MaxPatrol Network Security Scanner - Positive Technologies

MaxPatrol - Network & Web Application Security Testing Tool:

       

MaxPatrol Core Features:

Web-server and Web Application structure analysis.

        MaxPatrol analyzes the structure of Web Applications to determine
        weaknesses and potential vulnerabilities in both the Web Server
        Configuration and the Web Application. Discovers available web server
        technologies. Inspects the HTTP version banners and looks for
        vulnerable products and other..

  

Intelligent recognition of vulnerabilities in known web-server scripts.

    Automatically detects web vulnerabilities:

        - SQL injection
        - Blind SQL injection
        - Cross Site Scripting
        - UTF-7 Cross Site Scripting
        - HTTP Response Splitting
        - Code execution
        - File inclusion
        - Directory traversal
        - Input validation
        - Authentication attacks
          (brute force login/password and etc)
        - Script source code disclosure
        - Discovers directories with weak permissions
          (finds directory listings and etc)
        - Looks for common files,
          back-up files, logs or directories

Detection of vulnerabilities arising from configuration errors including
    cases of unprotected authorization, revealing of information by services,
    etc.

Download Link: Maxpatrol

Freeware Tools:   Click Here

Penetration Testing Using Mobile Phones & Tablets

Network Penetration Testing Using Mobile Phones:

Two Penetration Testing Suite Listed Below:

• ANTI - Android Network Toolkit - Android & Apple Phone
• Pwnie Express - Nokia phone

ANTI - Android Network Toolkit:

                                  Anti consists of 2 parts: The Anti version itself and extendable plugins. Upcoming updates will add functionality, plugins or vulnerabilities/exploits to Anti Using Anti is very intuitive - on each run, Anti will map your network, scan for active devices and vulnerabilities, and will display the information accordingly: Green led signals an 'Active device', Yellow led signals "Available ports", and Red led signals "Vulnerability found". Also, each device will have an icon representing the type of the device. When finished scanning, Anti will produce an automatic report specifying which vulnerabilities you have or bad practices used, and how to fix each one of them.

In-order to download the App (version 2.1) click on Register & Download, Choose email/password and you may download straight to your phone.

Make sure 3rd party application is enabled on your phone via Settings -> Applications -> Unknown Sources.

Download Link : ANTI


The app is also available via Android Market (lite version without *ANY* offensive capabilities in-order to fully comply with Android/Google ToS), named : "AntiLite".


  
Pwnie Express - Nokia phone

A Nokia N900-based penetration testing platform

• Includes Aircrack-NG, Metasploit, Kismet, GrimWEPa, SET, Fasttrack, Ettercap, nmap, and more
• Custom pentesting desktop with shortcuts to all tools!
• One-click evil AP, WEP cracker, and packet capture!
• Built-in wireless chipset supports packet injection, monitor mode, and promiscuous mode.
• Includes phone, all standard accessories, 2 batteries, & coupler for USB host mode.

 Testing Tools manual : Click here

Download Link :  Pwnie Express



 Enjoy & Thank you for all the feedback/support!!












 

Open Authendication Server - ClearBox

ClearBox Enterprise RADIUS TACACS+ Server:
                                                                           is a Windows application for the centralized control and management of remote access to the network through the use of RADIUS, standard protocol widely deployed by various network equipment for central user access and security administration.

                                                                         ClearBox Enterprise Server is capable to provide authentication and accounting services to medium and large wholesale providers, organizations and network operators with thousands and even millions of users.

ClearBox Enterprise Server deployment areas include (but are not limited to) the following:

• Wi-Fi networks with RADIUS-enabled access points (in WPA-Enterprise mode) for wireless clients authentication;
• Prepaid and postpaid voice-over-IP (VoIP) applications with RADIUS-enabled h323 and SIP gateways, gatekeepers, IP-PBX's such as Cisco, Quintum, Mera, Brekeke, OpenH323, OpenSER, Asterisk and many others;
• Wholesale providers with wide access networks who forward RADIUS authentication and accounting data to end-point providers;
• Internet service providers (ISP) who provide an access to dial-up/ADSL/PPPoE users;
• Networks with RADIUS-enabled firewalls (Cisco PIX, Microsoft Internet Security and Acceleration Server (ISA), etc), VPN hardware/software servers, routers (Cisco, Mikrotik, etc). 

Download Link: Click Here

Open Source SSL Implementaton Tools

SSL-Explorer:
              is the world's first open-source, browser-based SSL VPN solution. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser.

            It also provides users with WebDAV file access, intranet Web site proxying, Active Directory authentication, and Java application deployment using a standard Web browser.

            In contrast to a conventional IPsec-based solution, no client side code needs to be installed on your end user’s systems. SSL VPNs rely on Java &#153 based technology and hence require only a standard web browser to operate. Standard network protocols can be tunnelled through the SSL connection, meaning that email and intranet web/file resources are easily and securely accessible from outside the corporate network.

Download Link :  Click Here

OpenSSL :
         OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

            Openssl command-line binary that ships with the OpenSSL libraries can perform a wide range of cryptographic operations. It can come in handy in scripts or for accomplishing one-time command-line tasks.


