Package that involve IP networking.
Tool count: 343
| Name | Version | Description | Category | Website |
|---|---|---|---|---|
| above | v2.8.r2.g3e062ab | Network Protocols Sniffer. | sniffer scanner voip fingerprint networking recon | |
| adassault | 0.0.3.r30.gb3a7229 | An Active Directory environments pentest tool complementary to existing ones like NetExec. | networking | |
| afpfs-ng | 0.8.2 | A client for the Apple Filing Protocol (AFP) | networking misc | |
| aiengine | 1:2.0.1 | A packet inspection engine with capabilities of learning without any human intervention. | networking defensive | |
| apacket | 374.16e7036 | Sniffer syn and backscatter packets. | networking sniffer | |
| argus | 3.0.8.2 | Network monitoring tool with flow control. | networking defensive sniffer | |
| argus-clients | 3.0.8.2 | Network monitoring client for Argus. | networking defensive sniffer | |
| arp-scan | 1.10.0 | A tool that uses ARP to discover and fingerprint IP hosts on the local network | networking scanner fingerprint | |
| arpalert | 1:2.0.12 | Monitor ARP changes in ethernet networks. | networking defensive | |
| arping-th | 2.25 | ARP Ping from Thomas Habets (aka Debian arping). | networking | |
| arptools | 13.41cdb23 | A simple tool about ARP broadcast, ARP attack, and data transmission. | networking | |
| arpwner | 26.f300fdf | GUI-based python tool for arp posioning and dns poisoning attacks. | networking | |
| asnmap | v1.1.1.r0.g9eed841 | Map organization network ranges using ASN information. | networking | |
| atftp | 0.8.0 | Client/server implementation of the TFTP protocol that implements RFCs 1350, 2090, 2347, 2348, and 2349 | networking | |
| backfuzz | 1:1.b0648de | A network protocol fuzzing toolkit. | fuzzer networking | |
| badkarma | 85.2c46334 | Advanced network reconnaissance toolkit. | scanner networking recon | |
| bettercap | 2.33.0 | A complete, modular, portable and easily extensible MITM framework. | sniffer exploitation networking | |
| bind | 9.20.3 | The ISC DNS Server | networking recon | |
| bind-tools | 9.16.5 | The ISC DNS tools | networking recon | |
| binproxy | 8.d02fce9 | A proxy for arbitrary TCP connections. | proxy networking | |
| bittwist | 2.0 | A simple yet powerful libpcap-based Ethernet packet generator. It is designed to complement tcpdump, which by itself has done a great job at capturing network traffic. | sniffer networking | |
| bro | 2.6.4 | A powerful network analysis framework that is much different from the typical IDS you may know. | networking defensive sniffer | |
| bro-aux | 451.a98acb8 | Handy auxiliary programs related to the use of the Bro Network Security Monitor (https://www.bro.org/). | networking defensive sniffer | |
| buttinsky | 138.1a2a1b2 | Provide an open source framework for automated botnet monitoring. | networking | |
| bypass-firewall-dns-history | 33.c55b7ce | Firewall bypass script based on DNS history records. | networking | |
| cadaver | 0.24 | Command-line WebDAV client for Unix | networking | |
| camscan | 1.0057215 | A tool which will analyze the CAM table of Cisco switches to look for anamolies. | scanner networking defensive | |
| chameleon | 29.4414287 | A tool for evading Proxy categorisation. | networking | |
| chaosreader | 0.94 | A freeware tool to trace tcp, udp etc. sessions and fetch application data from snoop or tcpdump logs. | networking sniffer | |
| chiron | 48.524abe1 | An all-in-one IPv6 Penetration Testing Framework. | scanner networking exploitation proxy | |
| chopshop | 444.8bdd393 | Protocol Analysis/Decoder Framework. | networking reversing | |
| cidr2range | 1.0 | Script for listing the IP addresses contained in a CIDR netblock | networking | |
| cisco-snmp-enumeration | 10.ad06f57 | Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking. | automation networking exploitation cracker | |
| cisco-snmp-slap | 5.daf0589 | IP address spoofing tool in order to bypass an ACL protecting an SNMP service on Cisco IOS devices. | spoof networking exploitation | |
| clash | 1.18.0 | A rule-based tunnel in Go. | tunnel networking | |
| coercer | 2.4.3 | Coerce a Windows server to authenticate on an arbitrary machine through 9 methods. | exploitation networking windows | |
| corkscrew | 2.0 | A tool for tunneling SSH through HTTP proxies | tunnel proxy networking | |
| creak | 41.a6c011f | Poison, reset, spoof, redirect MITM script. | networking exploitation sniffer | |
| crypthook | 18.690dcae | TCP/UDP symmetric encryption tunnel wrapper. | crypto tunnel networking | |
| cyberscan | 75.ca85794 | A Network Pentesting Tool | networking scanner | |
| darkstat | 3.0.721 | Network statistics gatherer (packet sniffer) | sniffer networking | |
| datajackproxy | 42.f75f3a3 | A proxy which allows you to intercept TLS traffic in native x86 applications across platform. | proxy networking | |
| dcdetector | 0.0.1.r52.g2e69244 | Spot all domain controllers in a Microsoft Active Directory environment. Find computer name, FQDN, and IP address(es) of all DCs. | networking recon windows | |
