Monday, September 5, 2011

Best Open Source Information Security Tools

Open Source Security Assessment Tools


Best - Open Source Security Assessment , Vulnerability Auditing, & Penetration Testing Tools:

1
 Stockade Virtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Others
2

Nessus

 Open source vulnerability assessment tool
3
 Snort Intrusion Detection (IDS) tool
4
 Wireshark TCP/IP Sniffer- AKA Ethereal
5

WebScarab

Analyze applications that communicate using the HTTP and HTTPS protocols
6
 Wikto Web server assessment tool
7
 BackTrack Penetration Testing live Linux distribution
8
 Netcat The network Swiss army knife
9
 Metasploit Framework Comprehensive hacking framework
10
 Sysinternals Collection of windows utilities
11
 Paros proxy Web application proxy
12
 Enum Enumerate Windows information
13
 P0F v2 Passive OS identification tool
14
 IPPersonality Masquerade IP Stack
15
 SLAN Freeware VPN utility
16
 IKE Crack IKE/IPSEC cracking utility
17
 ASLEAP LEAP cracking tool
18
 Karma Wireless client assessment tool- dangerous
19
 WEPCrack WEP cracking tool
20
 Wellenreiter Wireless scanning application
21

SiteDigger

 Great Google hacking tool
22
 Several DDOS Tools Distributed Denial of Service(DDOS) tools
23
 Achilles Web Proxy Tool
24
 Firefox Web Developer Tool Manual web assessment
25
 Scoopy Virtual Machine Identification tool
26
 WebGoat Learning tool for web application pentests
27
 FlawFinder Source code security analyzer
28
 ITS4 Source code security analyzer
29
 Slint

Source code security analyzer
30
 PwDump3 Dumps Windows 2000 & NT passwords
31
 Loki ICMP covert channel tool
32
 Zodiac DNS testing tool
33
 Hunt TCP hijacking tool
34
 SniffIT Curses-Based sniffing tool
35
 CactiEZ Network traffic analysis ISO
36
 Inprotect Web-based Nessus administration tool
37
 OSSIM Security Information Management (SIM)
38
 Nemesis Command-Line network packet manipulation tool
39
 NetDude TCPDump manipulation tool
40
 TTY Watcher Terminal session hijacking
41
 Stegdetect Detects stego-hidden data
42
 Hydan Embeds data within x86 applications
43
 S-Tools Embeds data within a BMP, GIF, & WAV Files
44
 Nushu Passive covert channel tool
45
 Ptunnel Transmit data across ICMP
46
 Covert_TCP Transmit data over IP Header fields
47
 THC-PBX Hacker PBX Hacking/Auditing Utility
48
 THC-Scan Wardialer
49
 Syslog-NG MySQL Syslog Service
50

WinZapper

 Edit WinNT 4 & Win2000 log files
51
 Rootkit Detective Rootkit identification tool
52
 Rootkit Releaver Rootkit identification tool
53
 RootKit Hunter Rootkit identification tool
54

Chkrootkit

 Rootkit identification tool
55
 LKM Linux Kernal Rootkit
56
 TCPView Network traffic monitoring tool
57
 NMAP Network mapping tool
58
 Ollydbg Windows unpacker
59
 UPX Windows packing application
60
 Burneye Linux ELF encryption tool
61

SilkRpoe 2000

 GUI-Based packer/wrapper
62
 EliteWrap Backdoor wrapper tool
63
 SubSeven

Remote-Control backdoor tool
64
 MegaSecurity Site stores thousands of trojan horse backdoors
65
 Netbus

Backdoor for Windows
66
 Back Orfice 2000 Windows network administration tool
67
 Tini Backdoor listener similar to Netcat
68

