List Of Commercial Tools : Web Application Security Scanner
Wednesday, September 14, 2011
Web Application Security/Vulnerability Scanner
List Of Commercial Tools : Web Application Security Scanner
Tuesday, September 6, 2011
virtualization product - Open Source
is a family of powerful x86 virtualization products for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL).
Presently, VirtualBox runs on Windows, Linux and Macintosh hosts and supports a large number of guest operating systems including but not limited to Windows (NT 4.0, 2000, XP, Server 2003, Vista), DOS/Windows 3.x, Linux (2.4 and 2.6), and OpenBSD.
VirtualBox for Linux/UNIX. Within VirtualBox Windows XP is running.
VirtualBox for Windows. Within VirtualBox Ubuntu 10.10 is running.
Oracle VirtualBox :
- LsiLogic SAS controller emulation
- RDP video acceleration
- NAT engine configuration via API and VBoxManage
- Enhanced OVF support with custom namespace to preserve settings that are not part of the base OVF standard
Download Link : Click Here
Monday, September 5, 2011
OVALdi - an open-source local vulnerability assessment scanner
OVALdi is open-source and still under heavy development, so the results may not always be accurate:
- The repository of OVAL definitions is not complete yet: Not all vulnerabilities will be detected.
- Non-English versions of Windows do not seem to be supported as well as English versions: In practice you may encounter more false positives (reported vulnerabilities even when the patch is already installed).
- Potential bugs
Download Link : Click Here
Best Open Source Information Security Tools
1 | Stockade | Virtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Others |
2 | Open source vulnerability assessment tool | |
3 | Snort | Intrusion Detection (IDS) tool |
4 | Wireshark | TCP/IP Sniffer- AKA Ethereal |
5 | Analyze applications that communicate using the HTTP and HTTPS protocols | |
6 | Wikto | Web server assessment tool |
7 | BackTrack | Penetration Testing live Linux distribution |
8 | Netcat | The network Swiss army knife |
9 | Metasploit Framework | Comprehensive hacking framework |
10 | Sysinternals | Collection of windows utilities |
11 | Paros proxy | Web application proxy |
12 | Enum | Enumerate Windows information |
13 | P0F v2 | Passive OS identification tool |
14 | IPPersonality | Masquerade IP Stack |
15 | SLAN | Freeware VPN utility |
16 | IKE Crack | IKE/IPSEC cracking utility |
17 | ASLEAP | LEAP cracking tool |
18 | Karma | Wireless client assessment tool- dangerous |
19 | WEPCrack | WEP cracking tool |
20 | Wellenreiter | Wireless scanning application |
21 | Great Google hacking tool | |
22 | Several DDOS Tools | Distributed Denial of Service(DDOS) tools |
23 | Achilles | Web Proxy Tool |
24 | Firefox Web Developer Tool | Manual web assessment |
25 | Scoopy | Virtual Machine Identification tool |
26 | WebGoat | Learning tool for web application pentests |
27 | FlawFinder | Source code security analyzer |
28 | ITS4 | Source code security analyzer |
29 | Slint | Source code security analyzer |
30 | PwDump3 | Dumps Windows 2000 & NT passwords |
31 | Loki | ICMP covert channel tool |
32 | Zodiac | DNS testing tool |
33 | Hunt | TCP hijacking tool |
34 | SniffIT | Curses-Based sniffing tool |
35 | CactiEZ | Network traffic analysis ISO |
36 | Inprotect | Web-based Nessus administration tool |
37 | OSSIM | Security Information Management (SIM) |
38 | Nemesis | Command-Line network packet manipulation tool |
39 | NetDude | TCPDump manipulation tool |
40 | TTY Watcher | Terminal session hijacking |
41 | Stegdetect | Detects stego-hidden data |
42 | Hydan | Embeds data within x86 applications |
43 | S-Tools | Embeds data within a BMP, GIF, & WAV Files |
44 | Nushu | Passive covert channel tool |
45 | Ptunnel | Transmit data across ICMP |
46 | Covert_TCP | Transmit data over IP Header fields |
47 | THC-PBX Hacker | PBX Hacking/Auditing Utility |
48 | THC-Scan | Wardialer |
49 | Syslog-NG | MySQL Syslog Service |
50 | Edit WinNT 4 & Win2000 log files | |
51 | Rootkit Detective | Rootkit identification tool |
52 | Rootkit Releaver | Rootkit identification tool |
53 | RootKit Hunter | Rootkit identification tool |
54 | Rootkit identification tool | |
55 | LKM | Linux Kernal Rootkit |
56 | TCPView | Network traffic monitoring tool |
57 | NMAP | Network mapping tool |
58 | Ollydbg | Windows unpacker |
59 | UPX | Windows packing application |
60 | Burneye | Linux ELF encryption tool |
61 | GUI-Based packer/wrapper | |
62 | EliteWrap | Backdoor wrapper tool |
63 | SubSeven | Remote-Control backdoor tool |
64 | MegaSecurity | Site stores thousands of trojan horse backdoors |
65 | Netbus | Backdoor for Windows |
66 | Back Orfice 2000 | Windows network administration tool |
67 | Tini | Backdoor listener similar to Netcat |
68 | Microsoft Baseline Security Analyzer | |