| depdep | 2.0 | A merciless sentinel which will seek sensitive files containing critical info leaking through your network. | networking malware | |
| det | 31.417cbce | (extensible) Data Exfiltration Toolkit. | networking misc | |
| detect-sniffer | 159.a359262 | Tool that detects sniffers in the network. | defensive networking | |
| dhcpoptinj | 123.58a12c6 | DHCP option injector. | networking | |
| dinouml | 0.9.5 | A network simulation tool, based on UML (User Mode Linux) that can simulate big Linux networks on a single PC | networking | |
| dizzy | 2.0 | A Python based fuzzing framework with many features. | fuzzer networking | |
| dkmc | 56.3c238f0 | Dont kill my cat - Malicious payload evasion tool. | exploitation networking | |
| dns-reverse-proxy | 40.6bc04de | A reverse DNS proxy written in Go. | proxy networking | |
| dnsdiag | 343.39a1b1e | DNS Diagnostics and Performance Measurement Tools. | networking | |
| dnsfilexfer | 24.126edcd | File transfer via DNS. | networking misc | |
| dnsobserver | 5.f331482 | A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. | networking | |
| dnsteal | 28.1b09d21 | DNS Exfiltration tool for stealthily sending files over DNS requests.. | networking | |
| dnsvalidator | 82.146c9b0 | Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses. | networking misc | |
| dripcap | 0.6.15 | Caffeinated Packet Analyzer. | networking sniffer | |
| dshell | 142.695c891 | A network forensic analysis framework. | forensic networking | |
| dsniff | 2.4b1 | Collection of tools for network auditing and penetration testing | sniffer networking | |
| dtp-spoof | 5.3ae05fc | Python script/security tool to test Dynamic Trunking Protocol configuration on a switch. | networking | |
| dublin-traceroute | 347.d81c77e | NAT-aware multipath tracerouting tool. | networking | |
| dump1090 | 386.bff92c4 | A simple Mode S decoder for RTLSDR devices. | networking misc | |
| easy-creds | 45.bf9f00c | A bash script that leverages ettercap and other tools to obtain credentials. | automation networking | |
| eigrp-tools | 0.1 | This is a custom EIGRP packet generator and sniffer developed to test the security and overall operation quality of this brilliant Cisco routing protocol. | sniffer networking recon scanner | |
| espionage | 1:48.2d57edd | A Network Packet and Traffic Interceptor For Linux. Sniff All Data Sent Through a Network. | sniffer networking | |
| etherape | 0.9.20 | A graphical network monitor for various OSI layers and protocols | networking sniffer | |
| etherflood | 1.1 | Floods a switched network with Ethernet frames with random hardware addresses. | windows dos networking | |
| ettercap | 0.8.3.1 | Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. | sniffer networking | |
| evillimiter | 36.46d2033 | Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access. | networking misc | |
| exabgp | 1:4.2.6.r760.g0834593 | The BGP swiss army knife of networking. | networking defensive | |
| fakenet-ng | 306.6e3e72b | Next Generation Dynamic Network Analysis Tool. | malware networking sniffer proxy | |
| fakenetbios | 7.b83701e | A family of tools designed to simulate Windows hosts (NetBIOS) on a LAN. | spoof honeypot networking | |
| filibuster | 167.c54ac80 | A Egress filter mapping application with additional functionality. | networking | |
| firecat | 6.b5205c8 | A penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network. | networking tunnel | |
| fireprox | 51.a6e1300 | AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation. | proxy networking webapp | |
| flowinspect | 97.34759ed | A network traffic inspection tool. | networking sniffer | |
| fping | 5.2 | A utility to ping multiple hosts at once | networking recon scanner | |
| fraud-bridge | 10.775c563 | ICMP and DNS tunneling via IPv4 and IPv6. | tunnel networking | |
| freeipmi | 1.6.14 | Sensor monitoring, system event monitoring, power control, and serial-over-LAN (SOL). | networking misc | |
| fs-nyarl | 1.0 | A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit. | scanner networking forensic spoof exploitation sniffer | |
| fuzzowski | 41.e39f665 | A Network Protocol Fuzzer made by NCCGroup based on Sulley and BooFuzz. | fuzzer networking | |
| geoip | 1.6.12 | Non-DNS IP-to-country resolver C library & utils | networking recon | |
| girsh | v0.41.r0.gfc5b44e | Automatically spawn a reverse shell fully interactive for Linux or Windows victim. | networking | |
| grabitall | 1.1 | Performs traffic redirection by sending spoofed ARP replies. | windows spoof networking | |
| gsocket | 1.4.43 | Global Socket. Moving data from here to there. Securely, Fast and trough NAT/Firewalls. | networking | |
| gspoof | 3.2 | A simple GTK/command line TCP/IP packet generator. | networking | |
| gtp-scan | 0.7 | A small python script that scans for GTP (GPRS tunneling protocol) speaking hosts. | scanner networking mobile | |
| gwcheck | 0.1 | A simple program that checks if a host in an ethernet network is a gateway to Internet. | networking scanner | |
