Home / Mac / How to install common security tools through Homebrew on a Mac

How to install common security tools through Homebrew on a Mac

We guide you through the process of using Homebrew package manager to install common security tools on macOS computers to assess and help harden devices on your network.

cyber security

Image: iStockphoto / Metamorworks

When it comes to assessing the security of the systems in and on your network, the same tools that threat actors are known to use are the tools chosen to identify vulnerabilities on these systems. They can help reduce problems before anyone else has a chance to exploit them, possibly for malicious gain.

SEE: Guidelines for protection of identity theft (TechRepublic Premium)

Typically, security administrators will use a security suite that includes all the tools needed, such as Parrot or the popular Kali deployment, based on the Linux kernel. While the suite typically runs on computers as a virtual machine, many of the individual tools themselves can be installed independently of the Linux kernel, to run naturally on macOS systems using Homebrew package management for simplified installation and administration.

Given the command-line rating of the Homebrew management system, each of the applications can be easily installed, updated and removed via the terminal ̵

1; either locally or via external technologies, such as SSH. And while many of the same penetration testing applications found in the aforementioned security suites are compatible with macOS, not all will be. To avoid these compatibility issues, this article will only highlight tools found in Homebrew that work fully on macOS.

SEE: Social Technology: A Cheat Sheet for Business People (Free PDF) (TechRepublic)


Nmap is a network discovery and scanning tool that enables the identification and fingerprinting of devices across networks, using a large number of syntaxes to help detect services and open ports.

brew install nmap


Nikto is a vulnerability scanner used to inspect web server configurations to detect thousands of potential issues, including misconfigurations, outdated updates, and version-specific issues that could otherwise allow attackers to gain unauthorized access.

brew install nikto


SQLmap is an open source program that enables you to detect and exploit vulnerabilities in SQL injection in database servers using structured query language. The tool can also be used to automate attacks.

brew install sqlmap

Zed Attack Proxy (ZAP)

Another open source security scanner, OWASP’s ZAP tool, is used to test the security of a web application through a variety of tools, including a proxy server to capture encrypted and unencrypted traffic, Fuzzer and more.

brew install caskroom/cask/brew-caskbrew cask install owasp-zap


This reconnaissance framework is designed to perform open source information gathering that leverages community-supported modules that provide additional resources to search, such as social media, using powerful (and secure) API tools. The data collected can then be used in other complementary tools to test vulnerabilities or exploit them.

brew install recon-ng

The harvest

The Harvester is an information gathering program that serves to use publicly available information and databases to obtain information, including domains, hostnames, emails, employee directory information – all that establishes to put together an overall picture of the target.

brew install theharvester


This scanner acts both as an information gathering tool that assesses which security protocols and digits are used on a server, including their configurations and which ports the service (s) are running on.

brew install testssl


An after-use framework, this tool utilizes PowerShell to create connections and create / run scripts on remote machines in memory while avoiding network detection, enabling it to run modules and cmdlets remotely under the radar.

brew install empire

John the Ripper

This password cracking tool is part of a security tester’s tool. It is designed to detect weak passwords on many different platforms, including Windows, Linux and macOS among a dozen others – using password lists (dictionary attacks) or a fast, variable speed attempt to crack more complex passwords (brute force attack).

brew install john


Bettercap, often referred to as a Swiss Army Security Army Knife, offers a security testing framework that provides countless tools for testing wireless networks (both Wi-Fi and Bluetooth), network snooping, proxies and spoofers for man-in-the-middle attacks.

brew install bettercap

See also

Source link