Anti-Malware Tool

Malwarebytes Anti-Exploit :

                                  BETA protects you from zero-day exploits targeting browser and application vulnerabilities. Its proprietary technology protects you in that critical period between the release of a new exploit and its subsequent security patch. And, unlike antivirus products, Malwarebytes Anti-Exploit BETA proactively prevents the exploit from installing its payload. Before it can do damage.

                   
                           Malwarebytes Anti-exploit is a new application made by the makers of the freeware anti-virus, Malwarebytes.

• Protects Internet Explorer, Firefox, Chrome, and Opera browsers
• Protects browser components, including Java and Flash
• Defends against drive-by download attacks
• Shields vulnerable applications
• Blocks unknown and known exploit kits

 Download Link : http://www.malwarebytes.org/products/antiexploit/

Malwarebytes Anti-Malware :

               

                                   One of the top free Anti-Malware programs out on the market today is Malwarebytes.  Recommended by many professionals and our team.  

How do I operate Malwarebytes?

1. You will need to download Malwarebytes, from below Download Link .
2. Once downloaded, double click the installer (Windows 7 & 8 users run as admin)
3. When installer is finished, you will be able to run Malwarebytes (Windows 7 & 8 again run as admin)
4. Go to the update tab and click “Check for Updates” (You can view where it’s located in the picture below)
5. Once Malwarebytes is finished updating you are now ready to scan
6. Click the “Scanner” tab and check “Preform quick scan”
7. Hit the “Scan” button below.

                                       Malwarebytes should start scanning once it’s finished if anything is detected you are able to click the “Removed selected” button which will remove all infections.  Depending on your infection you may have to restart your computer, make sure you do so to complete the cleaning.

Your system should now be virus free!

Download Link :  http://downloads.malwarebytes.org/mbam-download.php

OTL (OldTimer’s List-It) :

                         OTL by OldTimer is a flexible, multipurpose, diagnostic, and malware removal tool. It's useful for identifying changes made to a system by spyware, malware and other unwanted programs. It creates detailed reports of registry and file settings, and also includes advanced tools and scripting ability for manually removing malware.

 

 

 

                             OTL does not make any determination whether an entry is good or bad. For help diagnosing the logs generated, view the tutorial, or ask for free assistance.

                          Sometimes malware will block OTL.exe by name, or all executables. In that case try one of these alternatives.

Download Link : http://zerosecurity.org/?wpdmdl=10

OTL.com: http://oldtimer.geekstogo.com/OTL.com
OTL.scr: http://oldtimer.geekstogo.com/OTL.scr
 

AdwCleaner :

                    is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer.  By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.

                             The types of programs that AdwCleaner targets are typically bundled with free programs that you download from the web.  In many cases when you download and install a program, the install will state that these programs will be installed along with the program you downloaded.  Unless you perform a Custom install, these unwanted programs will automatically be installed on your computer leaving you with extra browser toolbars, adware, and other unwanted programs.  AdwCleaner is designed to search for and remove these types of programs.


To see the latest changes to this program, you can visit its changelog at:
http://general-changelog-team.fr/~xplode/Changelogs/CG_AdwCleaner_EN.txt

Download Link : http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

FortiCleanup :

                        is a tool developed to identify and cleanse systems of malicious rootkit files and their associated malware.

Download Link : http://www.fortiguard.com/files/FortiCleanup_2.1.15.exe

Junkware :

                             is a powerful utility, which will remove any piece of malware within Internet Explorer, Firefox or Google Chrome, on on your computer

           
                        this utility will display a log with the malicious files and registry keys that were removed from your computer.

Download Link : http://thisisudax.org/downloads/JRT.exe

RogueKiller :

                Malware will often add its malicious registry keys to your Windows installation, to remove them we will need to perform a scan with RogueKiller.

Download Link : http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

HitmanPro :

                is a cloud on-demand scanner, which scan your computer with 5 antivirus engines for any type of malware.

Download Link : http://malwaretips.com/download-hitmanpro

RKill :

                  is a program that will attempt to terminate all malicious processes that are running on your machine, so that we will be able to perform the next step without being interrupted by this malicious software.

               Because this utility will only stops the running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again.

