Tuesday, March 3, 2009

Top 20 Security Assessment Tools

Home Page: http://www.nessus.org/
Description: The premier Open Source vulnerability assessment tool Nessus is a remote security scanner for Linux, BSD, Solaris, and other Unix platforms. It is plug-in-based, has a GTK interface, and performs over 1200 remote security checks.

Home Page: http://www.ethereal.com/
Description: Sniffing the glue that holds the Internet together Ethereal is a free network protocol analyzer for Unix and Windows. You can interactively browse the capture data, viewing summary and detail information for each packet.

Home Page: http://netcat.sourceforge.net/
Description: The network swiss army knife. A simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts.

Home Page: http://sourceforge.net/projects/whisker/
Description: Rain.Forest.Puppy's CGI vulnerability scanner and libraryWhisker is a scanner which allows you to test HTTP servers for many known security holes, particularly the presence of dangerous CGIs. Libwhisker is a perl library (used by Whisker) which allows for the creation of custom HTTP scanners.

John the Ripper
Home Page: http://www.openwall.com/john/
Description: An extraordinarily powerful, flexible, and fast multi-platform password hash cracker. John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords.

Sam Spade
Home Page: http://www.samspade.org/ssw/
Description: Freeware Windows network query tool. SamSpade provides a consistent GUI and implementation for many handy network query tasks. It was designed with tracking down spammers in mind, but can be useful for many other network exploration, administration, and security tasks. It includes tools such as ping, nslookup, whois, dig, traceroute, finger, raw HTTP web browser, DNS zone transfer, SMTP relay check, website search, and more.

Home Page: http://www.cirt.net/code/nikto.shtml
Description: Nikto is a web server scanner which looks for over 2000 potentially dangerous files/CGIs and problems on over 200 servers.

Home Page: http://www.kismetwireless.net/
Description: A powerful wireless sniffer. Kismet is an 802.11b network sniffer and network dissector. It is capable of sniffing using most wireless cards, automatic network IP block detection via UDP, ARP, and DHCP packets, Cisco equipment lists via Cisco Discovery Protocol, weak cryptographic packet logging, and Ethereal and tcpdump compatible packet dump files.

Home Page: http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/superscan.htm
Description: Foundstone's Windows TCP port scanner. A connect-based TCP port scanner, pinger and hostname resolver. No source code is provided. It can handle ping scans and port scans using specified IP ranges.

L0phtCrack 4 (now called "LC4")
Download Location: http://www.net-security.org/software.php?id=17
Description: Windows password auditing and recovery application L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows NT/2000 workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc).

Home Page: http://www.eeye.com/html/Products/Retina/index.html
Description: Commercial vulnerability assessment scanner by eEye. Like Nessus and ISS Internet Scanner mentioned previously, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found.

Home Page: http://www.insecure.org/
Description: Open source scanning tool for Windows and Linux.

Network Stumbler
Download Location: http://www.stumbler.net/
Description: Free Windows 802.11 Sniffer. Netstumbler is the best known Windows tool for finding open wireless access points ("wardriving"). They also distribute a WinCE version for PDAs and such called Ministumbler. The tool is currently free but Windows-only and no source code is provided.

Home Page: http://www-arc.com/sara/
Description: Security Auditor's Research Assistant. SARA is a vulnerability assessment tool that was derived from the infamous SATAN scanner.

Home Page: http://www.nstalker.com/eng/products/nstealth/
Description: Web server scanner. N-Stealth is a commercial web server security scanner. It is generally updated more frequently than free web scanners such as whisker and nikto, but do take their web site with a grain of salt. The claims of "30,000 vulnerabilities and exploits" and "Dozens of vulnerability checks are added every day" are highly questionable.

Cain & Abel
Download Location: http://www.oxid.it/cain.html
Description: The poor man's L0phtcrack. Cain & Abel is a free password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary & Brute-Force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Home Page: http://www.sys-security.com/index.php?page=xprobe
Description: Active OS fingerprinting tool. XProbe is a tool for determining the operating system of a remote host. They do this using some of the same techniques as Nmap as well as many different ideas.

SolarWinds Toolsets
Download Location: http://www.solarwinds.net/
Description: A plethora of network discovery/monitoring/attack tools. SolarWinds has created and sells dozens of special-purpose tools targetted at systems administrators. Security related tools include many network discovery scanners and an SNMP brute-force cracker.

Download Location: http://www.hoobie.net/brutus/
Description: A network brute-force authentication cracker. This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available.

Paketto Keiretsu
Home Page: http://www.doxpara.com/read.php/code/paketto.html
Description: Extreme TCP/IP. The Paketto Keiretsu is a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. They tap functionality within existing infrastructure and stretch protocols beyond what they were originally intended for.

No comments:


Related Posts with Thumbnails