             Documentation for using the openssl application is somewhat scattered, however, so this article aims to provide some practical examples of its use. I assume that you’ve already got a functional OpenSSL installation and that the openssl binary is in your shell’s PATH.



Download Link for Unix/Linux : Click Here

Download Link for Windows   : Click Here

Web Security Testing Tools

Google Skipfish web scanner for Windows:

        The compiling was a breeze after i spent 4 hours toiling with the clean reinstall of cygwin. Nevertheless, i created an archive with all the cygwin libraries included.

Tested to run properly on Win7 and WinXP Pro

Download Link : Click Here

w3af :
        is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.

Download Link : Click Here




Simple Log File Analyzer (Python script)

                         Analyzes webserver log files and detects possible hack attempts. Version 1.0

Download Link : Click Here

Simple LAN Scanner (Python script)

                         Scans your local network and tries to give you the MAC and IP address of a running system.

Download Link : Click Here

Physical Security - Datacenter BluePrint

Physical Security ( Information Security  ) 

                            A significant amount of security incidents are found to be performed utilizing some vulnerability of the physical security.

So, here is a set of rules to create a blueprint of physical security of a IT department and data center for a company.

1. The system room must not have windows. Ideally, it should be in the center of the building.


2. All equipment that is not used must be stored in dedicated storage space, away from production environment


3. All high security spaces should be monitored by CCTV cameras.
4. Access control zones must be implemented, to create a security barrier as well as provide a log of access activities. These are created by doors opened by electronic key cards or multiple-factor authentication.
5. All windows should be fully tempered, and equipped with a glass break sensor connected to a central alarm system
6. All spaces that don't have 24/7 access should have motion sensors connected to the central alarm system.
7. The design of the environment should enable technical service personnel to operate with minimal risk of unauthenticated access to data
8. All alarm events and CCTV control should be under maximum security but should NOT be accessible by IT personnel
9. Paper, optical and magnetic data carriers should be handled in a controlled environment, and properly destroyed prior to discarding
10. High security environment should always implement multi-factor authentication.

The following image presents a concept for an IT department and System room environment that follows the presented set of rules:

The set-up of the environment is the following:
The reception area is the only way to access the entire floor, and everyone accessing this space is recorded on the CCTV camera. The access to the rest of the floor is restricted by an key card controlled door.
The Communication Room is also in the reception area, and it is accessible by a key card and PIN controlled door. It houses access panels where the communication providers (Telecoms, Internet, VPN etc.) terminate the purchased links. This is the last point where a representative of the telco providers can access to configure connectivity. The comm room has to be opened by an authorized System Administrator, so the telco provider's person is always escorted by an authorized person.
All the corridors in the space around the data-room are under CCTV surveillance
All offices have windows made of tempered glass that cannot be opened and are equipped with motion sensors which activate after 7 PM.
Support center which is manned 24/7, the toilet and the equipment storage room are the only rooms without motion sensor. These spaces can be used 24/7 so there is no point in placing motion sensors.
All documentation photocopying and destruction is performed in a dedicated room equipped with proper devices (shredder, degausser).
Dedicated storage space is used to store all unused equipment, which is accessed by a key card controlled door and is also monitored by CCTV.
The data-room is central to the floor, and has strengthened walls (Blue walls). The data-room is divided into two segments:

• Pre-system space - this space is accessible via a dual key card door, which opens only when two persons use their key cards simultaneously. The Pre-system space contains the supporting infrastructure, which is placed outside of the system space to minimize risks of battery or coolant leaks, and to allow service personnel to access and service this infrastructure without having access to the actual servers.


• System space - this space is accessible via the dead-man door, which is actually a very small corridor (only fits one person at a time) with two doors at the end. If one of the doors is open the other is automatically locked. In order to pass through the dead-man door, one must pass a multi-factor authentication: He/She needs to present his key card (something he/she has), type in the corresponding PIN (something he/she knows), and after entering the dead-man space, he is measured to verify the stored weight of the person, and a biometric verification is performed - retina or fingerprint (something he/she is).

The system space is under constant CCTV surveillance, and it also contains a separate small electronically locked space where the security controllers reside, to isolate these controllers from the SysAdmins.

open source Web Application Vulnerability Scanner

Web Application Security Assessment Tools:

Netsparker:

         Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology it's built on, just like an actual attacker.
        
         Netsparker can find and report security issues such as SQL Injection and Cross-site Scripting (XSS) in all web applications regardless of the platform and the technology they are built on.

Download Link :  Click here



N-stalker :

       

N-Stalker Web Application Security Scanner - security assessment tool that 
incorporates N-Stealth HTTP Security Scanner. Allows to scan web applications
 against SQL XSS injection, buffer overflow, parameter tampering, cross-site script
 CWE Top 25, PCI, OWASP Top 10.

Download Link : Click Here 

Acunetix:

         Web Application Vulnerability Scanner automatically checks your web 
applications for SQL Injection, XSS & other web vulnerabilities.   

Download Link : Click Here