Download Link : http://www.bleepingcomputer.com/download/rkill/dl/11/

Kaspersky TDSSKiller :

                             As part of its self defense mechanism, some types of malware will install a rootkit on the infected computer, which will compromise the Windows loading process.In this first step, we will run a system scan with Kaspersky TDSSKiller to remove this rootkit

Download Link : http://support.kaspersky.com/downloads/utils/tdsskiller.exe

SOPHOS Virus Removal Tool :

                      

                             Using cutting edge technology found in our enterprise-grade software, this powerful tool detects all types of malicious software on your computer—including viruses, spyware, rootkits and Conficker—and returns it to a working state.

                
             The tool has direct access to virus data from SophosLabs, our global network of threat researchers, ensuring that even the very latest viruses are detected and removed. And it works alongside your existing antivirus.

Download Link : http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download-now.aspx

Eset Malware Removal Tools Link :

http://kb.eset.com/esetkb/index?page=content&id=SOLN2372&locale=en_US

Symantec Malware Removal Tools Link :

www.symantec.com/security_response/removaltools.jsp

Thanks,

RRN Technologies

IPv6 - Security Assessment Tool

THC-IPv6: 

               complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library.

 

 

THC_IPV6 ATTACK TOOLKIT comes already with lots of effective attacking tools

 - parasite6: icmp neighbor solitication/advertisement spoofer, puts you
   as man-in-the-middle, same as ARP mitm (and parasite)
 - alive6: an effective alive scanng, which will detect all systems
   listening to this address
 - dnsdict6: parallized dns ipv6 dictionary bruteforcer
 - fake_router6: announce yourself as a router on the network, with the
   highest priority
 - redir6: redirect traffic to you intelligently (man-in-the-middle) with
   a clever icmp6 redirect spoofer
 - toobig6: mtu decreaser with the same intelligence as redir6
 - detect-new-ip6: detect new ip6 devices which join the network, you can
   run a script to automatically scan these systems etc.
 - dos-new-ip6: detect new ip6 devices and tell them that their chosen IP
   collides on the network (DOS).
 - trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
 - flood_router6: flood a target with random router advertisements
 - flood_advertise6: flood a target with random neighbor advertisements
 - fuzz_ip6: fuzzer for ipv6
 - implementation6: performs various implementation checks on ipv6
 - implementation6d: listen daemon for implementation6 to check behind a FW
 - fake_mld6: announce yourself in a multicast group of your choice on the net
 - fake_mld26: same but for MLDv2
 - fake_mldrouter6: fake MLD router messages
 - fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
 - fake_advertiser6: announce yourself on the network
 - smurf6: local smurfer
 - rsmurf6: remote smurfer, known to work only against linux at the moment
 - exploit6: known ipv6 vulnerabilities to test against a target
 - denial6: a collection of denial-of-service tests againsts a target
 - thcping6: sends a hand crafted ping6 packet

Download Link : http://www.thc.org/releases/thc-ipv6-2.3.tar.gz

Or                         https://github.com/gebi/thc-ipv6

Topera: invisible IPv6 scanner 

                     is that it is capable to do IPv6 scanning that are not detected by Snort, or systems based on their IDS engine (Checkpoint or Juniper, for example).

 

 Video :

Download Link : http://code.google.com/p/topera/downloads/list

Nmap 6 ( Network Mapper )

         Nmap has a similar but separate OS detection engine specialized for IPv6. At a high level, the technique is the same: send probes, collect responses, and match the set of responses against a database. The differences are in the specific probes used, and in the way they are matched.

IPv6 OS detection is used just like IPv4. Just use the -6 and -O options together. For example, nmap -6 -O <target>.

 

./nmap -6 -sF -f -P0 ::1
Available scans:
-sT : tcp connect scan
-sS : SYN scan
-sA : ACK scan (needs more testing)
-sW : Window scan (needs more testing)
-sF : FIN scan
-sX : Xmas tree scan
-sN : Null scan
-sU : UDP scan

Document Link : http://nmap6.sourceforge.net/files/tfe_nmap_ipv6.pdf

Download Link : http://nmap.org/download.html

IPv6 Toolkit v1.5 :

                       SI6 Networks' IPv6 toolkit is a set of IPv6 security/trouble-shooting tools, that can send arbitrary IPv6-based packets.

