| Kismet/Netstumbler | Detects wireless access points and analyzes network traffic. Useful for surveying a network to understand its wireless security footprint. | 10.6 |
| NMAP | Scans networks to identify active hosts and open ports. Employed for initial network reconnaissance and security auditing. | 10.6 |
| WireShark | A packet sniffer and protocol analyzer for real-time network monitoring. Ideal for diagnosing network issues or analyzing security incidents. | 10.6 |
| TCPDump | A Unix/Linux command-line packet capture tool. Helpful for real-time network troubleshooting and capturing packets for later analysis. | 10.6 |
| Honeypots | Decoy systems to lure attackers away from legitimate targets. Useful for studying attacker behaviors and tactics. | 10.6 |
| Hping3 | Crafts custom ICMP, UDP, and TCP packets to test firewalls. Employed to identify vulnerabilities or misconfigurations in firewall rules. | 10.7 |
| Intel Executable Disable (XD) | Provides hardware-level buffer overflow protection in Intel chipsets. Useful for preventing malicious code execution at the system level. | 11.5 |
| AMD Enhanced Virus Protection | Offers chipset-level buffer overflow protection for AMD processors. Acts as a hardware-level security feature against certain types of attacks. | 11.5 |
| Address Space Layout Randomization (ASLR) | Randomizes memory locations for process execution, offering buffer overflow protection. Effective against exploits aiming to predict memory addresses. | 11.5 |
| Nessus | A Tenable product for vulnerability assessment, it scans networks to identify security risks. Ideal for regular security audits. | 11.8 |
| Metasploit | A penetration testing framework that includes tools and exploits for security assessments. Can be used to simulate cyber-attacks to test network resilience. | 11.8 |
| CANVAS | Vulnerability assessment tool by Immunity, designed for identifying network and system weaknesses. Useful for enterprise security audits. | 11.8 |
| Nikto and Wikto | Analyzes web servers and identifies security issues like outdated software and misconfigurations. Effective for hardening web servers before deployment. | 12.10 |
| Burp Suite | A web security testing platform for web application vulnerabilities. Ideal for security assessments of web-based applications. | 12.10 |
| Fuzzers (MiniFuzz, Binscope, Regex Fuzzer) | Automated tools for identifying vulnerabilities by inputting unexpected data. Helpful for discovering unknown issues like crashes or security flaws in software. | 12.11 |
| OpenVAS | Open-source vulnerability scanning and management software. Useful for detecting vulnerabilities in your network before they can be exploited. | |
| Snort | Intrusion Detection System (IDS) that monitors network traffic in real-time for malicious activities. Employed for real-time threat detection and prevention. | |
| Hashcat | Advanced password recovery and cracking tool. Useful for assessing the strength of passwords by attempting to crack hashed password files. | |
| John the Ripper | Password cracking software designed to identify weak passwords by using various attack methods. Effective for security audits to improve password policies. | |
| Cuckoo Sandbox | Malware analysis tool that isolates suspicious files in a secure environment. Useful for understanding the behavior of unknown or potentially harmful files. | |