Top 100 Network Security Tools

Results of 2006 Survey of Security Administrators and Experts

Man busy on laptop in garden restaurant
J.P. Nodier/Photodisc/Getty Images

In 2000, Fyodor, creator of the NMap Scanner, conducted a survey of the readers of the nmap-hackers mailing list and compiled the Top 50 Security Tools.

Three years later, Fyodor again conducted the survey, and expanded the list to include the Top 75 Security Tools. Another three years have gone by and another survey has been done. With 3,243 readers responding, Fyodor has compiled the Top 100 Security Tools from his 2006 survey and they are now posted on the web site.

There are a total of 42 new tools on the list. That means that 42 out of 100 tools on the Top 100 Security Tools list did not appear on the 2003 Top 75. Thirteen of the new tools even made the top 50. Had the list been maintained at the Top 75, the length of the list in 2003, 27 of the tools (almost half) would be new to the list.

For the complete, detailed listing of all 100 tools, complete with links to download them, you should visit the Top 100 Security Tools listing on I will summarize here the top 10, as well as providing a list of the new tools on the list.

Top 10 Tools

  1. Nessus (vulnerability scanners)
  2. Wireshark (packet sniffers- previously known as Ethereal)
  3. Snort (IDS - intrusion detection system)
  4. Netcat (Netcat)
  5. Metasploit Framework (vulnerability exploitation tools)
  6. HPing2 (packet crafting tools)
  7. Kismet (wireless tools or packet sniffers)
  8. TCPDump {packet sniffers)
  1. Cain and Abel (password crackers or packet sniffers)
  2. John The Ripper (password crackers)

New Tools In The Top 100

  • Metasploit Framework
  • Paros Proxy
  • Aircrack
  • Sysinternals
  • Scapy
  • BackTrack
  • P0f
  • Google
  • WebScarab
  • WebInspect
  • Core Impact
  • IDA Pro
  • Rainbow Crack
  • AngryIP Scanner
  • RKHunter
  • Ike-scan
  • KisMAC
  • Tor
  • Knoppix
  • chrootkit
  • Yersinia
  • Nagios
  • X-scan
  • Socat
  • QualysGuard
  • ClamAV
  • BurpSuite
  • Unicornscan
  • BASE
  • Argus
  • Wikto
  • SGuil
  • IP Filter
  • Canvas
  • VMware
  • OpenVPN
  • OllyDbg
  • Helix
  • Acunetix Web Vulnerability Scanner
  • TrueCrypt
  • Watchfire AppScan