 

List of Tools

• addr6: An IPv6 address analysis and manipulation tool.
• flow6: A tool to perform a security asseessment of the IPv6 Flow Label.
• frag6: A tool to perform IPv6 fragmentation-based attacks and to perform a security assessment of a number of fragmentation-related aspects.
• icmp6: A tool to perform attacks based on ICMPv6 error messages.
• jumbo6: A tool to assess potential flaws in the handling of IPv6 Jumbograms.
• na6: A tool to send arbitrary Neighbor Advertisement messages.
• ni6: A tool to send arbitrary ICMPv6 Node Information messages, and assess possible flaws in the processing of such packets.
• ns6: A tool to send arbitrary Neighbor Solicitation messages.
• ra6: A tool to send arbitrary Router Advertisement messages.
• rd6: A tool to send arbitrary ICMPv6 Redirect messages.
• rs6: A tool to send arbitrary Router Solicitation messages.
• scan6: An IPv6 address scanning tool.
• tcp6: A tool to send arbitrary TCP segments and perform a variety of TCP-based attacks.

  Download Link : https://github.com/fgont/ipv6toolkit

Or http://www.si6networks.com/tools/ipv6toolkit/ipv6toolkit-v1.4.1.tar.gz

Halfscan6 :

               An IPv6 tcp port scanner 

Download Link : http://www.habets.pp.se/synscan/files/halfscan6-0.2.tar.gz

NGrep (Network Grep)  :

                            is a network packet analyzer. It runs under the command line, and relies upon the pcap library and the GNU regex library.

                            NGrep is an open source application, and the source code is available to download from the ngrep site at SourceForge. It can be compiled and ported to multiple platforms, it works in many UNIX-like operating systems: Linux, Solaris, BSD, AIX, and also works on Microsoft Windows.

 

 Download Link : http://ngrep.sourceforge.net/download.html

IP6sic - IPv6 Stack Integrity Checker

                       ip6sic is a tool for stress testing an IPv6 stack implementation. It works in a way much similar to isic which lives over here. It was developed mainly on FreeBSD and is known to work on OpenBSD and Linux. Theoretically, it should work wherever libdnet works.

Download Link : http://prdownloads.sourceforge.net/ip6sic/ip6sic-0.1.tar.gz?download

    

Database Server Vulnerability Scanner / Penetration Testing Toolkit

Scuba :

             Scuba is a free tool that scans leading enterprise databases for security vulnerabilities and configuration flaws, including patch levels. Reports deliver actionable information to quickly reduce risk, and regular vulnerability updates ensure that Scuba keeps pace with new threats.

Use Scuba to:

• Automate vulnerability discovery
• Secure infrastructure and measure compliance
• Prioritize risk and focus remediation resources
• Safely test enterprise class databases
  
  
  Download Link : https://www.imperva.com/lg/lgw.asp?pid=213  

 Safe3SI :

              is one of the most powerful and easy usage penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database,to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

 Download Link : http://sourceforge.net/projects/safe3si/files/

DBPwAudit :

                 is a Java tool that allows you to perform online audits of password quality for several database engines. The application design allows for easy adding of additional database drivers by simply copying new JDBC drivers to the jdbc directory. Configuration is performed in two files, the aliases.conf file is used to map drivers to aliases and the rules.conf tells the application how to handle error messages from the scan.

Download Link : http://www.cqure.net/tools/dbpwaudit_0_8.zip

McAfee Vulnerability Manager :

                             for Databases automatically discovers databases on your network, determines if the latest patches have been applied, and tests for common weaknesses such as weak passwords, default accounts, and other common threats. Vulnerability Manager for Databases conducts more than 4,700 vulnerability checks against leading database systems, including Oracle, SQL Server, DB2, and MySQL.

Download Link : http://www.mcafee.com/apps/downloads/free-evaluations/default.aspx?region=us&pid=15970

AppDetectivePro :

                          is a database scanner that empowers professionals to scan databases for vulnerabilities, configuration issues, weak passwords, missing patches, access control concerns, and other issues that can lead to user privilege escalation. As complex as databases are, AppDetectivePro provides a cost-effective solution to provide the following:

Download Link : http://info.appsecinc.com/WebsiteAppDEval_LandingPage.html?ldt=Eval&ls=Web%20Referral&lst=Website&ld=AppD%20Eval

SQLdict :

         is a dictionary attack tool for SQL Server. SQLdict is a basic single ip brute-force MS SQL Server password utility that can carry out a dictionary attack against a named SQL account.

