--------------------------------------------------------------------------------
#76 Burpsuite: A web program attack integration platform
Burp suite allows attackers to combine manual and automatic technologies to enumerate, analyze, and attack web programs. These different burp tools work together to effectively share information, and support the use of information in one tool for another to launch an attack.
--------------------------------------------------------------------------------
#77 Brutus: A network verification brute force\breaker\solver
This brute force cracker on Windows platform guesses the remote system network service password through dictionary. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, etc. The source code is not open, and similar software on the UNIX platform includes THC Hydra.
--------------------------------------------------------------------------------
#78 Unicornscan: Alternative Port Scanner
Unicornscan is a port scanner that obtains information and associations by trying to connect to a user-land distributed TCP/IP stack. It attempts to provide researchers with a super interface that can stimulate TCP/IP devices and networks and measure feedback. Its main functions include asynchronous stateless TCP scanning with all TCP variant markers, asynchronous stateless TCP flag capture, and obtaining active/passive remote operating system, application, and component information through analysis of feedback information. It is an alternative scanner like Scanrand.
--------------------------------------------------------------------------------
#79 Stunnel: A wide range of SSL encapsulator
stunnel is used to encapsulate SSL encryption between remote clients and local machines (inetd-startable that can start inetd) or remote servers. It can add SSL functions to the general POP2, POP3 and IMAP servers that use inetd daemon without modifying any code. It establishes an SSL connection by using OpenSSL or SSLeay library.
--------------------------------------------------------------------------------
#80 Honeyd: Your private honeypot system
Honeyd is a small daemon that can create virtual hosts on the network. The services and TCP of this virtual host can be configured to appear to be running some kind of operating system on the network. Honeyd can make a host simulate multiple addresses in a local area network to meet the requirements of the network experimental environment. Virtual hosts can be pinged or routed to them. Setting up the configuration file allows the virtual computer to simulate running any service. You can also use a service agent to replace service simulation. It has many libraries, so compiling and installing Honeyd is difficult.
--------------------------------------------------------------------------------
#81 Fping: A multi-host ping scanner at the same time
fping is a program similar to ping(1) (ping(1) is to reply to requests through ICMP (Internet Control Information Protocol) protocol to detect whether the host exists). The difference between Fping and ping is that you can specify the range of hosts to ping on the command line, or you can specify the host list file that contains the hosts to ping. Unlike ping that needs to wait for a certain host to connect to timeout or send feedback information, after ping sends a packet to one host, it immediately sends a packet to the next host, realizing ping of multiple hosts simultaneously. If a host pings, the host will be marked and removed from the waiting list. If there is no ping, it means that the host cannot arrive and the host will remain in the waiting list, waiting for subsequent operations.
--------------------------------------------------------------------------------
#82 BASE: Basic Analysis and Security Engine
BASE is a PHP-based analysis engine that can search and implement security events. Its security event database comes from security events generated by many intrusion detection systems, firewalls, and network detection tools. Its functions include a search generator and search interface for vulnerabilities; a packet browser (decoder); and can also generate status diagrams based on time, sensors, signals, protocols, and IP addresses.
--------------------------------------------------------------------------------
#83 Argus: IP Network Transaction Review Tool
Argus is a fixed model real-time traffic monitor used to track and report the status and performance of all transactions in the data network communication flow. Argus customizes a data format for traffic evaluation, including connectivity, capacity, requests, packet loss, latency, and fluctuations, as elements of evaluating transactions. This data format is flexible and easy to expand, supports common traffic identification and measurement, and can also obtain information about the specified application/protocol.
--------------------------------------------------------------------------------
#84 Wikto: Web server evaluation tool
Wikto is a tool for checking for vulnerabilities in web servers. It's similar to Nikto, but adds a lot of other features, such as a backend excavator that integrates Google. Wikto works in MS..NET environment, and you need to register to download this software and source code.
--------------------------------------------------------------------------------
#85 Sguil: Network Security Monitor Command Line Analyzer
Sguil (pronounced by sgweel) is a network security analysis tool produced by network security analysts. The main component of Sguil is a Snort/barnyard real-time event display interface. It also includes some auxiliary tools for network security monitoring and event-driven intrusion detection system analysis reports.
--------------------------------------------------------------------------------
#86 Scanrand: An exceptionally fast stateless network service and topological structure discovery system
Scanrand is a stateless host discovery and port scanning tool similar to Unicornscan. It trades for exceptionally fast speeds in reduced reliability, and also uses encryption technology to prevent hackers from modifying scan results. This tool is part of Paketto Keiretsu produced by Dan Kaminsky.
--------------------------------------------------------------------------------
#87 IP Filter: A compact UNIX packet filter
IP Filter is a software package that can implement network address translation (NAT) or firewall service functions. It can be used as a core module of UNIX or not embedded in the core. It is highly recommended to use it as a core module of UNIX. Use scripts to install and patch system files. IP Filter is built into FreeBSD, NetBSD and Solaris. OpenBSD can use Openbsd PF, and Linux users can use Netfilter.
--------------------------------------------------------------------------------
#88 Canvas: A comprehensive vulnerability detection framework
Canvas is a vulnerability detection tool produced by Aitel’s ImmunitySec. It contains more than 150 vulnerabilities, it is a bit cheaper than Core Impact, but it is also worth thousands of dollars. You can also create vulnerabilities by dragging and dropping on the graphical interface by purchasing VisualSploit Plugin. Canvas occasionally finds some ODay vulnerabilities.
