 CSET Risk Assessment Open Source Multiple RA Approaches https://www.us-cert.gov/ics/Downloading-and-Installing-CSET      
136 Belarc advisor Routine Security Defense free, $ Inventory of a Computing Machine: HW & Software https://www.belarc.com/en/products_belarc_advisor      
137 Microsoft Baseline Analyzer 2.1.1 Routine Security Defense Open Source Examine Microsoft OSs for vulnerabilities https://www.microsoft.com/en-us/download/details.aspx?id=19892    
138 IOC Finder Scanning Open Source Collecting host system data and reporting the presence of IOCs. IOCs are open-standard XML documents https://www.fireeye.com/services/freeware/ioc-finder.html      
139 PowerShell Script Programming MS Windows script creation included in Windows    
140 PowerSploit Script Programming Open source PS scripts used in pen testing https://powersploit.readthedocs.io/en/latest/      
141 PSEXEC Script Programming Open Source program execution on remote systems in SysInternals Telnet alternative    
142 Python Script Programming Open Source program & script creation many versions      
143 Dirsearch Search Open Source Search website directories for apps, code, wordlists https://github.com/maurosoria/dirsearch https://github.com/maurosoria/dirsearch    
144 Diggity Search Tool for Cyber  Open Source Multi Cyber Sites/Domains/Ranges tool https://resources.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/ See Exploit Database    
145 Prowler Security Assessment - General Open Source AWS security assessment, auditing, hardening and incident response. https://github.com/prowler-cloud/prowler#description     has capability for C2 called Beacon
146 Alientvault OSSIM SIEM Open Source Security Information & Event Management Software https://cybersecurity.att.com/products/ossim/download       
147 Source Code Testing Tools OWASP Source Code Analysis Open Source, $ List of Testing Tools https://www.owasp.org/index.php/Source_Code_Analysis_Tools      
148 Wbstego Steganography Open Source Steganography encrypting & decryption http://www.bailer.at/wbstego/pr_4ix0.htm      
149 Stack Overflow Technical Q&A Site Open Source   https://stackoverflow.com/      
150 Cobalt Strike Threat Emulation $$$ Adversary simulation & Red Teaming https://www.cobaltstrike.com $3500/yr single license    
151 TRAM (MITRE) Threat Extraction Open Source Uses NLP to create ATT&CK Maps from text https://github.com/mitre-attack/tram https://www.signalscorps.com/blog/2022/mitre-attack-105-tram/    
152 Plaso Timeline Analysis Open Source collect & aggregate timestamped events for forensic analysis https://github.com/log2timeline/plaso      
153 Malcolm Traffic Analysis Open Source Tool suite for PCAP & Zeek Logs https://github.com/cisagov/Malcolm      
154 Virtual box Virtual Machine Hypervisor Open Source Hypervisor https://www.virtualbox.org/wiki/Downloads      
155 National Vulnerability Database Vulnerability Assessment Open Source Contains up-to date vulnerabilites list https://nvd.nist.gov      
156 Nessus* Vulnerability Assessment Conditional Scanner http://www.tenable.com/products/nessus      
157 OpenVAS Vulnerability Assessment Open Source open source Vulnerability Assessment System http://www.openvas.org/     
158 Retina Vulnerability Assessment $$ Scanner http://go.beyondtrust.com/community     
159 SEC Filings Vulnerability Assessment Open Source security filings https://www.sec.gov/edgar.shtml    
160 VirusTotal Vulnerability Assessment Open Source Checks files & sites for malware https://www.virustotal.com/#/home/upload     
         
         
 Solarwinds Downloads          
Tool Description Free Version 30 day Trial Professional
1 Access Rights Auditor Active Directory and File Server risk areas Download  
2 Access Rights Manager      
3 AppOptics Application Performance Monitoring    
4 Azure Cost Calculator   Download  
5 Dameware Remote Support (RDP)      
6 Database Performance Analyzer   Download  
7 Event Log Consolidator View, consolidate, and dismiss event logs and correlate issues across multiple systems Download  