        The use of this tool is simple you just specify the IP address you are attacking, the user account you are up against and then load an appropriate wordlist to try via the Load Password File button

Download Link : http://ntsecurity.nu/downloads/sqldict.exe

Oscanner : 

                is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do:

- Sid Enumeration
- Passwords tests (common & dictionary)
- Enumerate Oracle version
- Enumerate account roles
- Enumerate account privileges
- Enumerate account hashes
- Enumerate audit information
- Enumerate password policies
- Enumerate database links

Download Link :

Version 1.0.6 source oscanner_src_1_0_6.zip
Version 1.0.6 binary oscanner_bin_1_0_6.zip

Oracle Auditing Tool :

                                 Exploits some of the known vulnerabilities of Oracle. Includes SID Enumeration, Passwords tests [common/ dictionary]. Supports attachment of malformed shell codes with TCP packets for crashing the remote server or gain DBA privileges on it.

 Download Link : http://sourceforge.net/projects/oracleauditor/files/latest/download

 

Secure Oracle Auditor :

                                   is an Oracle auditing and Oracle security vulnerability assessment software which is capable of scanning multiple Oracle database servers. This Oracle security software provides Oracle audit tools, Oracle password tools, database scanner software and Oracle security tools for penetration testing.  Secure Oracle Auditor™ identifies the database security threats in Oracle database that contains significant and precious information which is essential for the organization's success.

Download Link : http://www.secure-bytes.com/register.php

Secure SQL Auditor (SQA) :

                                        is a SQL security software that conducts database server security auditing & includes vulnerability assessment tools for SQL database server. It is a network based SQL security assessment tool capable of scanning multiple database servers. Secure SQL Auditor™ performs the massive task of identifying vulnerabilities and threats present in MS SQL database server. It helps administrators in closing loopholes which provide direct access to SQL database servers and lead to monetary, reputational and informational losses.

Download Link : http://www.secure-bytes.com/register.php

Packet Analyzer / Network Analyzer / Protocol Analyzer / Packet Sniffer Tool

Wireshark :

           Wireshark is a network protocol analyzer for Unix and Windows. is a free and open-source packet analyzer.

Packet Analysis Made Easy

• Visually rich, powerful LAN analyzer
• Quickly access very large pcap files
• Professional, customizable reports
• Advanced triggers and alerts

               It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.

Download Link : http://www.wireshark.org/download.html

NetworkMiner :

                    is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic.

Features

• Network Forensics
• Network Sniffing
• PCAP Parser
• Digital Forensics
• Packet Sniffer

 Download Link : http://sourceforge.net/projects/networkminer/files/latest/download

 

Capsa :

         is a portable network analyzer application for both LANs and WLANs which performs real-time packet capturing capability, 24x7 network monitoring, advanced protocol analysis, in-depth packet decoding, and automatic expert diagnosis. Capsa gives you a comprehensive and high-level window to your entire network, helps network administrators or network engineers quickly pinpoint and resolve application problems, Capsa has the most user friendly user interface and post powerful data packet capture and analysis engine in the industry.

        

                         Capsa Enterprise is the most robust packet sniffer and packet analysis application available. Capsa's Overview Dashboard and drill down functionality makes it easy enough for a SOHO Network Manager but powerfull enough for a Distributed Enterprise Network Engineer.

Download Link : http://www.colasoft.com/download/products/download_capsa.php

 

CommView :

                 is a powerful network monitor and analyzer designed for LAN administrators, security professionals, network programmers, home users…virtually anyone who wants a full picture of the traffic flowing through a PC or LAN segment. Loaded with many user-friendly features, CommView combines performance and flexibility with an ease of use unmatched in the industry. 

 

This application captures every packet on the wire to display important information such as a list of packets and network connections, vital statistics, protocol distribution charts, and so on. You can examine, save, filter, import and export captured packets, view protocol decodes down to the lowest layer with full analysis of over 70 widespread protocols. With this information, CommView can help you pinpoint network problems and troubleshoot software and hardware.

Download Link : http://www.tamos.com/bitrix/redirect.php?event1=download&event2=commview&event3=cv6&goto=/files/cv6.zip

Microsoft Network Monitor 3.4:
                              Tool to allow capturing and protocol analysis of network traffic.

 

Network Monitor 3.4 is a protocol analyzer. It allows you to capture network traffic and view and analyze it. Microsoft is working on its successor, Microsoft Message Analyzer

Download Link : http://www.microsoft.com/en-us/download/details.aspx?id=4865 

 

Dsniff :

         is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI. 

