Top 100 Security Assessment, Vulnerability Auditing, & Network Security Tools
Publicado por enramos.com en Octubre 13, 2009
Una recopilación de 100 herramientas de seguridad Open Source que he encontrado vía jeromiejackson.com, que dejo publicada con el objetivo de revisar y comparar con el Top 100 Network Security Tools de sectools.org
|
1
|
Stockade | Virtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Others |
|
2
|
Open source vulnerability assessment tool | |
|
3
|
Snort | Intrusion Detection (IDS) tool |
|
4
|
Wireshark | TCP/IP Sniffer- AKA Ethereal |
|
5
|
Analyze applications that communicate using the HTTP and HTTPS protocols | |
|
6
|
Wikto | Web server assessment tool |
|
7
|
BackTrack | Penetration Testing live Linux distribution |
|
8
|
Netcat | The network Swiss army knife |
|
9
|
Metasploit Framework | Comprehensive hacking framework |
|
10
|
Sysinternals | Collection of windows utilities |
|
11
|
Paros proxy | Web application proxy |
|
12
|
Enum | Enumerate Windows information |
|
13
|
P0F v2 | Passive OS identification tool |
|
14
|
IPPersonality | Masquerade IP Stack |
|
15
|
SLAN | Freeware VPN utility |
|
16
|
IKE Crack | IKE/IPSEC cracking utility |
|
17
|
ASLEAP | LEAP cracking tool |
|
18
|
Karma | Wireless client assessment tool- dangerous |
|
19
|
WEPCrack | WEP cracking tool |
|
20
|
Wellenreiter | Wireless scanning application |
|
21
|
Great Google hacking tool | |
|
22
|
Several DDOS Tools | Distributed Denial of Service(DDOS) tools |
|
23
|
Achilles | Web Proxy Tool |
|
24
|
Firefox Web Developer Tool | Manual web assessment |
|
25
|
Scoopy | Virtual Machine Identification tool |
|
26
|
WebGoat | Learning tool for web application pentests |
|
27
|
FlawFinder | Source code security analyzer |
|
28
|
ITS4 | Source code security analyzer |
|
29
|
Slint |
Source code security analyzer |
|
30
|
PwDump3 | Dumps Windows 2000 & NT passwords |
|
31
|
Loki | ICMP covert channel tool |
|
32
|
Zodiac | DNS testing tool |
|
33
|
Hunt | TCP hijacking tool |
|
34
|
SniffIT | Curses-Based sniffing tool |
|
35
|
CactiEZ | Network traffic analysis ISO |
|
36
|
Inprotect | Web-based Nessus administration tool |
|
37
|
OSSIM | Security Information Management (SIM) |
|
38
|
Nemesis | Command-Line network packet manipulation tool |
|
39
|
NetDude | TCPDump manipulation tool |
|
40
|
TTY Watcher | Terminal session hijacking |
|
41
|
Stegdetect | Detects stego-hidden data |
|
42
|
Hydan | Embeds data within x86 applications |
|
43
|
S-Tools | Embeds data within a BMP, GIF, & WAV Files |
|
44
|
Nushu | Passive covert channel tool |
|
45
|
Ptunnel | Transmit data across ICMP |
|
46
|
Covert_TCP | Transmit data over IP Header fields |
|
47
|
THC-PBX Hacker | PBX Hacking/Auditing Utility |
|
48
|
THC-Scan | Wardialer |
|
49
|
Syslog-NG | MySQL Syslog Service |
|
50
|
Edit WinNT 4 & Win2000 log files | |
|
51
|
Rootkit Detective | Rootkit identification tool |
|
52
|
Rootkit Releaver | Rootkit identification tool |
|
53
|
RootKit Hunter | Rootkit identification tool |
|
54
|
Rootkit identification tool | |
|
55
|
LKM | Linux Kernal Rootkit |
|
56
|
TCPView | Network traffic monitoring tool |
|
57
|
NMAP | Network mapping tool |
|
58
|
Ollydbg | Windows unpacker |
|
59
|
UPX | Windows packing application |
|
60
|
Burneye | Linux ELF encryption tool |
|
61
|
GUI-Based packer/wrapper | |
|
62
|
EliteWrap | Backdoor wrapper tool |
|
63
|
SubSeven |
Remote-Control backdoor tool |
|
64
|
MegaSecurity | Site stores thousands of trojan horse backdoors |
|
65
|
Netbus |
Backdoor for Windows |
|
66
|
Back Orfice 2000 | Windows network administration tool |
|
67
|
Tini | Backdoor listener similar to Netcat |
|
68
|
Microsoft Baseline Security Analyzer | |
|
69
|
OpenVPN | SSL VPN solution |
|
70
|
Sguil | An Analyst Console for network security/log Monitoring |
|
71
|
Honeyd | Create your own honeypot |
|
72
|
Brutus | Brute-force authentication cracker |
|
73
|
cheops / cheops-ng | Maps local or remote networks and identifies OS of machines |
|
74
|
ClamAV | A GPL anti-virus toolkit for UNIX |
|
75
|
Fragroute/Fragrouter | Intrusion detection evasion toolkit |
|
76
|
Arpwatch | Monitor ethernet/IP address pairings and can detect ARP Spoofing |
|
77
|
Angry IP Scanner | Windows port scanner |
|
78
|
Firewalk | Advanced traceroute |
|
79
|
RainbowCrack | Password Hash Cracker |
|
80
|
EtherApe | EtherApe is a graphical network monitor for Unix |
|
81
|
WebInspect | Web application scanner |
|
82
|
Tripwire | File integrity checker |
|
83
|
Ntop | Network traffic usage monitor |
|
84
|
Sam Spade | Windows network query tool |
|
85
|
Scapy | Interactive packet manipulation tool |
|
86
|
Superscan | A Windows-only port scanner |
|
87
|
Airsnort | 802.11 WEP Encryption Cracking Tool |
|
88
|
Aircrack | WEP/WPA cracking tool |
|
89
|
NetStumbler | Windows 802.11 Sniffer |
|
90
|
Dsniff | A suite of powerful network auditing and penetration-testing tools |
|
91
|
John the Ripper | Multi-platform password hash cracker |
|
92
|
BASE | The Basic Analysis and Security Engine- used to manage IDS data |
|
93
|
Kismet | Wireless sniffing tool |
|
94
|
Network authentication cracker | |
|
95
|
Nikto | Web scanner |
|
96
|
Tcpdump | TCP/IP analysis tool |
|
97
|
Windows password auditing and recovery application | |
|
98
|
Shell access across port 80 | |
|
99
|
THC-SecureDelete | Ensure deleted files are unrecoverable |
|
100
|
THC-AMAP | Application mapping tool |
