Armory
Wireshark 
(17 ratings)
Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
PuTTY (12 ratings)
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham.
nmap (3 ratings)
Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to ...
VMware Workstation (5 ratings)
VMware Workstation is a virtual machine software suite for x86 and x86-64 computers from VMware, previously a division of EMC Corporation. This software suite allows users to set up multiple x86 and x86-64 virtual computers and to use one or more of these virtual machines simultaneously with the hosting operating ...
Nessus (3 ratings)
The Nessus vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. When Nessus is managed with Tenable's ...
hping (1 rating)
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn't only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many ...
Kismet (1 rating)
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, ...
iperf (1 rating)
Iperf was developed by NLANR/DAST as a modern alternative for measuring maximum TCP and UDP bandwidth performance. Iperf allows the tuning of various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, datagram loss.
PsTools (1 rating)
A suite of CLI tools for remote and local administration of Windows machines. Includes: * PsExec - execute processes remotely * PsFile - shows files opened remotely * PsGetSid - display the SID of a computer or a user * PsInfo - list information about a system * PsKill - ...
ngrep (1 rating)
ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes TCP, UDP, ICMP, IGMP and Raw protocols across ...
Angry IP Scanner (1 rating)
Angry IP Scanner is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features. It is widely used by network administrators and just curious users around the world, including large and small enterprises, ...
Kiwi CatTools (2 ratings)
Kiwi CatTools automates configuration backups and management on routers, switches and firewalls. It provides e-mail notification and compare reports highlighting config changes. Supports Telnet, SSH, TFTP and SNMP.
OpenVAS (2 ratings)
OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user fontend. The core is a server component with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications. OpenVAS products are Free Software under ...
ratproxy (1 rating)
A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments. Detects and prioritizes broad classes of security problems, such as dynamic ...
pfSense (3 ratings)
pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security ...
dynamips 
(3 ratings)
Dynamips is able to emulate Cisco hardware by running an unmodified IOS image on commodity PC hardware. Cisco 2600, 3600, 3700, and 7200 series routers are supported, as well some generic virtual devices like frame relay and Ethernet switches. Dynamips is developed by Christophe Fillot. A front end like [Dynagen](/armory/dynagen/) ...
mturoute (1 rating)
mturoute.exe is a small command line application that uses ICMP pings of various sizes in order to determine the MTU values on the path between itself and the target system. It also includes a "traceroute" like mode where it will attempt to determine the lowest MTU between the local host ...
SolarWinds Real-time NetFlow Analyzer (1 rating)
Once you’ve turned on NetFlow, Real-time NetFlow Analyzer captures and analyzes this data in real time to show you exactly what types of traffic are on your network, where that traffic is coming from, and where it is going. Finally, you can take the guesswork out of diagnosing network traffic ...
Advanced IP Address Calculator (1 rating)
Advanced IP Address Calculator is an easy-to-use IP subnet calculator that lets you calculate every aspect of your subnet configuration in a few mouse clicks! The calculator generates a color-coded bit map, breaking down the network, subnet, and host portion. It shows you the subnet host address range, the subnet ...
KNOPPIX (2 ratings)
KNOPPIX is a bootable Live system on CD or DVD, consisting of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, ...
Firewall Builder (2 ratings)
Firewall Builder is a GUI firewall configuration and management tool that supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA) and Cisco routers extended access lists. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations.
NetStumbler (3 ratings)
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It can be used for locating access points, mapping wireless coverage, calibrating antennas, and much more. Its counterpart, MiniStumbler, is available for mobile platforms.
EtherApe (1 rating)
EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic ...
ettercap
Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.
Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated ...
THC-Hydra
A very fast network logon cracker which support many different services. Currently this tool supports: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, LDAP2, Cisco AAA (incorporated ...
dsniff
dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). ...
THC-Amap
Amap is a next-generation tool for assisting network penetration testing. It performs fast and reliable application protocol detection, independent on the TCP/UDP port they are being bound to.
GFI LANguard
GFI LANguard Network Security Scanner (N.S.S.) is an award-winning solution that allows you to scan, detect, assess and rectify any security vulnerabilities on your network. As an administrator, you often have to deal separately with problems related to vulnerability issues, patch management and network auditing, at times using multiple products. ...
Retina
Retina Network Security Scanner, identifies known and zero day vulnerabilities plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits.