Just like out article on Network Management Tools (you can read/view that list here), I wanted to compile a list of Networking Utilities and Tools in this article.
These are software programs. All these tools can be essential to troubleshooting network issues, as well as learning how the network works.
If you are looking for what physical networking tools we take with us in our “go bag”, look here.
Frankly, this is a bit of challenge as what tools are available depends on operating system, version and such. Much also depends on what point of view you have, like security or troubleshooting, as to what tools will be helpful.
I have tried to categorize the tools without rating them or reviewing them. Instead, the focus here is to create a reference list.
If you feel we have missed something, or know some missing information, please comment below.
Packet Capture/Packet Sniffing/Packet Analysis
I like to start here, as this is a crucial part of troubleshooting networks. Being able to capture the data networking packets and then analyze conversations is a crucial capability.
| Tool Name | Web Site (if avail) | Operating System | Cost (if avail) |
| Wireshark/Tshark | https://www.wireshark.org/Our articles on Tshark can be found here. Our classes on Wireshark can be found here. Check out all our stuff on Wireshark here. |
ALL | Free |
| Brim | https://github.com/brimsec/brim | ALL | Free |
| Solarwinds Deep Packet Inspection Tool | https://www.solarwinds.com/ | ALL | Free to $1500 |
| Fiddler (HTTP focus) | https://www.telerik.com/fiddler | ALL | Free – $12 |
| TCPDump | https://www.tcpdump.org/ | ALL | Free |
| Ettercap | https://www.ettercap-project.org/ Check out our “how to” at the Online School (requires free user account): here |
Linux | Free |
| Paessler Packet-Capture-Tool PRTG | https://www.paessler.com/packet_capture | Windows/Cloud | Free to try |
| WinDump (old) | https://www.winpcap.org/windump/ | Windows | Free |
| Kismet (wireless) | https://www.kismetwireless.net/ | Linux, OSX | Free |
| ManageEngine NetFlow Analyzer | https://www.manageengine.com/products/netflow/ | Linux, Windows | Free to try |
| Network Miner | https://sectools.org/tool/networkminer/ | Windows | Free |
| Ntop | https://www.ntop.org/ | ??? | Free |
| Capsa Free | https://www.colasoft.com/capsa-free/ | Windows | Free – $995 |
| Net Stumbler (wireless) | https://www.netstumbler.com/ | Windows | Free |
| Omnipeek Network Protocol Analyzer | https://www.liveaction.com/products/omnipeek-network-protocol-analyzer/ | Windows | Free to try |
| EtherApe | https://etherape.sourceforge.io/ | Linux | Free |
| Microsoft Network Monitor (old, archived) | https://www.microsoft.com/en-us/download/details.aspx?id=4865 | Windows | Free |
| KisMAC (wireless) | https://kismac-ng.org/ | OSX | Free |
| Ngrep | https://github.com/jpr5/ngrep | ALL | Free |
Custom Packet/Traffic Creation Tools
An interesting capability that the following tools have is to create/craft customized packets and play them into the network. This is done for several purposes such as testing access policies or even trying to break into a network.
| Tool Name | Web Site (if avail) | Operating System | Cost (if avail) |
| Scapy | https://scapy.net/ Check out our “how to” at the Online School (requires free user account): here |
Linux | Free |
| Hping | http://www.hping.org/ | ALL | Free |
| Ostinato | https://ostinato.org/ | ALL | Free $29 – $149 |
| Netcat (old) | http://netcat.sourceforge.net/ | Linux, OSX | Free |
| packETH | http://packeth.sourceforge.net/packeth/Home.html | Linux | Free |
Network Emulation and Simulation
Most people call these simulators, but they may be technically incorrect. Simulation is when the program/tool attempts to run like a network device or set of devices. Emulation is when you use a tool that actually runs the same software or operating system in switches/routers/network devices and creates a virtual environment to connect, test, and learn how these devices interoperate. Generally speaking, as compute power has gone up we have moved toward emulation. These tools can create virtual copies and topologies of existing networks allowing you to test and implement changes prior to rolling these changes out into the production network environment. They are also a great way to learn networking protocols which is why we have used tools like this in our hands on classes since we could first get our hands on them.