MBSA

 Microsoft Baseline Security Analyzer
69
 OpenVPN SSL VPN solution
70
 Sguil An Analyst Console for network security/log Monitoring
71
 Honeyd Create your own honeypot
72
 Brutus Brute-force authentication cracker
73
 cheops / cheops-ng Maps local or remote networks and identifies OS of machines
74
 ClamAV A GPL anti-virus toolkit for UNIX
75
 Fragroute/Fragrouter Intrusion detection evasion toolkit
76
 Arpwatch Monitor ethernet/IP address pairings and can detect ARP Spoofing
77
 Angry IP Scanner Windows port scanner
78
 Firewalk Advanced traceroute
79
 RainbowCrack Password Hash Cracker
80
 EtherApe EtherApe is a graphical network monitor for Unix
81
 WebInspect Web application scanner
82
 Tripwire File integrity checker
83
 Ntop Network traffic usage monitor
84
 Sam Spade Windows network query tool
85
 Scapy Interactive packet manipulation tool
86
 Superscan A Windows-only port scanner
87
 Airsnort 802.11 WEP Encryption Cracking Tool
88
 Aircrack WEP/WPA cracking tool
89
 NetStumbler Windows 802.11 Sniffer
90
 Dsniff A suite of powerful network auditing and penetration-testing tools
91
 John the Ripper Multi-platform password hash cracker
92
 BASE The Basic Analysis and Security Engine- used to manage IDS data
93
 Kismet Wireless sniffing tool
94

THC Hydra

 Network authentication cracker
95
 Nikto Web scanner
96
 Tcpdump TCP/IP analysis tool
97

L0phtcrack

 Windows password auditing and recovery application
98

Reverse WWW Shell

 Shell access across port 80
99
 THC-SecureDelete Ensure deleted files are unrecoverable
100
 THC-AMAP Application mapping tool
Posted by at
Labels: , , , , ,

Top 5 VPN Software

ProXPN:

ProXPN is a free VPN software that creates a secure VPN connection between the internet and your PC under a highly secured environment. With secure browsing software ProXPN you can easily hide your online activity and identity. It also helps you to surf blocked websites by hiding the real IP address.

Create a ProXPN account, download, install and run the software, then you can connect the VPN service with your username and password.

Free accounts are rate-limited to 1000 kbps, and do not include PPTP VPN access.

Download Link : Click Here

---------------------------------------------------------------------------------------------------

MicroVPN:

This program is developed by a company that has various servers in the United States, and basically offers the connection to a VPN (Virtual Private Net) by means of which all the users connected will exit the VPN through their servers. This means that even if you are connected in your own country, your connection will indicate that your are in USA.

MicroVPN offers you various American IPs, protection by means of 168-bit L2TP/IPsec encryption, and various other protection elements that joined to the ease with which the software connects and how easy it is to configure, make MicroVPN one of the programs that changes our IP in the easiest way.

Download Link : Click here

**************************************************************************************

Loki VPN Client:

Free VPN software of Loki Network Project, it is workable for Windows computer only, but offers unlimited data traffic with a 30-minute connection limit per time.

You just need to download and install the software, then run and connect it, no registration needed, but sometimes it maybe fail to connect the VPN server, and the speed is a little slow.

Download Link : Click Here

====================================================================

ExpatShield:

It is true that we have several free vpn services to bypass such restrictions, but Expat Shield is a new vpn service from AnchorFree, maker of the popular HotSpot Shield, that enables users to create VPN connection to servers located in the United Kingdom, and thereby access all services which are region locked to the UK, such as BBC iPlayer, ITV player, Channel 4, Spotify and others.
Expat Shield also enables user to remain anonymous, and offers protection from packet sniffers, such as Firesheep, by way of encrypted (HTTPS) connection.

Download Link : Click Here

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Hotspot Shield:


Hotspot Shield offers a free VPN solution with unlimited bandwidth for Windows and Mac.

Just download and install the software, then you can run and connect the VPN service. There will be ads on the top of the webpages you visit.


Besides English, French and Chinese, Hotspot Shield also supports Arabic, Persian, Russian and Vietnamese.


shield logo

Hotspot Shield

Ensure you are private, secure, and anonymous online!

  • Secure your web session, data, online shopping, and personal information online with HTTPS encryption.
  • Protect yourself from identity theft online.