Download Link : http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz

Tcpdump :

              is the network sniffer we all used before (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI and parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with less security risk. It also requires fewer system resources. While Tcpdump doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity.

Download Link : http://www.tcpdump.org/#latest-release

Thanks,

RRN Technologies Team

 

VoIP Vulnerability Scanner / Penetration Testing Tool

VoIP ( Voice Over IP ) Security Assessment Tool :

  Viproy :
              Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
10 different modules with authentication support: options tester, brute forcer, enumerator, invite tester, trust analyzer, proxy and registration tester. All attacks could perform before and after authentication to fuzz SIP services and value added services.

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf

Viproy is a tool for testing SIP servers security, the Session Initiation Protocol is widely used for voice and video calls over IP, the software comes with different modules performing specific tasks, all of the modules support debugging and verbose mode, this is a Linux only command line tool, instructions are included and it should not be difficult for a Linux beginner to understand them. - See more at: http://www.hacker10.com/tag/voip-penetration-testing/#sthash.vcWe7zby.dpuf

Video :

 More Info : http://viproy.com/voipkit/

Download Link : https://github.com/fozavci/viproy-voipkit/archive/master.zip

SIPVicious : ( Tools for auditing SIP based VoIP systems )

          SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of four tools:

• svmap - this is a sip scanner. Lists SIP devices found on an IP range
• svwar - identifies active extensions on a PBX
• svcrack - an online password cracker for SIP PBX
• svreport - manages sessions and exports reports to various formats
• svcrash - attempts to stop unauthorized svwar and svcrack scans

Download Link : http://code.google.com/p/sipvicious/downloads/list

VAST : ( VIPER Assessment Security Tools )

                          VAST is a Linux-based security distribution specifically designed for pentesting VoIP and UC networks. It enables security professionals and UC administrators to rapidly perform VoIP security assessments and enumerate vulnerabilities in IP Phones or IP PBX servers in a lab environment. With VAST, a security consultant has every tool necessary to carry out a successful onsite or remote penetration test or vulnerability assessment against a UC network. VAST is built on Mint Linux 13 and includes all of the open source VIPER Lab tools, in addition to some other network pentest tools.

Download Link : http://sourceforge.net/projects/vipervast/files/

SiVuS - VoIP vulnerability scanner

                        SiVuS is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations and it is used by VoIP product vendors, security consultants, network architects, researchers and students. We encourage our community to provide us with feedback so we can enhance the current implementation and support the efforts to strengthen the security of VoIP networks.

More Info : http://nil.uniza.sk/sip/tools/sivus-voip-vulnerability-scanner

 

Download Link : http://www.voip-security.net/index.php/downloads/security/summary/30/299

FreeSentral :

              is a full IP PBX consisting of a Linux Distribution, an IP PBX and a Web Graphical User Interface for easy configuration.

Features

• Define, group extensions
• Set dial plan
• Direct Inward Calling
• Set Auto Attendant
• Music on hold
• Short Dialing
• Set call forwarding
• Voicemail
  
  

                                   For all security audits on VoIP systems, FreeSental can make a quick and easy solution to implement. It can therefore be used as a training platform for testing VoIP vulnerabilities and issues. See here our VoIP tools collection to help you auditing and scanning.

 Download Link : http://www.freesentral.com/index.php/Download/Download

 Thanks,

RRN Technologies

Best / Top Anti-Malware Tools List

Anti-Malware Tools List:

 Stinger :

              is a standalone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but a specialized tool to assist administrators and users when dealing with infected system. Stinger utilizes next-generation scan technology, including rootkit scanning, and scan performance optimizations. It detects and removes threats identified under the "Threat List" option under Advanced menu options in the Stinger application.

Download Link : http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger32.exe

Malicious Software Removal Tool :

                        Microsoft's Malicious Software Removal Tool does a good job of detecting and removing the most common viruses. The Malicious Software Removal Tool works with Windows 7, Vista, XP, and Server 2003. Microsoft releases updates to this tool on the second Tuesday of each month.

 

                      This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found.  

Download Link : http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

RootkitRemover :

                     McAfee Rootkit Remover is a stand-alone utility used to detect and remove complex rootkits and associated malware. Currently it can detect and remove ZeroAccess and TDSS family of rootkits. McAfee Labs plans to add coverage for more rootkit families in future versions of the tool.