| haka | 0.2.2 | A collection of tool that allows capturing TCP/IP packets and filtering them based on Lua policy files. | networking sniffer | |
| havoc-c2 | 856.fb67b76 | Modern and malleable post-exploitation command and control framework. | automation backdoor exploitation networking | |
| hharp | 1beta | This tool can perform man-in-the-middle and switch flooding attacks. It has 4 major functions, 3 of which attempt to man-in-the-middle one or more computers on a network with a passive method or flood type method. | networking spoof | |
| hpfeeds | 414.34bf4d4 | Honeynet Project generic authenticated datafeed protocol. | honeypot networking | |
| hping | 3.0.0 | A command-line oriented TCP/IP packet assembler/analyzer. | networking | |
| http-traceroute | 0.5 | This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-like scanning functionality. | networking recon | |
| httping | 3.6 | A ping-like tool for http-requests | networking recon | |
| hyde | 11.ec09462 | Just another tool in C to do DDoS (with spoofing). | networking dos | |
| hyenae | 0.36_1 | flexible platform independent packet generator | networking | |
| hyperfox | 121.1a8c26f | A security tool for proxying and recording HTTP and HTTPs traffic. | networking proxy webapp | |
| i2pd | 2.54.0 | A full-featured C++ implementation of the I2P router | networking | |
| icmpsh | 12.82caf34 | Simple reverse ICMP shell. | backdoor networking | |
| icmptx | 1:0.2.r12.g2235866 | IP over ICMP tunnel. | tunnel networking | |
| idswakeup | 1.0 | A collection of tools that allows to test network intrusion detection systems. | recon networking scanner | |
| ifchk | 1.1.2 | A network interface promiscuous mode detection tool. | defensive networking | |
| impacket | 0.9.24 | Impacket is a collection of Python classes for working with network protocols. | networking | |
| impacket-ba | 0.12.0 | Collection of classes for working with network protocols. | exploitation networking | |
| infection-monkey | v2.2.0.r3599.ga55fc8dfe | Automated security testing tool for networks. | networking automation | |
| intercepter-ng | 1.0 | A next generation sniffer including a lot of features: capturing passwords/hashes, sniffing chat messages, performing man-in-the-middle attacks, etc. | windows wireless sniffer networking cracker | |
| interlace | 354.79b8949 | Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support. | networking | |
| ip-https-tools | 7.170691f | Tools for the IP over HTTPS (IP-HTTPS) Tunneling Protocol. | tunnel networking | |
| ipaudit | 1.1 | Monitors network activity on a network. | networking | |
| ipdecap | 96.45d2a7d | Can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, and can also remove IEEE 802.1Q (virtual lan) header. | networking | |
| ipmitool | 1.8.19 | Command-line interface to IPMI-enabled devices | networking | |
| iputils | 20240905 | Network monitoring tools, including ping | networking | |
| ipv4bypass | 24.f54072b | Using IPv6 to Bypass Security. | networking | |
| ipv666 | 182.ad45ae8 | Golang IPv6 address enumeration. ipv666 is a set of tools that enables the discovery of IPv6 addresses both in the global IPv6 address space and in more narrow IPv6 network ranges. These tools are designed to work out of the box with minimal knowledge of their workings. | recon networking | |
| isip | 2.fad1f10 | Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks. | voip networking fuzzer dos | |
| ivre | 0.9.21.dev54 | Network recon framework. | recon networking | |
| ivre-docs | 0.9.21.dev54 | Network recon framework (documentation) | recon networking | |
| ivre-web | 0.9.21.dev54 | Network recon framework (web application) | recon networking | |
| jnetmap | 0.5.5 | jNetMap helps you to keep an eye on your network. You can draw a graphical representation of your network, and jNetMap will periodically check if the devices are still up or a service is still running. You can also set up E-mail notifications or let jNetMap execute a script when a device goes down or comes up again. Additionally, you may attach notes to a device, initiate an RDP/VNC/SSH connection to a device and much more. | networking | |
| jok3r | 447.0761996 | Network and Web Pentest Framework. | webapp scanner fuzzer networking | |
| jondo | 00.20.001 | Redirects internet traffic trough a mix of proxy servers to hide the origin of the requests. | proxy networking | |
| junkie | 1365.70a83d6 | A modular packet sniffer and analyzer. | sniffer networking | |
| kickthemout | 212.861aea2 | Kick devices off your network by performing an ARP Spoof attack. | networking | |
| krbjack | 1.2.0 | DNS dynamic update abuse in ADIDNS and MitM attack using Kerberos AP-REQ hijacking. | networking exploitation | |
| krbrelayx | 61.aef69a7 | Kerberos unconstrained delegation abuse toolkit. | scanner fuzzer spoof networking | |
| lans | 1:148.9f8ef2d | A Multithreaded asynchronous packet parsing/injecting arp spoofer. | spoof networking | |
| latd | 1.31 | A LAT terminal daemon for Linux and BSD. | networking misc | |
