argus|3.0.8.1|Network monitoring tool with flow control.|http://qosient.com/argus/
argus-clients|3.0.8|Network monitoring client for Argus.|http://qosient.com/argus/
arp-scan|1.9|A tool that uses ARP to discover and fingerprint IP hosts on the local network|http://www.nta-monitor.com/tools/arp-scan/
arpalert|2.0.12|Monitor ARP changes in ethernet networks.|http://www.arpalert.org/
arpwner|26.f300fdf|GUI-based python tool for arp posioning and dns poisoning attacks.|https://github.com/ntrippar/ARPwner
atftp|0.7.1|client/server implementation of the TFTP protocol that implements RFCs 1350, 2090, 2347, 2348, and 2349|http://sourceforge.net/projects/atftp/
bind-tools|9.10.4.P1|The ISC DNS tools|http://www.isc.org/software/bind/
bro|2.4.1|A powerful network analysis framework that is much different from the typical IDS you may know.|https://www.bro.org/download/index.html
buttinsky|138.1a2a1b2|Provide an open source framework for automated botnet monitoring.|https://github.com/buttinsky/buttinsky
cadaver|0.23.3|Command-line WebDAV client for Unix|http://www.webdav.org/cadaver
chaosreader|0.94|A freeware tool to trace tcp, udp etc. sessions and fetch application data from snoop or tcpdump logs.|http://chaosreader.sourceforge.net/
cidr2range|0.9|Script for listing the IP addresses contained in a CIDR netblock|http://www.cpan.org/authors/id/R/RA/RAYNERLUC
depdep|2.0|A merciless sentinel which will seek sensitive files containing critical info leaking through your network.|https://github.com/galkan/depdep
det|23.db3336a|(extensible) Data Exfiltration Toolkit.|https://github.com/sensepost/det
dinouml|0.9.5|A network simulation tool, based on UML (User Mode Linux) that can simulate big Linux networks on a single PC|http://kernel.embedromix.ro/us/
dnsfilexfer|14.20743e0|File transfer via DNS.|https://github.com/leonjza/dnsfilexfer
dnsteal|23.9b3b929|DNS Exfiltration tool for stealthily sending files over DNS requests..|https://github.com/m57/dnsteal
dump1090|386.bff92c4|A simple Mode S decoder for RTLSDR devices.|https://github.com/MalcolmRobb/dump1090
etherape|0.9.14|A graphical network monitor for various OSI layers and protocols|http://etherape.sourceforge.net/
fping|3.13|A utility to ping multiple hosts at once|http://www.fping.org/
freeipmi|1.5.1|Sensor monitoring, system event monitoring, power control, and serial-over-LAN (SOL).|http://www.gnu.org/software/freeipmi/
geoip|1.6.6|Non-DNS IP-to-country resolver C library & utils|http://www.maxmind.com/app/c
gwcheck|0.1|A simple program that checks if a host in an ethernet network is a gateway to Internet.|http://packetstormsecurity.com/files/62047/gwcheck.c.html
haka|0.2.2|A collection of tool that allows capturing TCP/IP packets and filtering them based on Lua policy files.|https://github.com/haka-security/haka
hharp|1beta|This tool can perform man-in-the-middle and switch flooding attacks. It has 4 major functions, 3 of which attempt to man-in-the-middle one or more computers on a network with a passive method or flood type method.|http://packetstormsecurity.com/files/81368/Hackers-Hideaway-ARP-Attack-Tool.html
http-traceroute|0.5|This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-like scanning functionality.|http://packetstormsecurity.com/files/107167/Traceroute-Like-HTTP-Scanner.html
httping|2.4|A ping-like tool for http-requests|https://www.vanheusden.com/httping/
hyde|5.22d8e91|Just another tool in C to do DDoS (with spoofing).|https://github.com/CoolerVoid/Hyde
hyperfox|45.79ffeb5|A security tool for proxying and recording HTTP and HTTPs traffic.|github.com/xiam/hyperfox
ipaudit|1.1|Monitors network activity on a network.|http://ipaudit.sourceforge.net
ipdecap|83.b719681|Can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, and can also remove IEEE 802.1Q (virtual lan) header.|http://www.loicp.eu/ipdecap#dependances