                   McAfee also provides real-time, hardware enhanced rootkit protection for enterprises. McAfee Deep Defender, unlike traditional security and post infection tools, operates beyond the operating system to provide real-time kernel monitoring to reveal and remove advanced, hidden attacks.

Download Link : http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/rootkitremover.aspx

Spybot - Search & Destroy :

                      detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. The application checks the Windows registry, running processes, web browser cookies, local files and folders. It uses extensive, regularly updated parasite definitions database, which contains signatures of spyware, adware, keyloggers, trojans, browser hijackers and other malicious programs. Practically every aspect of Spybot-S&D can be customized. The user can modify various scan and startup specific settings, set the program to ignore certain objects, schedule system scans, apply different skins or languages (Spybot-S&D is translated into 51 languages). 

 

The program includes useful additional tools, which prevent browser hijacks, uninstall user-chosen software, unrecoverably delete specified files, display and allow changing system startup settings and other advanced options. Spybot-S&D implements powerful real-time protection that blocks malicious ActiveX scripts and keeps unsolicited software off the system.

 Download Link : http://www.safer-networking.org/mirrors/

ComboFix :

              is a freeware (a legitimate spyware remover created by sUBs), Combofix was designed to scan a computer for known malware, spyware (SurfSideKick, QooLogic, and Look2Me as well as any other combination of the mentioned spyware applications) and remove them,ComboFix allows the manual removal of spyware infections , It ‘s a specialized effective cleaning tool, which is useful compared to other malware and spyware removers.

           After Combofix finished,a report will be created. You can use this report to search and remove infections which are not automatically removed.

Download Link : http://www.combofix.org/link/downloadsdat.php

HijackThis :

               is a free utility that generates an in depth report of registry and file settings from your computer. HijackThis makes no separation between safe and unsafe settings in its scan results giving you the ability to selectively remove items from your machine. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.

Advanced users can use HijackThis to remove unwanted settings or files.

Source code is available on the SVN server under Code and also as a zip file under Files.

Download Link : http://sourceforge.net/projects/hjt/ 

Klez Removal Tool :

                  McAfee Klez Removal Tool helps you detect and remove any variation of the Klez virus from your computer. Based on the award-winning McAfee^® VirusScan^® software, the Klez Removal Tool searches for and deletes variants of the Klez virus, including any file infected by the virus payload.

Download Link : http://home.mcafee.com/VirusInfo/SpecialVirusRemovalTool.aspx?viruskey=klez#

Bugbear Removal Tool :

                     McAfee Bugbear Removal Tool helps you detect and remove any variation of the Bugbear virus from your computer. Based on the award-winning McAfee^® VirusScan^® software, the Bugbear Removal Tool searches for and deletes variants of the Bugbear virus, including any file infected by the virus payload.         

 Download Link : http://home.mcafee.com/virusinfo/SpecialVirusRemovalTool.aspx?viruskey=bugbear

 Online Tools List :

 HouseCall :

             Trend Micro’s HouseCall has been around for years and has earned an excellent reputation. It’s available in a 32-bit version for XP and in both 32-bit and 64-bit versions for Vista, Win7, and Win8. 

 

Link / Url : http://housecall.trendmicro.com/

 ESET’s Online Scanner :

                              is another tool with a long pedigree and a well-deserved reputation for excellence. It’s not particularly fast, but it is nicely configurable. For example, the scanner’s Advanced settings let you select which drives to scan — even remote networked drives. It will also scan inside archives (e.g., .zip files), which not all scanners can do. You can select the depth of the scan, such as looking for potentially unwanted and/or unsafe applications.

ESET’s scanner runs on all current versions of Windows (XP through Win 8) and comes in both 32- and 64-bit flavors. Unlike its competitors, it’s also available in two versions based on your choice of browser. If you download Online Scanner via Internet Explorer, you’ll get an in-browser, ActiveX version. Downloading the scanner with another browser (e.g., Chrome or Firefox) installs a non-ActiveX version that runs outside the browser. Both versions work identically

 Link / Url : http://www.eset.com/us/online-scanner/

Live CD :

F-Secure’s Rescue CD :

                   is at the other end of the usability spectrum. It’s a Linux-based tool with a minimalistic, DOS-style text interface (see Figure 6). It’s not point-and-click; you navigate with arrow-key and keystroke entries.