| Tool Name | Simulator or Emulator | Web Site (if avail) | Operating System | Cost (if avail) |
| GNS3 | Emulator | https://www.gns3.com/ Check out our “how to” at the Online School (requires free user account): here |
ALL | Free |
| VIRL | Emulator | https://learningnetwork.cisco.com/s/virl | Requires VMware | $199 Yearly License |
| Eve-NG | Emulator | https://www.eve-ng.net/ | ALL | Free |
| Packet Tracer | Simulator | https://www.netacad.com/courses/packet-tracer | ALL | Free with Course |
| Huawei eNSP | Simulator | https://support.huawei.com/enterprise/en/management-system/ensp-pid-9017384 | ??? | Free |
Network/Device Security Audit Programs, Penetration Testing
Network Security Audit Programs are used to check/verify network devices for security vulnerabilities. The programs listed perform these verification tasks but they may be limited. We urge you to try these tools against your network, and in some cases you may need to use multiple tools.
| Tool Name | Web Site (if avail) | Operating System | Cost (if avail) |
| Nmap | https://nmap.org/ My article on getting started with nmap: click here Deeper scanning with nmap: click here nmap scripting engine usage: click here Zenmap – the nmap GUI: click here |
ALL | Free |
| Nessus | https://www.tenable.com/products/nessus | ALL | Free – Subscription |
| Netsparker | https://www.netsparker.com/ | ??? | $$ |
| Nipper | https://www.titania.com/products/nipper/ | Windows, Linux | Free Trial, $$ |
| OpenVAS | https://www.openvas.org/ | Requires VirtualBox, runs as an appliance | Free Trial |
| Core Impact Pro | https://www.coresecurity.com/products/core-impact | ??? | ??? |
| Pinkie | http://www.ipuptime.net/category/download/ Check out our “how to” at the Online School (requires free user account): here |
Windows only | Free |
| SoftPerfect Network Scanner | https://www.softperfect.com/products/networkscanner/ | Windows, OSX | Free Trial |
| Retina (old) | https://www.beyondtrust.com/vulnerability-management | ??? | ??? |
| Qualys FreeScan | https://www.qualys.com/ | Web Based | Free Trial |
Intrution Detection Systems
Intrusion Detection System software is used to detect an ongoing attack attempt on your network or network devices and provide logging and/or alarms as well as blocking capabilities.
| Tool Name | Web Site (if avail) | Operating System | Cost (if avail) |
| IPCop | http://www.ipcop.org/ | Linux | Free |
| Snort | https://www.snort.org/ Check out our “how to” at the Online School (requires free user account): here |
Linux | $29.99 and up |
| Security Onion | https://securityonion.net/ | Linux | Free |
| Suricata | https://suricata-ids.org/ Check out our “how to” at the Online School (requires free user account): here |
Linux and Windows | Free |
Web Security Tools
So many applications are really web based applications today. These applications run on servers, and Web Security Tools will test these applications to ensure they are secure preventing would be attackers/hackers from gaining unauthorized access to your systems and database. Further we need to test and verify TCP and UDP.
| Tool Name | Web Site (if avail) | Operating System | Cost (if avail) |
| iPerf/iPerf3 | https://iperf.fr/ My article on iPerf: here |
ALL | Free |
| Burp Suite | https://portswigger.net/burp | ??? | Free Trial |
| Zeek Network Security Monitor | https://zeek.org/ | Linux | Free |
| Nikto2 | https://cirt.net/Nikto2 | Linux | Free |
| Ratproxy (old) | https://code.google.com/archive/p/ratproxy/ | ??? | ??? |
| Samurai Web Testing Framework | http://www.samurai-wtf.org/ | Linux | ??? |
| Websecurify | https://websecurify.com/ | ??? | ??? |
We hope this list is useful and helpful. If you think something is missing, or you can answer some of the ??? unknowns, please let me know in the comments below.
Be sure to come back often as we intend to update this page. Thanks in advance for your support and help.
I hope you find this article and its content helpful.