Skip to main content
Springer Nature Link
Log in

Security Testing and Attack Simulation Tools

  • Chapter
  • First Online:
IT Security Controls

  • 2337 Accesses

Abstract

This chapter lists several security testing and attack simulation tools by type. These tools must be operated in a contained environment like an isolated network segment, or when used in other types of environments, they need to be executed with a well-defined, clear scope and duration explicitly authorized by the system’s owners.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from €37.37 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

eBook
EUR 17.99
Price includes VAT (Netherlands)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 70.84
Price includes VAT (Netherlands)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.

Notes

  1. 1.

    www.kali.org

  2. 2.

    www.parrotsec.org

  3. 3.

    https://blackarch.org

  4. 4.

    www.metasploit.com

  5. 5.

    www.syhunt.com/sandcat/

  6. 6.

    www.chromium.org

  7. 7.

    www.shodan.io/

  8. 8.

    https://github.com/jivoi/awesome-osint

  9. 9.

    An example: www.google.com/search?q=site%3Aapress.com+kuyucu+%2B+viegas

  10. 10.

    https://otx.alienvault.com

  11. 11.

    www.tcpdump.org

  12. 12.

    www.wireshark.org

  13. 13.

    www.tenable.com

  14. 14.

    www.openvas.org

  15. 15.

    www.microfocus.com/en-us/cyberres/application-security/webinspect

  16. 16.

    https://owasp.org/www-project-webgoat/

  17. 17.

    www.netsparker.com

  18. 18.

    www.hcltechsw.com/products/appscan/

  19. 19.

    www.rapid7.com/products/appspider/

  20. 20.

    www.acunetix.com

  21. 21.

    www.nstalker.com/alliance/

  22. 22.

    http://w3af.org

  23. 23.

    https://owasp.org/www-project-zap/

  24. 24.

    https://sqlmap.org/

  25. 25.

    http://sqlninja.sourceforge.net/

  26. 26.

    https://wiki.owasp.org/index.php/Category:OWASP_SQLiX_Project

  27. 27.

    https://dvwa.co.uk

  28. 28.

    www.nmap.org

  29. 29.

    http://www.hping.org

  30. 30.

    www.colasoft.com/packet_builder/

  31. 31.

    https://ostinato.org

  32. 32.

    https://openargus.org

  33. 33.

    www.packetfence.org

  34. 34.

    https://lcamtuf.coredump.cx/p0f3/

  35. 35.

    www.nagios.org

  36. 36.

    www.ossec.net

  37. 37.

    https://github.com/mitre/caldera

  38. 38.

    https://atomicredteam.io/

  39. 39.

    https://cisofy.com/lynis/

  40. 40.

    https://github.com/brendangregg/bpf-perf-tools-book

  41. 41.

    https://digi.ninja/projects/cewl.php

  42. 42.

    https://ophcrack.sourceforge.io/

  43. 43.

    https://portswigger.net/burp

  44. 44.

    http://www.darkside.com.au/snow/

  45. 45.

    www.snort.org

  46. 46.

    www.social-engineer.org/framework/se-tools/computer-based/social-engineer-toolkit-set/

  47. 47.

    https://censys.io

  48. 48.

    www.riot-os.org

  49. 49.

    https://cofense.com/product-services/phishme/

  50. 50.

    www.knowbe4.com

  51. 51.

    www.keepnetlabs.com

  52. 52.

    https://lucysecurity.com

  53. 53.

    www.infosecinstitute.com/form/iq-demo

  54. 54.

    https://getgophish.com

  55. 55.

    https://immersivelabs.online

  56. 56.

    www.opensesame.com

  57. 57.

    www.acronis.com/en-us/products/true-image/

  58. 58.

    www.sleuthkit.org/autopsy/

  59. 59.

    www.magnetforensics.com/resources/encrypted-disk-detector/

  60. 60.

    www.magnetforensics.com/resources/magnet-ram-capture/

  61. 61.

    www.crowdstrike.com/resources/community-tools/crowdresponse/

  62. 62.

    www.crowdstrike.com/resources/community-tools/crowdinspect-tool/

  63. 63.

    https://sourceforge.net/projects/defraser/

  64. 64.

    https://exiftool.org

  65. 65.

    www.sans.org/tools/sift-workstation

  66. 66.

    www.dumpzilla.org

  67. 67.

    https://sumuri.com/software/paladin/

  68. 68.

    www.volatilityfoundation.org

  69. 69.

    www.oxygen-forensic.com/en/products/oxygen-forensic-detective

  70. 70.

    http://www.xplico.org

  71. 71.

    https://github.com/desaster/kippo

  72. 72.

    https://github.com/mushorg/glastopf

  73. 73.

    https://github.com/omererdem/honeything

Author information

Authors and Affiliations

  1. Doha, Qatar

    Virgilio Viegas & Oben Kuyucu

Authors
  1. Virgilio Viegas
    View author publications

    Search author on:PubMed Google Scholar

  2. Oben Kuyucu
    View author publications

    Search author on:PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Viegas, V., Kuyucu, O. (2022). Security Testing and Attack Simulation Tools. In: IT Security Controls. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-7799-7_9

Download citation

Publish with us

Policies and ethics