              Rescue CD contains Knoppix (a derivative of Linux), an operating system that runs completely from the CD and allows access to your computer's Windows operating system and hard disks.

Note: the Rescue CD cannot scan encrypted disks.

Download Link : http://download.f-secure.com/estore/rescue-cd-3.16-52606.iso

 

Best Secure Source Code Analysis Tools

Secure Source Code Analysis tools :

                                                are designed to analyze source code and/or compiled version of code in order to help find security flaws. Ideally, such tools would automatically find security flaws with a high degree of confidence that what is found is indeed a flaw.

                                             Throughout the SDLC there are points at which an application security consultant should get involved. Performing security activities across the lifecycle has proven to be  far more cost-effective than either a “big design up front” security effort or a single pre-production security review. The reason for intervening at regular intervals is that potential issues can be   detected early on in the development life cycle where they are less costly to address. 

                                               Integration of security code review into the System Development Life Cycle (SDLC) can yield dramatic results to the overall quality of the code developed. Security code review is not a silver bullet, but is part of a healthy application development diet. Consider it as one of the layers in a defense-in-depth approach to application security. Security code review is also a cornerstone of the approach to developing secure software. The idea of integrating a phase into your SLDC may sound daunting, yet another layer of complexity or an additional cost, but in the long term and in today's cyber landscape it is cost effective, reputation building, and in the best interest of any business to do so.

Waterfall SDLC Example

1. Requirements definition
   1. Application Security Requirements
2. Architecture and Design
   1. Application Security Architecture and/or Threat Model
3. Development
   1. Secure Coding Practices
   2. Security Testing
   3. Security Code Review
4. Test
   1. Penetration Testing
5. Deployment
   1. Secure Configuration Management
   2. Secure Deployment
6. Maintenance

Agile Security Methodology Example

1. Planning
   1. Identify Security Stakeholder Stories
   2. Identify Security Controls
   3. Identify Security Test Cases
2. Sprints
   1. Secure Coding
   2. Security Test Cases
   3. Peer Review with Security
3. Deployment
   1. Security Verification (with Penetration Testing and Security Code Review).
      
   
   LAPSE Project By OWASP :
                                 is an initiative to make available to developers and auditors a tool for detecting vulnerabilities in Java EE Applications. The project aims to put at their disposal a tool based on the static analysis of code, due to the importance and difficulty of this type of analysis to detect security flaws in Java EE Applications.
   
   
   
                                    LAPSE+ is a security scanner for detecting vulnerabilities of untrusted data injection in Java EE Applications. It has been developed as a plugin for Eclipse Java Development Environment, working specifically with Eclipse Helios and Java 1.6 or higher
   
   
   
                                      Vulnerabilities detected by LAPSE+ are related to the injection of untrusted data to manipulate the behavior of the application. This type of vulnerabilities are the most common in web applications. The vulnerability categories detected by LAPSE+ are enumerated below:
   
   
   
   • Parameter Tampering.
   • URL Tampering.
   • Header Manipulation.
   • Cookie Poisoning.
   • SQL Injection.
   • Cross-site Scripting (XSS).
   • HTTP Response Splitting.
   • Command Injection.
   • Path Traversal.
   • XPath Injection.
   • XML Injection.
   • LDAP Injection.
   
   You can download LAPSE+ and its tutorial in the following links:
   
   
   
   • LapsePlus_2.8.1.jar - LAPSE+ 2.8.1 plugin for Eclipse Helios.
   • LapsePlus_Tutorial.pdf - Tutorial for the installation and use of LAPSE+..
   
   O2 platform Project By OWASP :
                     
                               is designed to Automate Security Consultants Knowledge and Workflows and to Allow non-security experts to access and consume Security Knowledge.
   
                               O2 can also be a very powerful prototyping and fast-development tool for .NET. Most O2 APIs are written using a Fluent API design, and its core has been published as a separate project called FluentSharp (hosted at CodePlex).
   
   
   
   
   

Which looks like below Snapshot :

Install VisualStudio Extension

                          O2 Platform is also available as a VisualStudio Extension which you can download from VisualStudio Gallery (see VisualStudio C# REPL - O2 Platform) or directly using VisualStudio's Extension Manager:

Download Stand-Alone Application

You can run all O2 Tools and Scripts using the stand-alone executable which you can download from:

O2 Platform - Main O2 Gui v5.3.exe

FxCop :

           is an application that analyzes managed code assemblies (code that targets the .NET Framework common language runtime) and reports information about the assemblies, such as possible design, localization, performance, and security improvements.

