Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark has a rich feature set which includes the following: * Deep inspection of hundreds of ...

GNS3 is a graphical network simulator that allows you to design complex network topologies and to launch simulations on them. To allow complete simulations, GNS3 is strongly linked with [Dynamips](/armory/dynamips/), an IOS emulator which allows users to run IOS binary ...

OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH ...

GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. It is a non-interactive commandline tool, so it may easily be called from scripts, cron jobs, terminals without X-Windows support, ...

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, there are some network protocols implemented, but ...

Dynamips is able to emulate Cisco hardware by running an unmodified IOS image on commodity PC hardware. Cisco 2600, 3600, 3700, and 7200 series routers are supported, as well some generic virtual devices like frame relay and Ethernet switches. Dynamips ...

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It can be used for locating access points, mapping wireless coverage, calibrating antennas, and much more. Its counterpart, MiniStumbler, ...

Dynagen is a front-end for use with the [Dynamips](/armory/dynamips/) Cisco router emulator. It uses an INI-like configuration file to provision Dynamips emulator networks. It takes care of specifying the right port adapters, generating and matching up those pesky NIO descriptors, ...

Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service ...

The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network links. MRTG generates HTML pages containing PNG images which provide a LIVE visual representation of this traffic.

PktAnon performs network trace anonymization. It is highly configurable and uses anonymization profiles. Anonymization profiles allow for mapping of arbitrary anonymization primitives to protocol attributes, thus providing high flexibility and easy usability. A huge number of anonymization primitives and network ...

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) ...

aircrack is an 802.11 WEP and WPA-PSK key cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster ...

A suite of CLI tools for remote and local administration of Windows machines. Includes: * PsExec - execute processes remotely * PsFile - shows files opened remotely * PsGetSid - display the SID of a computer or a user * ...

This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These ...

BackTrack is the most Top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. It's evolved from the merge of the two ...

ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It ...

lsof is a Unix-specific diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It can also list communications open ...

Orion is a commercial network management system produced by SolarWinds. It is capable of syslog, SNMP, NetFlow, and other types of monitoring. Additionally, it can be expanded with purchasable modules.

VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in both Cisco ...