| ldapdomaindump | 0.9.4 | Active Directory information dumper via LDAP. | scanner networking | |
| lft | 1:3.91 | A layer four traceroute implementing numerous other features. | recon networking | |
| libparistraceroute | 380.455f5ef | A library written in C dedicated to active network measurements with examples, such as paris-ping and paris-traceroute. | networking | |
| libtins | 1305.fe22186 | High-level, multiplatform C++ network packet sniffing and crafting library. | networking | |
| ligolo-ng | v0.7.5.r1.g9c75364 | An advanced, yet simple, tunneling tool that uses a TUN interface. | tunnel networking | |
| loic | 2.9.9.99 | An open source network stress tool for Windows. | networking windows | |
| macchanger | 1.7.0 | A small utility to change your NIC's MAC address | networking misc | |
| maclookup | 1:0.4 | Lookup MAC addresses in the IEEE MA-L/OUI public listing. | networking | |
| maketh | 0.2.0 | A packet generator that supports forging ARP, IP, TCP, UDP, ICMP and the ethernet header as well. | networking | |
| malcom | 708.02e55b9 | Analyze a system's network communication using graphical representations of network traffic. | networking defensive malware | |
| mallory | 134.47094fb | HTTP/HTTPS proxy over SSH. | proxy networking | |
| maltrail | 118120.ea4579edac | Malicious traffic detection system. | defensive networking sniffer | |
| mapcidr | v1.1.34.r394.g7189566 | Utility program to perform multiple operations for a given subnet/CIDR ranges. | misc networking | |
| massdns | 309.cb49ad2 | A high-performance DNS stub resolver in C. | networking | |
| mausezahn | 0.40 | A free fast traffic generator written in C which allows you to send nearly every possible and impossible packet. | dos networking | |
| mdns-scan | 0.5 | Scan mDNS/DNS-SD published services on the local network. | networking | |
| metasploit | 6.4.36 | Advanced open-source platform for developing, testing, and using exploit code | exploitation fuzzer scanner recon networking | |
| meterssh | 18.9a5ed19 | A way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. | backdoor networking | |
| middler | 1.0 | A Man in the Middle tool to demonstrate protocol middling attacks. | networking | |
| mikrotik-npk | 11.d54e97c | Python tools for manipulating Mikrotik NPK format. | reversing binary networking packer unpacker | |
| miredo | 1.2.6 | Teredo client and server. | networking | |
| mitm | 8.bd2b351 | A simple yet effective python3 script to perform DNS spoofing via ARP poisoning. | networking proxy spoof | |
| mitm6 | 33.8e75884 | Pwning IPv4 via IPv6. | scanner fuzzer spoof networking | |
| mitmer | 22.b01c7fe | A man-in-the-middle and phishing attack tool that steals the victim's credentials of some web services like Facebook. | sniffer networking | |
| mitmf | 467.0458300 | A Framework for Man-In-The-Middle attacks written in Python. | exploitation proxy networking spoof | |
| moloch | 0.11.3 | An open source large scale IPv4 full PCAP capturing, indexing and database system. | networking | |
| monocle | 1.0 | A local network host discovery tool. In passive mode, it will listen for ARP request and reply packets. In active mode, it will send ARP requests to the specific IP range. The results are a list of IP and MAC addresses present on the local network. | recon networking | |
| morxtunel | 1.0 | Network Tunneling using TUN/TAP interfaces over TCP tool. | tunnel networking | |
| morxtunnel | 1.0 | Network Tunneling using TUN/TAP interfaces over TCP tool. | tunnel networking | |
| mots | 5.34017ca | Man on the Side Attack - experimental packet injection and detection. | sniffer networking spoof defensive | |
| motsa-dns-spoofing | 2.6ac6980 | ManOnTheSideAttack-DNS Spoofing. | spoof networking | |
| mptcp | 1.9.0 | A tool for manipulation of raw packets that allows a large number of options. | networking | |
| mptcp-abuse | 6.b0eeb27 | A collection of tools and resources to explore MPTCP on your network. Initially released at Black Hat USA 2014. | networking recon scanner | |
| mrtparse | 522.13cde30 | A module to read and analyze the MRT format data. | misc networking | |
| mtr | 0.95 | Combines the functionality of traceroute and ping into one tool (CLI version) | networking | |
| mylg | 659.faba867 | Network Diagnostic Tool. | networking recon sniffer | |
| nacker | 23.b67bb39 | A tool to circumvent 802.1x Network Access Control on a wired LAN. | networking | |
| nbtool | 1:2.bf90c76 | Some tools for NetBIOS and DNS investigation, attacks, and communication. | networking recon scanner | |
| ncpfs | 2.2.6 | Allows you to mount volumes of NetWare servers under Linux. | networking | |
| neighbor-cache-fingerprinter | 83.f1e596f | An ARP based Operating System version scanner. | fingerprint networking | |
| nemesis | 331.5aee868 | command-line network packet crafting and injection utility | networking fuzzer spoof | |
| netactview | 0.6.4 | A graphical network connections viewer similar in functionality to netstat | networking | |
| netcommander | 1.3 | An easy-to-use arp spoofing tool. | spoof networking | |