Download Link : Click Here

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Posted by at
Labels: , , , , , ,

Tuesday, August 30, 2011

Web Application Configuration Analyzer (WACA) - Microsoft

Web Application Configuration Analyzer (WACA) :-

server configuration for security best practices related to General Windows, IIS , ASP.NET and SQL Server settings.


Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers. The list of best practices is derived from the Microsoft Information Security & Risk Management Deployment Review Standards used internally at Microsoft to harden production and pre-production environments for line of business applications. The Deployment Review standards themselves were derived from content released by Microsoft Patterns & Practices, in particular: Improving Web Application Security: Threats and Countermeasures .


WACA - new features:-
  • Suppressions – you can now suppress any rule you feel is not appropriate for your scan.

  • Saving of suppression files – once you set up a suppression list you want to use you can save it off for future uses.
  • You can change the suppressions and regenerate the report without needing to re-run the scan.
  • Reporting – Updated the reporting section to include suppression information so you know what passed, failed, was not applicable and what was suppressed.
  • Multiple reports – you can view multiple scans of the same machine or view a single machine’s scan and compare it to other machines.
  • Export to the Microsoft RED format.
  • Scan multiple systems and SQL instances in one bulk scan.
  • Additional rules – we’ve added in additional SQL rules.
  • And of course bug fixes that were missed in the last release.

System requirements

Supported Operating Systems: Windows 7, Windows Server 2003, Windows Server 2003 R2 (32-Bit x86), Windows Server 2003 R2 x64 editions, Windows Server 2008

Supported Operating Systems for installation: Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008 R1/R2

Support Operating Systems for scanning: Windows Server 2003, Windows Server 2008 R1/R2

Sofware Requirements: .NET Framework v4.0, Microsoft Office Excel (Optional)


Download Link : Click Here


Posted by at
Labels: , , , ,

Microsoft - Attack Surface Analyzer



Attack Surface Analyzer :-
beta is a Microsoft verification tool now available for ISVs and IT professionals to highlight the changes in system state, runtime parameters and securable objects on the Windows operating system. This analysis helps developers, testers and IT professionals identify increases in the attack surface caused by installing applications on a machine.

The tool takes snapshots of an organization's system and compares ("diffing") these to identify changes. The tool does not analyze a system based on signatures or known vulnerabilities; instead, it looks for classes of security weaknesses as applications are installed on the Windows operating system
I'd encourage people to download the tool, and if you happen to be at Blackhat DC, swing by the Microsoft booth and take a look for yourself.

Download Link : Click Here




Posted by at
Labels: , , , ,

Monday, August 29, 2011

OpenDLP - Open source Data Loss Prevention

OpenDLP:-

is a free and open source, agent-based, centrally-managed, massively distributable data loss prevention tool released under the GPL. Given appropriate Windows domain credentials, OpenDLP can simultaneously identify sensitive data at rest on hundreds or thousands of Microsoft Windows systems from a centralized web application. OpenDLP has two components: a web application and an agent.

The speed and simplicity of OpenDLP make it a great choice for Penetration Testers. Unfortunately, it also does the same for an attacker. In one case, SecureState was able to sift through 50 machines to pull out various HIPAA and PCI data in less than an hour. This may result in non-compliance in both areas. With the weaponization of OpenDLP, an attacker no longer has to spend days searching systems or limiting themselves to only large file shares. Attackers can be in and out before they are ever detected.

Data Loss Prevention suite with centralized web frontend to manage Windows agent filesystem scanners, agentless database scanners, and agentless Windows/UNIX filesystem scanners that identify sensitive data at rest.Web Application
  • Automatically deploy and start agents over Netbios/SMB
  • When done, automatically stop, uninstall, and delete agents over Netbios/SMB
  • Pause, resume, and forcefully uninstall agents in an entire scan or on individual systems
  • Concurrently and securely receive results from hundreds or thousands of deployed agents over two-way-trusted SSL connection
  • Create Perl-compatible regular expressions (PCREs) for finding sensitive data at rest
  • Create reusable profiles for scans that include whitelisting or blacklisting directories and file extensions
  • Review findings and identify false positives
  • Export results as XML
  • Written in Perl with MySQL backend