FREE SolarWinds NAT Lookup | SolarWinds
8 Event Log Forwarder   Download  
9 Flow Tool Bundle Quickly distribute, test, and configure flow traffic Download  
10 Identity Manager      
11 ipMonitor   Download https://www.solarwinds.com/ip-monitor $1,495&up
12 Log Analyzer - Papertrail     https://www.papertrail.com/solution/log-analyzer/ 
13 NAT Lookup Network Address Translation Download  
14 Network Bandwidth Analyzer      
15 Network Configuration Manager      
16 Network Performance Monitor      
17 Papertrail Cloud-hosted log management for faster troubleshooting of infrastructure and application issues    
18 Performance Analyzer  For SQL      
19 Permissions Analyzer for Active Directory   Download  
20 Pingdom      
21 Security Event Manager      
22 Server & Application Manager      
23 Service Desk      
24 Solar-PuTTY   Download  
25 SQL Plan Warnings   Download  
26 Storage Resource Manager      
27 Virtualization manager      
28 Web Help Desk   Download  
29 Traceroute NG      
30 Port Scanner Lists of open, closed, and filtered ports for each scanned IP address Download  
31 Network Device Monitor      
32 Netflow Configurator      
33 GNS3 Network Emulator      
34 Real Time AppFlow Analyzer      
Software Categories
1 Anonymous Browser
2 Collection/Data Analysis/Synthesis
3 Cyber Hygiene
4 Cyber Threat  Intelligence
5 Data Analysis/Synthesis
6 Denial of Service
7 Firewall
8 Forensics
9 Forensics - Storage
10 Full Packet Capture
11 General Purpose Tool
12 General Purpose Tool Set
13 Hashes Data Base
14 Hashing
15 Indicator Identification
16 Information Sharing
17 Intrusion Detection
18 IOC Collection
19 Lateral Movement
20 Log Analysis
21 Logging
22 Malware Analysis
23 Malware Function discovery
24 Monitoring 
25 Monitoring - Memory
26 Monitoring - Network
27 Monitoring - Windows
28 OS Message Tracing
29 Packet Capture
30 Password - Bypass
31 Password - Extraction
32 Password - Harvesting
33 Password Assurance
34 Password Cracking
35 Pen Testing  - Attack surface
36 Pen Testing - Active Directory
37 Pen Testing - Authentication
38 Pen Testing - C2 & Exfiltration
39 Pen Testing - Credential Stuffing
40 Pen Testing - Database
41 Pen Testing - DNS
42 Pen Testing - General
43 Pen Testing - injection
44 Pen Testing - Malware Attacks
45 Pen Testing - OS
46 Pen Testing - Packets
47 Pen Testing - Password Crack
48 Pen Testing - People
49 Pen Testing - Peripherals
50 Pen Testing - PowerShell
51 Pen Testing - SMB, http, SQL servers
52 Pen Testing - Web
53 Pen Testing - Web Pages
54 Pen Testing - Website
55 Pen Testing - Windows
56 Pen Testing - Wireless
57 Proxy for Access Control
58 Reconnaissance - OSI
59 Reverse Engineering
60 Reverse Proxy Attack
61 Risk Assessment
62 Routine Security Defense
63 Scanning
64 Script Programming
65 Search Tool for Cyber 
66 Security Assessment - General
67 Security Information & Event Management
68 Source Code Analysis
69 Steganography
70 Technical Q&A Site
71 Threat Emulation
72 Timeline Analysis
73 Traffic Analysis
74 Virtual Machine Hypervisor
75 Vulnerability Assessment
FireEye Threat Pursuit VM
Development, Analytics and Machine Learning
Shogun
Tensorflow
Pytorch
Rstudio
RTools
Darwin
Keras
Apache Spark
Elasticsearch
Kibana
Apache Zeppelin
Jupyter Notebook
MITRE Caret
Python (x64)
Visualisation
Constellation
Neo4J
CMAP
Triage, Modelling & Hunting
MISP
OpenCTI
Maltego
Splunk
Microsoft MSTIC Jupyter and Python Security Tools
MITRE ATT&CK Navigator
Cortex Analyzer
Greynoise API and GNQL
threatcrowd API
threatcmd
ViperMonkey
Threat Hunters Playbook MITRE Tools
MITRE TRAM TRAM
SIGMA Calderra
YETI Caltack
Azure Zentinel
AMITT Framework
Adversarial Emulation
MITRE Calderra
Red Canary ATOMIC Red Team
Mordor Re-play Adversarial Techniques
MITRE Caltack Plugin
APTSimulator
FlightSim
Information Gathering
Maltego
nmap
intelmq
dnsrecon
orbit
FOCA
Utilities and Links
CyberChef
KeepPass
FLOSS
peview
VLC
AutoIt3
Chrome
OpenVPN
Sublime
Notepad++
Docker Desktop
HxD
Sysinternals
Putty