| netcon | 0.1 | A network connection establishment and management script. | networking | |
| netmap | 0.1.3 | Can be used to make a graphical representation of the surounding network. | networking | |
| netreconn | 1.78 | A collection of network scan/recon tools that are relatively small compared to their larger cousins. | networking recon scanner | |
| netscan | 1.0 | Tcp/Udp/Tor port scanner with: synpacket, connect TCP/UDP and socks5 (tor connection). | scanner networking | |
| netsed | 1.3 | Small and handful utility design to alter the contents of packets forwarded thru network in real time. | networking | |
| network-app-stress-tester | 19.df75391 | Network Application Stress Testing Yammer. | dos networking fuzzer | |
| networkmap | 58.f5faf17 | Post-exploitation network mapper. | networking misc | |
| netzob | 1.0.2 | An open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. | reversing fuzzer networking | |
| nextnet | 3.c8dc7a6 | Pivot point discovery tool. | networking scanner | |
| nfdump | 1.6.23 | A set of tools to collect and process netflow data. | networking | |
| nfex | 2.5 | A tool for extracting files from the network in real-time or post-capture from an offline tcpdump pcap savefile. | forensic networking | |
| nfsshell | 19980519 | Userland NFS command tool. | automation networking | |
| ngrep | 1.47 | A grep-like utility that allows you to search for network packets on an interface. | networking | |
| ngrok | 3.2.2 | A tunneling, reverse proxy for developing and understanding networked, HTTP services. | tunnel networking | |
| nield | 38.0c0848d | A tool to receive notifications from kernel through netlink socket, and generate logs related to interfaces, neighbor cache(ARP,NDP), IP address(IPv4,IPv6), routing, FIB rules, traffic control. | networking | |
| nipe | 302.9e628df | A script to make Tor Network your default gateway. | defensive networking | |
| nipper | 0.11.7 | Network Infrastructure Parser | recon networking | |
| nkiller2 | 2.0 | A TCP exhaustion/stressing tool. | dos networking | |
| nohidy | 67.22c1283 | The system admins best friend, multi platform auditing tool. | recon networking defensive | |
| nsdtool | 0.1 | A netgear switch discovery tool. It contains some extra features like bruteoforce and setting a new password. | networking scanner | |
| nsoq | 1.9.5 | A Network Security Tool for packet manipulation that allows a large number of options. | networking scanner fuzzer | |
| nullscan | 1.0.1 | A modular framework designed to chain and automate security tests. | automation scanner recon fingerprint networking fuzzer exploitation | |
| obfs4proxy | 0.0.13 | A pluggable transport proxy written in Go. | proxy networking | |
| obfsproxy | 0.2.13 | A pluggable transport proxy written in Python | proxy networking | |
| opensvp | 65.df54ed8 | A security tool implementing "attacks" to be able to the resistance of firewall to protocol level attack. | exploitation networking | |
| ostinato | 0.9 | An open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. | sniffer networking | |
| packet-o-matic | 351 | A real time packet processor. Reads the packet from an input module, match the packet using rules and connection tracking information and then send it to a target module. | networking tunnel | |
| packeth | 3.0 | A Linux GUI packet generator tool for ethernet. | networking | |
| packetq | 306.201eb88 | A tool that provides a basic SQL-frontend to PCAP-files. | networking misc | |
| packetsender | 1134.5a9452e | An open source utility to allow sending and receiving TCP and UDP packets. | networking | |
| packit | 1.0 | A network auditing tool. Its value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. | networking | |
| pacumen | 1.92a0884 | Packet Acumen - Analyse encrypted network traffic and more (side-channel attacks). | crypto networking | |
| pcapfex | 60.c51055a | Packet CAPture Forensic Evidence eXtractor. | networking forensic | |
| pcapfix | 1.1.7 | Tries to repair your broken pcap and pcapng files. | networking misc | |
| pcapteller | 1.1 | A tool designed for traffic manipulation and replay. | sniffer networking | |
| pcapxray | 274.1721645 | A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. | forensic networking | |
| phantap | 64.815c312 | An 'invisible' network tap aimed at red teams. | networking | |
| pivotsuite | 20.5640666 | A portable, platform independent and powerful network pivoting toolkit. | networking backdoor | |
| pkt2flow | 69.868a2e8 | A simple utility to classify packets into flows. | networking | |
| plcscan | 0.1 | This is a tool written in Python that will scan for PLC devices over s7comm or modbus protocols. | scanner networking | |
| pmacct | 1:v1.7.6.r1541.g6466578 | Small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP IGP Streaming Telemetry]. | networking sniffer defensive | |
| pr0cks | 1:20.bcfcf2d | python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target. | proxy tunnel networking | |
