Armory
nipper
Nipper processes network device configuration files, performs a security audit and outputs a security report with recommendations and a configuration report. Nipper supports a variety of devices from Cisco, Juniper, CheckPoint, Nortel and SonicWALL. Reports can be generated in HTML, XML, LaTeX, or plain text. Check out the online version ...
EIGRP-tools
EIGRP-tools is a custom EIGRP packet generator and sniffer combined. It was developed to test the security and overall operation quality of the EIGRP routing protocol. Using this tool requires you to have the requisite background knowledge of EIGRP, packets structure/types, alongside a good working background of the Layer 3 ...
driftnet
Inspired by EtherPEG, Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.
VoIP Hopper
VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper does this by mimicking the behavior of an IP Phone, in both Cisco and Avaya IP Phone environments. VoIP Hopper is a VLAN ...
SING
SING stands for 'Send ICMP Nasty Garbage'. It is a tool that sends ICMP packets fully customized from command line. Its main purpose is to replace the ping command but adding certain enhancements (Fragmentation, spoofing,...)
ethtool
ethtool is used to query and modify low-level NIC settings, like speed, duplex, and autonegotiation.
Tcpreplay
Tcpreplay is a suite of BSD licensed tools written by Aaron Turner for UNIX (and Win32 under Cygwin) operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices. It allows you to classify traffic as client or server, ...
tcpflow
tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually ...
ipsumdump
The ipsumdump program summarizes TCP/IP dump files into a self-describing ASCII format easily readable by humans and programs. Ipsumdump can read packets from network interfaces, from tcpdump files, and from existing ipsumdump files. It will transparently uncompress tcpdump or ipsumdump files when necessary. It can randomly sample traffic, filter traffic ...
Netdude
The Network Dump data Displayer and Editor is a framework for inspection, analysis and manipulation of tcpdump trace files. It addresses the need for a toolset that allows easy inspection, modification, and creation of pcap/tcpdump trace files.
sipsak
sipsak is a small command line tool for developers and administrators of Session Initiation Protocol (SIP) applications. It can be used for some simple tests on SIP applications and devices.
mtr
mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool. As mtr starts, it investigates the network connection between the host mtr runs on and HOSTNAME by sending packets with purposefully low TTLs. It continues to send packets with low TTL, noting the response ...
lft
LFT, short for Layer Four Traceroute, is a sort of 'traceroute' that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, loose source routing, netblock name ...
whob
WhoB is a likable whois client designed to provide everything a network engineer needs to know about a routed IP address by typing one line and reading one line. But even so, it's worth typing a few more lines because WhoB can do lots of other cool things for you! ...
Web Developer
Web Developer is a nifty Firefox extension which provides some very handy tools for web developers, including CSS manipulation, object highlighting, code validation, browser resizing, and lots more.
packETH
packETH is a Linux GUI packet generator tool for Ethernet. It allows you to create and send any possible packet or sequence of packets on the Ethernet.
Paros
Paros is an HTTP and HTTPS proxy application written in Java. It allows for easy interception and manipulation of web traffic to and from a client.
MRTG
The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network links. MRTG generates HTML pages containing PNG images which provide a LIVE visual representation of this traffic.
Hyperic HQ
Hyperic HQ is open source web infrastructure management software. Hyperic HQ and its agent software can be installed on many platforms. Commercial support subscriptions are also available.
Burp Suite
Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting ...
iftop
iftop does for network usage what top(1) does for CPU usage. It listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts. Handy for answering the question "why is our ADSL link so slow?".
Live HTTP Headers
A Firefox plugin which allows you to view the HTTP headers of a live connection as they are sent and received.
BGPlay
BGPlay is a Java application which displays animated graphs of the routing activity of a certain prefix within a specified time interval. Its graphical nature makes it much easier to understand how BGP updates affect the routing of a specific prefix than by analyzing the updates themselves. The BGPlay database ...
Pandora FMS
Pandora FMS is a monitoring Open Source software. It watches your systems and applications, and allows you to know the status of any element of those systems. Pandora FMS could detect a network interface down, a defacement in your website, a memory leak in one of your server application, or ...
PhotoRec
PhotoRec is file data recovery software designed to recover lost files including video, documents and archives from Hard Disks and CD-ROM and lost pictures (thus, its 'Photo Recovery' name) from digital camera memory. PhotoRec ignores the filesystem and goes after the underlying data, so it will still work even if ...
Firewalk
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. Firewalk works by sending out TCP or UDP packets with a TTL one greater than the targeted gateway. If the gateway allows the traffic, it will forward ...
Nfdump
Nfdump is a set of tools to collect and process netflow data. It's fast and has a powerful filter pcap like syntax. Nfdump supports netflow versions v5, v7 and v9 as well as a limited set of sflow and is IPv6 compatible. See also [NfSen](http://nfsen.sourceforge.net/).
NfSen
NfSen is a graphical web based front end for the [nfdump](http://nfdump.sourceforge.net/) netflow tools.
