Firewall testing checklist and cyber security tools
Firewall testing checklist
- Port scanning Tool: Nmap (
https://nmap.org/
) - OS fingerprinting Tool: Xprobe2 (
http://xprobe.sourceforge.net/
) - Firewall rule testing Tool: Firewalk (
https://github.com/defunkt/firewalk
) - Packet fragmentation evasion Tool: Fragroute (
https://github.com/plitex/fragroute
) - IP spoofing Tool: Hping3 (
https://github.com/antirez/hping
) - Protocol-specific evasion Tool: Metasploit Framework (
https://www.metasploit.com/
) - ICMP tunneling Tool: ICMPTX (
http://thomer.com/icmptx/
) - DNS tunneling Tool: Dns2tcp (
https://github.com/alex-sector/dns2tcp
) - HTTP tunneling Tool: HITPTunnel (
https://github.com/larsbrinkhoff/httptunnel
) - IPv6 tunneling Tool: Teredo (
https://tools.ietf.org/html/rfc4380
) - ARP spoofing: Tool: Ettercap (
https://www.ettercap-project.org/
) - SSL/TLS interception: Tool: SSLstrip (
https://github.com/moxie0/ssIstrip
) - SSL/TLS decryption: Tool: Wireshark (
https://www.wireshark.org/
) - SSH tunneling Tool: OpenSSH (
https://www.openssh.com/
) - Proxy server evasion Tool: Proxychains (
https://github.com/roflOr/proxychains-ng
) - TOR network evasion Tool: Tor Browser (
https://www.torproject.org/
) - Web application firewall (WAF) testing Tool: Wafwoof (
https://github.com/EnableSecurity/wafw00f
) - Session hijacking Tool: Cookie Cadger (
https://github.com/cookiecadger/CookieCadger
) - Man-in-the middle attack Tool: Bettercan (
https://www.bettercap.org/
) - VPN detection: Tool lodine (
https://github.com/varrick/iodine
) - Firewall evasion using encrypted payloads Tool: Veil-Evasion (
https://github.com/NeilFramework/Veil
) - Application-level evasion using SQL injection Tool: SOLMap (
https://sqlmap.org/
) - Application level evasion using Cross-Site Scripting (XSS) Tool: XSSer. (
https://github.com/epsylon/xsser
) - File type and extension evasion Tool: FuzzDB (
https://github.com/fuzzdb-project/fuzzdb
)
Open Source cyber security tools
Top 26 Open Source cyber security tools
- Zeek: (
https://zeek.org/
) - Network Security Monitoring - ClamAV: (
https://www.clamav.net/
) - Antivirus - OpenVAS: (
https://www.openvas.org/
) - Vulnerability Scanner - TheHive: (
https://thehive-project.org/
) - Incident Response - PFSense: (
https://www.pfsense.org/
) - Security appliance (firewall/VPN/router) - Elastic: (
https://www.elastic.co/
) - Analytics - Osquery: (
https://www.osquery.io/
) - Endpoint visibility - Arkime: (
https://arkime.com/
) - Packet capture and search - Wazuh: (
https://wazuh.com/
) - XDR and SIEM - Alien Vault Ossim: (
https://cybersecurity.att.com/
) - SIEM - Velociraptor: (
https://docs.velociraptor.app/
) - Forensic and IR - MISP project: (
https://www.misp-project.org/
) - Information sharing and Threat Intelligence - Kali: (
https://www.kali.org/
) - Security OS - Parrot: (
https://www.parrotsec.org/
) - Security OS - OpenIAM: (
https://www.openiam.com/
) - IAM - Yara: (
https://virustotal.github.io/yara/
) - Patterns - Wireguard: (
https://www.wireguard.com/
) - VPN - OSSEC: (
https://www.ossec.net/
) - HIDS - Suricata: (
https://suricata.io/
) - IDS/IPS - Shuffler: (
https://shuffler.io/
) - SOAR - Phish Report: (
https://phish.report/
) - Anti Phishing - Graylog: (
https://www.graylog.org/products/source-available/
) - Logmanagement - Trivy: (
https://www.aquasec.com/products/trivy/
) - DevOps/IaC Scanning - OpenEDR: (
https://openedr.com/
) - EDR - Metasploit: (
https://www.metasploit.com/
) - Pentest - NMAP: (
https://nmap.org/
) - Old but gold
Back to Table of Contents
Disclaimer
- License under
CC BY-NC 4.0
- Copyright issue feedback
me#imzye.com
, replace # with @ - Not all the commands and scripts are tested in production environment, use at your own risk
- No personal information is collected.
Feedback