| prads | 1132.e631f4f | Is a "Passive Real-time Asset Detection System". | scanner networking | |
| prometheus | 176.a316d66 | A Firewall analyzer written in ruby | networking | |
| prometheus-firewall | 176.a316d66 | A Firewall analyzer written in ruby | networking | |
| promiscdetect | 1.0 | Checks if your network adapter(s) is running in promiscuous mode, which may be a sign that you have a sniffer running on your computer. | windows networking defensive | |
| pth-toolkit | 7.3641cdc | Modified version of the passing-the-hash tool collection made to work straight out of the box. | sniffer networking | |
| ptunnel | 0.72 | A tool for reliably tunneling TCP connections over ICMP echo request and reply packets | tunnel networking | |
| pwnat | 14.d3c2b05 | A tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with *no* port forwarding and *no* DMZ setup on any routers in order to directly communicate with each other. | networking | |
| pwncat | 0.1.2 | Bind and reverse shell handler with FW/IDS/IPS evasion, self-inject and port-scanning. | backdoor scanner proxy networking | |
| pyersinia | 49.73f4056 | Network attack tool like yersinia but written in Python. | networking fuzzer dos voip scanner exploitation | |
| pyexfil | 81.2ef1b8c | A couple of beta stage tools for data exfiltration. | networking | |
| pyminifakedns | 0.1 | Minimal DNS server written in Python; it always replies with a 127.0.0.1 A-record. | networking spoof | |
| pyrdp | 2089.1daf83e | RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact. | sniffer networking | |
| python-cymruwhois | 1.6 | Python client for the whois.cymru.com service | networking | |
| python-ivre | 0.9.21.dev54 | Network recon framework (library) | recon networking | |
| python-python-cymruwhois | 30.022e16d | Python client for the whois.cymru.com service | networking | |
| python2-cymruwhois | 1.6 | Python client for the whois.cymru.com service | networking | |
| python2-hpfeeds | 414.34bf4d4 | Honeynet Project generic authenticated datafeed protocol. | honeypot networking | |
| python2-ivre | 0.9.16.dev26 | Network recon framework (library) | recon networking | |
| python2-ldapdomaindump | 0.9.4 | Active Directory information dumper via LDAP. | scanner networking | |
| rathole | 0.5.0 | A reverse proxy for NAT traversal | proxy tunnel networking | |
| rdp-sec-check | 11.d0cc143 | Script to enumerate security settings of an RDP Service. | scanner networking windows | |
| redsocks | 211.19b822e | Transparent redirector of any TCP connection to proxy. | proxy networking | |
| responder | 4:v3.1.5.0.r4.g5451372 | A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. | scanner fuzzer spoof networking | |
| responder-multirelay | 1:360.24e7b7c | A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2 (multirelay version), | scanner fuzzer spoof networking | |
| revsh | 215.174e309 | A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities. | backdoor networking | |
| ridrelay | 34.f2fa99c | Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv. | recon spoof networking | |
| rinetd | 0.62 | internet redirection server | networking | |
| routerhunter | 21.4da257c | Tool used to find vulnerable routers and devices on the Internet and perform tests. | scanner networking | |
| rpak | 1.0 | A collection of tools that can be useful for doing attacks on routing protocols. | windows networking sniffer spoof | |
| rtpbreak | 1:1.3a | Detects, reconstructs and analyzes any RTP session | networking | |
| rustcat | v3.0.0.r4.g245c791 | A Modern Port Listener & Reverse Shell. | networking | |
| samplicator | 175.ceeb1d2 | Send copies of (UDP) datagrams to multiple receivers, with optional sampling and spoofing. | networking spoff | |
| sbd | 1.36 | Netcat-clone, portable, offers strong encryption - features AES-128-CBC + HMAC-SHA1 encryption, program execution (-e), choosing source port, continuous reconnection with delay + more | crypto networking | |
| scamper | 20240920 | A tool that actively probes the Internet in order to analyze topology and performance. | scanner recon networking | |
| scapy | 2.6.0 | A powerful interactive packet manipulation program written in Python | networking | |
| scapy3k | 0.23 | Powerful interactive packet manipulation program written in Python 3 | networking | |
| sdn-toolkit | 1.21 | Discover, Identify, and Manipulate SDN-Based Networks | networking scanner recon | |
| sdnpwn | 85.0080574 | An SDN penetration testing toolkit. | scanner networking | |
| sessionlist | 6.3efc3b2 | Sniffer that intents to sniff HTTP packets and attempts to reconstruct interesting authentication data from websites that do not employ proper secure cookie auth. | networking sniffer | |
| seth | 103.8b6e36c | Perform a MitM attack and extract clear text credentials from RDP connections. | networking sniffer | |
| silk | 3.19.2 | A collection of traffic analysis tools developed by the CERT NetSA to facilitate security analysis of large networks. | networking scanner | |