ipmitool|1.8.17|Command-line interface to IPMI-enabled devices|http://ipmitool.sourceforge.net
iputils|20160308.0db72a4|Network monitoring tools, including ping|http://www.skbuff.net/iputils/
jnetmap|0.5.3|A network monitor of sorts|http://www.rakudave.ch/jnetmap/?file=introduction
latd|1.31|A LAT terminal daemon for Linux and BSD.|http://sourceforge.net/projects/linux-decnet/files/latd/1.31/
macchanger|1.7.0|A small utility to change your NIC's MAC address|http://www.gnu.org/software/macchanger
maclookup|0.4|Lookup MAC addresses in the IEEE MA-L/OUI public listing.|https://github.com/paraxor/maclookup
malcom|704.ec915a3|Analyze a system's network communication using graphical representations of network traffic.|https://github.com/tomchop/malcom
mdns-scan|0.5|Scan mDNS/DNS-SD published services on the local network.|
middler|1.0|A Man in the Middle tool to demonstrate protocol middling attacks.|http://code.google.com/p/middler/
miredo|1.2.6|Teredo client and server.|http://www.remlab.net/miredo/
moloch|0.11.3|An open source large scale IPv4 full PCAP capturing, indexing and database system.|https://github.com/aol/moloch
mptcp|1.9.0|A tool for manipulation of raw packets that allows a large number of options.|http://packetstormsecurity.com/files/119132/Mptcp-Packet-Manipulator.9.0.html
mptcp-abuse|6.b0eeb27|A collection of tools and resources to explore MPTCP on your network. Initially released at Black Hat USA 2014.|https://github.com/Neohapsis/mptcp-abuse
mtr|0.86|Combines the functionality of traceroute and ping into one tool (CLI version)|http://www.bitwizard.nl/mtr/
nacker|23.b67bb39|A tool to circumvent 802.1x Network Access Control on a wired LAN.|https://github.com/carmaa/nacker
nbtool|2.bf90c76|Some tools for NetBIOS and DNS investigation, attacks, and communication.|http://wiki.skullsecurity.org/Nbtool
ncpfs|2.2.6|Allows you to mount volumes of NetWare servers under Linux.|http://www.novell.com/
nemesis|1.4|command-line network packet crafting and injection utility|http://nemesis.sourceforge.net/
netcon|0.1|A network connection establishment and management script.|http://www.paramecium.org/~leendert/
netmap|0.1.3|Can be used to make a graphical representation of the surounding network.|http://netmap.sourceforge.net
netreconn|1.78|A collection of network scan/recon tools that are relatively small compared to their larger cousins.|http://packetstormsecurity.com/files/86076/NetReconn-Scanning-Tool-Collection.76.html
netsed|1.2|Small and handful utility design to alter the contents of packets forwarded thru network in real time.|http://silicone.homelinux.org/projects/netsed/
nfdump|1.6.13|A set of tools to collect and process netflow data.|http://sourceforge.net/projects/nfdump/
ngrep|1.45|A grep-like utility that allows you to search for network packets on an interface.|http://ngrep.sourceforge.net/
nield|0.6.1|A tool to receive notifications from kernel through netlink socket, and generate logs related to interfaces, neighbor cache(ARP,NDP), IP address(IPv4,IPv6), routing, FIB rules, traffic control.|http://nield.sourceforge.net/
nsdtool|0.1|A netgear switch discovery tool. It contains some extra features like bruteoforce and setting a new password.|http://www.curesec.com/en/publications/tools.html
nsoq|1.9.5|A Network Security Tool for packet manipulation that allows a large number of options.|http://www.nsoq.org/
packet-o-matic|351|A real time packet processor. Reads the packet from an input module, match the packet using rules and connection tracking information and then send it to a target module.|http://www.packet-o-matic.org/
packeth|1.8.1|A Linux GUI packet generator tool for ethernet.|http://packeth.sourceforge.net/
packetsender|152.1e5c559|An open source utility to allow sending and receiving TCP and UDP packets.|https://github.com/dannagle/PacketSender