Agent

  • Runs on Windows 2000 and later systems
  • Written in C with no .NET Framework requirements
  • Runs as a Windows Service at low priority so users do not see or feel it
  • Resumes automatically upon system reboot with no user interaction
  • Securely transmit results to web application at user-defined intervals over two-way-trusted SSL connection
  • Uses PCREs to identify sensitive data inside files
  • Performs additional checks on potential credit card numbers to reduce false positives
  • Can read inside ZIP files, including Office 2007 and OpenOffice files
  • Limits itself to a percent of physical memory so there is no thrashing when processing large files

Agentless Database Scans

In addition to performing data discovery on Windows operating systems, OpenDLP also supports performing agentless data discovery against the following databases:

  • Microsoft SQL server
  • MySQL

Agentless File System and File Share Scans

With OpenDLP 0.4, one can perform the following scans:

  • Agentless Windows file system scan (over SMB)
  • Agentless Windows share scan (over SMB)
  • Agentless UNIX file system scan (over SSH using sshfs)

Screenshots

Agent-based Windows OS scan, summary results view:

Agent-based Windows OS scan, detailed results view:

Agentless Microsoft SQL Server scan, detailed results view:


Download Link : Click Here

**********************************************************************************
Posted by at
Labels: , , , , , ,

SSH Tools for Windows , Mac OS


OpenSSH:
is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.

OpenSSH Server for Windows:


An installer for a minimal installation of the Cygwin environment suitable for running an OpenSSH server on the Windows platform.

Download Link : Click Here

SSH Client For Windows:
PuTTY is a free implementation of Telnet and SSH for Win32 platforms.

Download Putty : Click here

TTSSH is a free SSH client for Windows. It is implemented as an extension DLL for Teraterm Pro. Teraterm Pro is a superb free terminal emulator/telnet client for Windows, and its source is available. TTSSH adds SSH capabilities to Teraterm Pro without sacrificing any of Teraterm's existing functionality.

SSH Client For Mac O/S:
NiftyTelnet 1.1 SSH r3 is an enhanced version of Chris Newman's NiftyTelnet 1.1 application which adds support for encrypted terminal sessions using the SSH (Secure Shell) protocol.

Download NiftyTelnet : Click here

MacSSH:
SSH2 client for MacOS before X, based on BetterTelnet, lsh and GUSI.

Download MacSSH: Click Here
Posted by at
Labels: , , , , ,

Tips for Secure SSH Login


Secure Shell (SSH):
has been constructed with regards to security. Previously, customers often accessed Telnet in order to gain connection to their servers; however, this was the time, when servers were located right across the hall, not widely spread across the infinite internet.

Secure Shell provides an additional layer of encryption to the communication, ensuring that the users can connect with the dedicated server or the virtual private server (VPS) without having to feel wary of any threat from malicious activity, such as the capturing of their password.

Default Port No: 22/Tcp


Restrict Root login's:
In an ordinary situation, you have no motive to permit straight root logins to your server. Although the system administrator can be one of the roots once it has logged in (using su or sudo), it is far too dangerous to make your root account open to the entire Internet.

Jail users in chroot directories:
Servers, belonging to Linux and UNIX, provide the ability of restricting ordinary users from doing something dangerous, such as removing all the documents;, however, nothing can be done about viewing the files.

Install Brute Force Detection software:
Malicious hackers can make use of forcible methods in an attempt to gain knowledge of your password and carry out malevolent activity on your server.

Maintain secure password and periodic rotations:
Being the sysadmin, you have the ability to manage the requirements regarding the strength of the password along with making it compulsory for users to modify their password after a period of time.

Set the Timeout Interval:
An extremely helpful feature, a part of SSH configuration file, is that it allows you to determine a timeout interval, disallowing users from staying logged in, irrespective of whether they have forgotten to logout .


Posted by at
Labels: , , , ,
Subscribe to: Posts (Atom)