| simple-lan-scan | 1.0 | A simple python script that leverages scapy for discovering live hosts on a network. | scanner recon networking | |
| simple-lan-scan3 | 1.0.1 | A simple python3 script that leverages scapy for discovering live hosts on a network. | scanner recon networking | |
| skydive | 0.28.0 | An open source real-time network topology and protocols analyzer. | networking | |
| smbclient-ng | 2.1.7.r6.g408ee98 | Interact with SMB shares. | networking windows | |
| smbrelay | 3 | SMB / HTTP to SMB replay attack toolkit. | windows networking exploitation | |
| smikims-arpspoof | 25.244d9ee | Performs an ARP spoofing attack using the Linux kernel's raw sockets. | spoof exploitation networking | |
| sn00p | 0.8 | A modular tool written in bourne shell and designed to chain and automate security tools and tests. | automation scanner recon fingerprint networking fuzzer exploitation | |
| sniffer | 4.688854e | Packet Trace Parser for TCP, SMTP Emails, and HTTP Cookies. | networking | |
| sniffjoke | 772.434bfb1 | Injects packets in the transmission flow that are able to seriously disturb passive analysis like sniffing, interception and low level information theft. | defensive networking sniffer | |
| sniffles | 469.118e93f | A Packet Capture Generator for IDS and Regular Expression Evaluation. | networking | |
| snmp-brute | 19.830bb0a | SNMP brute force, enumeration, CISCO config downloader and password cracking script. | cracker networking | |
| snmp-fuzzer | 0.1.1 | SNMP fuzzer uses Protos test cases with an entirely new engine written in Perl. | fuzzer networking | |
| snmpattack | 1.8 | SNMP scanner and attacking tool. | networking scanner | |
| snmpcheck | 1.9 | A free open source utility to get information via SNMP protocols. | networking recon | |
| snort | 2.9.20 | A lightweight network intrusion detection system. | defensive networking forensic | |
| socat | 1.8.0.1 | Multipurpose relay | networking | |
| sockstat | 0.4.1 | A tool to let you view information about open connections. It is similar to the tool of the same name that is included in FreeBSD, trying to faithfully reproduce as much functionality as is possible. | networking | |
| sparta | 21.b0a4514 | Python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. | scanner cracker fingerprint networking | |
| spiped | 1.6.2 | A utility for creating symmetrically encrypted and authenticated pipes between socket addresses. | networking crypto | |
| sprayhound | 0.0.3 | Password spraying tool and Bloodhound integration. | networking scanner | |
| sps | 4.3 | A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. | networking dos fuzzer | |
| ssdp-scanner | 1.0 | SSDP amplification scanner written in Python. Makes use of Scapy. | scanner networking | |
| ssh-mitm | 140.70998ba | SSH man-in-the-middle tool. | exploitation networking | |
| sshtunnel | 0.4.0 | Pure python SSH tunnels. | tunnel networking | |
| sshuttle | 1.1.2 | Transparent proxy server that forwards all TCP packets over ssh | proxy networking | |
| ssl-phuck3r | 2.0 | All in one script for Man-In-The-Middle attacks. | sniffer networking automation | |
| sslh | 2.1.2 | SSL/SSH/OpenVPN/XMPP/tinc port multiplexer | networking | |
| sslstrip | 0.9 | Python tool to hijack HTTPS connections during a MITM attack. | proxy networking exploitation | |
| starttls-mitm | 7.b257756 | A mitm proxy that will transparently proxy and dump both plaintext and TLS traffic. | proxy sniffer networking | |
| stegosip | 11.5cda6d6 | TCP tunnel over RTP/SIP. | tunnel networking stego | |
| stenographer | 486.355604b | A packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. | sniffer networking forensic | |
| stunnel | 5.73 | A program that allows you to encrypt arbitrary TCP connections inside SSL | networking tunnel | |
| stunner | v0.5.8.r64.g46d828f | Test and exploit STUN, TURN and TURN over TCP servers. | networking webapp | |
| swaks | 20240103.0 | Swiss Army Knife SMTP; Command line SMTP testing, including TLS and AUTH | networking | |
| sylkie | 1:0.0.4.r3.g1cf170f | IPv6 address spoofing with the Neighbor Discovery Protocol. | spoof networking | |
| t50 | 1:5.8.7c | Experimental Multi-protocol Packet Injector Tool. | dos networking | |
| tabi | 13.068a406 | BGP Hijack Detection. | defensive networking | |
| tcpcontrol-fuzzer | 2:0.1 | 2^6 TCP control bit fuzzer (no ECN or CWR). | fuzzer networking | |
| tcpcopy | 1283.21a3698 | A TCP stream replay tool to support real testing of Internet server applications. | networking | |
| tcpdstat | 4.be5bd28 | Get protocol statistics from tcpdump pcap files. | networking | |
| tcpdump | 4.99.5 | A tool for network monitoring and data acquisition | networking sniffer | |
| tcpextract | 1.1 | Extracts files from captured TCP sessions. Support live streams and pcap files. | networking | |
| tcpflow | 1.6.1 | Captures data transmitted as part of TCP connections then stores the data conveniently | networking sniffer | |
| tcpreplay | 4.4.3 | Gives the ability to replay previously captured traffic in a libpcap format | networking | |