69 | OpenVPN | SSL VPN solution |
70 | Sguil | An Analyst Console for network security/log Monitoring |
71 | Honeyd | Create your own honeypot |
72 | Brutus | Brute-force authentication cracker |
73 | cheops / cheops-ng | Maps local or remote networks and identifies OS of machines |
74 | ClamAV | A GPL anti-virus toolkit for UNIX |
75 | Fragroute/Fragrouter | Intrusion detection evasion toolkit |
76 | Arpwatch | Monitor ethernet/IP address pairings and can detect ARP Spoofing |
77 | Angry IP Scanner | Windows port scanner |
78 | Firewalk | Advanced traceroute |
79 | RainbowCrack | Password Hash Cracker |
80 | EtherApe | EtherApe is a graphical network monitor for Unix |
81 | WebInspect | Web application scanner |
82 | Tripwire | File integrity checker |
83 | Ntop | Network traffic usage monitor |
84 | Sam Spade | Windows network query tool |
85 | Scapy | Interactive packet manipulation tool |
86 | Superscan | A Windows-only port scanner |
87 | Airsnort | 802.11 WEP Encryption Cracking Tool |
88 | Aircrack | WEP/WPA cracking tool |
89 | NetStumbler | Windows 802.11 Sniffer |
90 | Dsniff | A suite of powerful network auditing and penetration-testing tools |
91 | John the Ripper | Multi-platform password hash cracker |
92 | BASE | The Basic Analysis and Security Engine- used to manage IDS data |
93 | Kismet | Wireless sniffing tool |
94 | Network authentication cracker | |
95 | Nikto | Web scanner |
96 | Tcpdump | TCP/IP analysis tool |
97 | Windows password auditing and recovery application | |
98 | Shell access across port 80 | |
99 | THC-SecureDelete | Ensure deleted files are unrecoverable |
100 | THC-AMAP | Application mapping tool |
Top 5 VPN Software
ProXPN:
ProXPN is a free VPN software that creates a secure VPN connection between the internet and your PC under a highly secured environment. With secure browsing software ProXPN you can easily hide your online activity and identity. It also helps you to surf blocked websites by hiding the real IP address.Create a ProXPN account, download, install and run the software, then you can connect the VPN service with your username and password.
Free accounts are rate-limited to 1000 kbps, and do not include PPTP VPN access.
Download Link : Click Here
---------------------------------------------------------------------------------------------------
MicroVPN:
This program is developed by a company that has various servers in the United States, and basically offers the connection to a VPN (Virtual Private Net) by means of which all the users connected will exit the VPN through their servers. This means that even if you are connected in your own country, your connection will indicate that your are in USA.MicroVPN offers you various American IPs, protection by means of 168-bit L2TP/IPsec encryption, and various other protection elements that joined to the ease with which the software connects and how easy it is to configure, make MicroVPN one of the programs that changes our IP in the easiest way.
Download Link : Click here**************************************************************************************
Loki VPN Client:
Free VPN software of Loki Network Project, it is workable for Windows computer only, but offers unlimited data traffic with a 30-minute connection limit per time.You just need to download and install the software, then run and connect it, no registration needed, but sometimes it maybe fail to connect the VPN server, and the speed is a little slow.
Download Link : Click Here====================================================================
ExpatShield:
It is true that we have several free vpn services to bypass such restrictions, but Expat Shield is a new vpn service from AnchorFree, maker of the popular HotSpot Shield, that enables users to create VPN connection to servers located in the United Kingdom, and thereby access all services which are region locked to the UK, such as BBC iPlayer, ITV player, Channel 4, Spotify and others.Expat Shield also enables user to remain anonymous, and offers protection from packet sniffers, such as Firesheep, by way of encrypted (HTTPS) connection.
Download Link : Click Here
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Hotspot Shield:
Hotspot Shield offers a free VPN solution with unlimited bandwidth for Windows and Mac.
Just download and install the software, then you can run and connect the VPN service. There will be ads on the top of the webpages you visit.
Besides English, French and Chinese, Hotspot Shield also supports Arabic, Persian, Russian and Vietnamese.
Hotspot Shield
Ensure you are private, secure, and anonymous online!
- Secure your web session, data, online shopping, and personal information online with HTTPS encryption.
- Protect yourself from identity theft online.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++