            FxCop is a code analysis tool that checks .NET managed code assemblies for conformance to the Microsoft .NET Framework Design Guidelines. It uses MSIL parsing, and callgraph analysis to inspect assemblies for more than 200 defects in the following areas:

• Library design
• Globalization
• Naming conventions
• Performance
• Interoperability and portability
• Security
• Usage

                          FxCop includes both GUI and command line versions of the tool and supports analyzing .NET 1.x, .NET 2.0 and .NET 3.x components.

            

          FxCop is intended for class library developers. However, anyone creating applications that should comply with the .NET Framework best practices will benefit. FxCop is also useful as an educational tool for people who are new to the .NET Framework or who are unfamiliar with the .NET Framework Design Guidelines.

          FxCop is designed to be fully integrated into the software development cycle and is distributed as both a fully featured application that has a graphical user interface (FxCop.exe) for interactive work, and a command-line tool (FxCopCmd.exe) suited for use as part of automated build processes or integrated with Microsoft Visual Studio® .NET as an external tool.

Download Link : http://archive.msdn.microsoft.com/codeanalysis/Release/ProjectReleases.aspx?ReleaseId=553

Rough Auditing Tool for Security (RATS)  :

                         a rough auditing tool for security, originally developed by Secure Software Inc. It is a tool for scanning C, C++, Perl, PHP, Python (and soon Ruby) source code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions. 

As its name implies, the tool performs only a rough analysis of source code. It will not find every error and will also find things that are not errors. Manual inspection of your code is still necessary, but greatly aided with this tool.

Download Link : http://code.google.com/p/rough-auditing-tool-for-security/downloads/list

Splint :

            is a tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done by any standard lint

Splint Manual :
              A comprehensive guide to using Splint. [HTML] [PS] [PDF]

Download :
              http://www.splint.org/download.html

Yasca:

           is a source code analysis tool that I started writing in 2007. It could best be described as a "glorified grep script" plus an aggregator of other open-source tools. 

           Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code, integrating with other open-source tools as needed.

          Yasca can scan source code written in Java, C/C++, HTML, JavaScript, ASP, ColdFusion, PHP, COBOL, .NET, and other languages. Yasca can integrate easily with other tools, including:

• FindBugs
• PMD
• JLint
• JavaScript Lint
• PHPLint
• CppCheck
• ClamAV
• RATS
• Pixy

            Yasca is designed to be very flexible and easy to extend. In fact, writing a new rule is as easy as coming up with a regular expression, the file extensions it applies to, and the name of your new rule. Place that information in a text file in the plugin directory, and run Yasca!

            Yasca has been migrated to Github, and is available at http://scovetta.github.com/yasca and http://github.com/scovetta/yasca.

Download Link : http://sourceforge.net/projects/yasca/

RIPS :

        is a static source code analyser for vulnerabilities in PHP webapplications. It was released during the Month of PHP Security.

Features

• detect XSS, SQLi, File disclosure, LFI/RFI, RCE vulnerabilities and more
• 5 verbosity levels for debugging your scan results
• mark vulnerable lines in source code viewer
• highlight variables in the code viewer
• user-defined function code by mouse-over on detected call
• active jumping between function declaration and calls
• list of all user-defined functions (defines and calls), program entry points (user input) and scanned files (with includes) connected to the source code viewer
• graph visualization for files and includes as well as functions and calls
• create CURL exploits for detected vulnerabilties with few clicks
• visualization, description, example, PoC, patch and securing function list for every vulnerability
• 7 different syntax highlighting colour schemata
• display scan result in form of a top-down flow or bottom-up trace
• only minimal requirement is a local webserver with PHP and a browser (tested with Firefox)
• regex search function

 Download Link : http://sourceforge.net/projects/rips-scanner/files/latest/download

Agnitio :

             A tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting.

Features

• Security code reviews
• Security code review metrics and reporting
• Application security code review tool
• Static analysis security guidance and reporting

Download Link : http://sourceforge.net/projects/agnitiotool/files/latest/download

Thanks,

RRN Technologies Team.