| tcptrace | 6.6.7 | A TCP dump file analysis tool | networking | |
| tcptraceroute | 1.5beta7 | A traceroute implementation using TCP packets. | networking | |
| tcpwatch | 1.3.1 | A utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy connections. | networking | |
| tftp-proxy | 0.1 | This tool accepts connection on tftp and reloads requested content from an upstream tftp server. Meanwhile modifications to the content can be done by pluggable modules. So this one's nice if your mitm with some embedded devices. | proxy networking | |
| tgcd | 1.1.1 | TCP/IP Gender Changer Daemon utility. | networking | |
| thc-ipv6 | 3.8 | Complete tool set to attack the inherent protocol weaknesses of IPv6 and ICMP6 | networking recon dos spoof scanner | |
| tinc | 1.0.36 | VPN (Virtual Private Network) daemon | networking | |
| topera | 19.3e230fd | An IPv6 security analysis toolkit, with the particularity that their attacks can't be detected by Snort. | scanner networking | |
| tor | 0.4.8.13 | Anonymizing overlay network. | proxy tunnel networking | |
| torpy | 60.ebf000c | Pure python Tor client implementation. | networking | |
| tunna | 41.cba006d | a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. | networking tunnel proxy windows | |
| turner | 32.fad9423 | Tunnels HTTP over a permissive/open TURN server; supports HTTP and SOCKS5 proxy. | networking proxy tunnel | |
| udp2raw | 20230206.0 | A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket | tunnel networking | |
| udp2raw-tunnel | 20200818.0 | An Encrpyted, Anti-Replay, Multiplexed Udp Tunnel, tunnels udp traffic through fake-tcp or icmp by using raw socket. | networking tunnel | |
| udpastcp | 29.683b5e3 | This program hides UDP traffic as TCP traffic in order to bypass certain firewalls. | networking | |
| udptunnel | 2:19 | Tunnels TCP over UDP packets. | networking tunnel | |
| umit | 1.0 | A powerful nmap frontend. | networking | |
| uw-offish | 0.1 | Clear-text protocol simulator. | networking | |
| vault | 297.593e046 | Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. | scanner fingerprint recon networking | |
| vault-scanner | 299.0303cf4 | Swiss army knife for hackers. | scanner fingerprint recon networking | |
| villain | 1:V2.2.1.r2.gb3a3946 | C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features and share them among connected sibling servers. | backdoor networking exploitation | |
| vlan-hopping | 21.a37ba4e | Easy 802.1Q VLAN Hopping | automation networking recon | |
| vpnpivot | 22.37bbde0 | Explore the network using this tool. | recon networking | |
| webfixy | 25.5d477b0 | On-the-fly decryption proxy for MikroTik RouterOS WebFig sessions. | proxy crypto networking | |
| websockify | 946.e818947 | WebSocket to TCP proxy/bridge. | networking | |
| wifichannelmonitor | 1.70 | A utility for Windows that captures wifi traffic on the channel you choose, using Microsoft Network Monitor capture driver. | windows wireless sniffer networking | |
| windivert | 2.2.0 | A user-mode packet capture-and-divert package for Windows. | windows sniffer networking | |
| winrelay | 2.0 | A TCP/UDP forwarder/redirector that works with both IPv4 and IPv6. | windows networking | |
| wireshark-cli | 4.4.2 | a free network protocol analyzer for Unix/Linux and Windows - CLI version | sniffer networking | |
| wireshark-gtk | 2.6.6 | a free network protocol analyzer for Unix/Linux and Windows - GTK frontend | sniffer networking | |
| wireshark-qt | 4.4.2 | Network traffic and protocol analyzer/sniffer - Qt GUI | sniffer networking | |
| wol-e | 2.0 | A suite of tools for the Wake on LAN feature of network attached computers. | misc networking | |
| wondershaper | 48.98792b5 | Limit the bandwidth of one or more network adapters. | networking | |
| xerosploit | 38.e2c3c7b | Efficient and advanced man in the middle framework. | networking exploitation sniffer | |
| xfltreat | 270.17d4ec8 | Tunnelling framework. | tunnel networking | |
| xplico | 1:1.2.2 | Internet Traffic Decoder. Network Forensic Analysis Tool (NFAT). | forensic networking | |
| xxeserv | 14.2c7f444 | A mini webserver with FTP support for XXE payloads. | networking | |
| yaf | 2.12.2 | Yet Another Flowmeter. | networking | |
| yersinia | 0.8.2 | A network tool designed to take advantage of some weakness in different network protocols. | networking scanner | |
| zackattack | 5.1f96c14 | A new tool set to do NTLM Authentication relaying unlike any other tool currently out there. | networking scanner cracker | |
| zarp | 0.1.8 | A network attack tool centered around the exploitation of local networks. | exploitation networking | |
| zdns | 679.7f4676a | Fast CLI DNS Lookup Tool. | networking | |
| zeek | 1:v7.2.0.dev.r315.g8a4041b77 | Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. | networking defensive sniffer | |
| zeek-aux | 700.5e67276 | Handy auxiliary programs related to the use of the Zeek Network Security Monitor. | networking defensive sniffer | |
| zssh | 1.5c | SSH and Telnet client with ZMODEM file transfer capability | networking misc |