packit|1.0|A network auditing tool. Its value is derived from its ability to customize, inject, monitor, and manipulate IP traffic.|http://packit.sourceforge.net/
pcapfix|1.1.0|Tries to repair your broken pcap and pcapng files.|http://f00l.de/pcapfix/
prometheus|176.a316d66|A Firewall analyzer written in ruby|https://github.com/averagesecurityguy/prometheus
pwnat|9.1d07c2e|A tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with *no* port forwarding and *no* DMZ setup on any routers in order to directly communicate with each other.|http://samy.pl/pwnat/
pyersinia|49.73f4056|Network attack tool like yersinia but written in Python.|https://github.com/nottinghamprisateam/pyersinia
pyexfil|39.fa99980|A couple of beta stage tools for data exfiltration.|https://github.com/ytisf/PyExfil
pyminifakedns|0.1|Minimal DNS server written in Python; it always replies with a 127.0.0.1 A-record|http://code.activestate.com/recipes/491264/
rtpbreak|1.3a|Detects, reconstructs and analyzes any RTP session|http://xenion.antifork.org/rtpbreak/
scapy|2.3.2|A powerful interactive packet manipulation program written in Python|http://www.secdev.org/projects/scapy/
sdn-toolkit|1.01|Discover, Identify, and Manipulate SDN-Based Networks|http://www.hellfiresecurity.com/tools.htm
sessionlist|1.0|Sniffer that intents to sniff HTTP packets and attempts to reconstruct interesting authentication data from websites that do not employ proper secure cookie auth.|http://www.0xrage.com/
silk|3.11.0.1|A collection of traffic analysis tools developed by the CERT NetSA to facilitate security analysis of large networks.|https://tools.netsa.cert.org/silk/
snmpattack|1.8|SNMP scanner and attacking tool.|http://www.c0decafe.de/
snmpcheck|1.8|A free open source utility to get information via SNMP protocols.|http://www.nothink.org/perl/snmpcheck/
sockstat|0.3|A tool to let you view information about open connections. It is similar to the tool of the same name that is included in FreeBSD, trying to faithfully reproduce as much functionality as is possible.|https://packages.debian.org/unstable/main/sockstat
spiped|1.5.0|A utility for creating symmetrically encrypted and authenticated pipes between socket addresses.|https://www.tarsnap.com/spiped.html
sps|4.3|A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4.|https://sites.google.com/site/simplepacketsender/
sslh|1.18|SSL/SSH/OpenVPN/XMPP/tinc port multiplexer|http://www.rutschle.net/tech/sslh.shtml
swaks|20130209.0|Swiss Army Knife SMTP; Command line SMTP testing, including TLS and AUTH|http://jetmore.org/john/code/swaks/
tcpdump|4.7.4|A tool for network monitoring and data acquisition|http://www.tcpdump.org
tcpextract|1.1|Extracts files from captured TCP sessions. Support live streams and pcap files.|https://pypi.python.org/pypi/tcpextract/1.1
tcpflow|1.4.5|Captures data transmitted as part of TCP connections then stores the data conveniently|https://github.com/simsong/tcpflow
tcpreplay|4.1.0|Gives the ability to replay previously captured traffic in a libpcap format|http://tcpreplay.appneta.com
tcptraceroute|1.5beta7|A traceroute implementation using TCP packets.|http://michael.toren.net/code/tcptraceroute/
tcpwatch|1.3.1|A utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy connections.|http://hathawaymix.org/Software/TCPWatch
tunna|19.f8c1881|a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.|https://github.com/SECFORCE/Tunna
udptunnel|19|Tunnels TCP over UDP packets.|http://code.google.com/p/udptunnel/
websockify|0.8.0|WebSocket to TCP proxy/bridge.|http://github.com/kanaka/websockify
yaf|2.7.1|Yet Another Flowmeter.|http://tools.netsa.cert.org/yaf/
yersinia|0.7.3|A network tool designed to take advantage of some weakness in different network protocols.|http://www.yersinia.net/
zackattack|5.1f96c14|A new tool set to do NTLM Authentication relaying unlike any other tool currently out there.|https://github.com/urbanesec/ZackAttack/