--------------------------------------------------------------------------------
#89 VMware: Multi-platform virtual software
VMware virtual software allows you to virtually run another system in one system. This is very useful for security experts to test code and vulnerabilities on multiple platforms. It only runs on Windows and Linux platforms, but it can virtually run almost all x86 operating systems. It is also very useful for building sandboxes. Infecting malware on VMware virtual systems will not affect the host machine. The infected virtual system can be restored by loading snapshot files. VMware cannot create image files for virtual systems. VMware just recently announced it's free. Another virtual platform software that has attracted much attention on Linux is Xen.
--------------------------------------------------------------------------------
#90 Tcptraceroute: A routing tracking tool based on TCP packets
Modern networks widely use firewalls, resulting in the (ICMP echo) or UDP) packets issued by traditional routing tracking tools being filtered out, so full routing cannot be carried out. Nevertheless, in many cases, the firewall allows inbound TCP packets to reach specified ports through the firewall, which are used by some programs and external connections behind the in-host firewall. By sending TCP SYN packets instead of UDP or ICMP answer packets, tcptraceroute can penetrate most firewalls.
--------------------------------------------------------------------------------
#91 SAINT: Comprehensive Security Management Network Tool
Like Nessus, ISS Internet Scanner and Retina, SAINT is also a commercial vulnerability assessment tool. It used to be a free open source tool running on UNIX systems, but now it's a fee.
--------------------------------------------------------------------------------
#92 OpenVPN: Full-featured SSL VPN solution
OpenVPN is an open source SSL VPN toolkit that can implement many functions, including remote login, station-to-site VPN, WiFi security, enterprise-level remote login solution with load balancing, node control handover (failover), and strict access control. OpenVPN runs on OSI layer 2 or layer 3 secure networks, uses SSL/TLS industry standard protocols, supports flexible client verification methods based on certificates, smart cards, and binary verification, allowing firewall rules to be used on the VPN virtual interface as the access control policy for users or specified user groups. OpenVPN uses OpenSSL as its preferred encryption library
--------------------------------------------------------------------------------
#93 OllyDbg: Assembly-level Windows debugger
OllyDbg is a 32-bit assembly-level analysis debugger on Microsoft Windows platform. Because it directly analyzes binary code, it is very useful when source code is not available. OllyDbg contains a graphical user interface, its advanced code analyzer can identify processes, loops, API calls, exchanges, tables, constants, and strings. It can load runtime programs and support multi-threading. OllyDbg can be downloaded for free, but is not open source.
--------------------------------------------------------------------------------
#94 Helix: A Linux version that focuses on security protection
Helix is a custom version of Knoppix self-booting Linux disc system. Helix is much more than a self-boot disc. In addition to booting the CD into a custom Linux environment, it also has super hardware support capabilities, including many software to deal with various problems. Helix should try to contact the host's soft and hard resources as little as possible. Helix does not automatically load swap space and does not automatically load any other peripheral devices. Helix can also automatically load Windows to deal with unexpected situations.
--------------------------------------------------------------------------------
#95 Bastille: Security Enhanced Scripts for Linux, Mac OS X and HP-UX
Bastille makes the operating system solid, reducing the possibility of the system being at risk and increasing the security of the system. Bastille can also evaluate the current security of the system, periodically reporting each security setup and its working conditions. Bastille currently supports Linux versions such as Red Hat (Fedora Core, Enterprise and Numbered/Classic), SUSE, Debian, Gentoo and Mandrake, as well as HP-UX and Mac OS X. Bastille is designed to enable system users and administrators to understand how to harden the system. In its default rugged mode, it constantly asks users questions and explains these questions, selecting different response strategies based on the user's different answers to the questions. In its evaluation mode, it generates a report designed to tell the user which security settings are available, and also prompts the user which settings are hardened.
--------------------------------------------------------------------------------
#96 Acunetix Web Vulnerability Scanner: Commercial Vulnerability Scanner
Acunetix WVS automatically checks for vulnerabilities in your webpage program, such as SQL injection, cross-site scripting, and verification of page weak password cracking. Acunetix WVS has a very friendly user interface and can also generate personalized website security assessment reports.
--------------------------------------------------------------------------------
#97 TrueCrypt: Open source Windows and Linux disk encryption software
TrueCrypt is a very excellent open source disk encryption system. Users can encrypt the entire file system, which can be encrypted/decrypted in real time without user interference, as long as the password is entered in advance. The very clever hidden volume feature allows you to encrypt particularly sensitive content in a second layer to hide its existence. So even if the password of the encryption system is exposed, the hacker does not know that there is still hidden content.
--------------------------------------------------------------------------------
#98 Watchfire AppScan: Commercial Web Vulnerability Scanner
AppScan performs security testing according to the application development life cycle, and performs unit testing and security assurance as early as the development stage. Appscan is able to scan for a variety of common vulnerabilities such as cross-site scripting, HTTP response cutout, parameter tampering, hidden value tampering, backdoor/debug options, and buffer overflow.
--------------------------------------------------------------------------------
#99 N-Stealth: Web Server Scanner
N-Stealth is a web server security scanner. It is upgraded more frequently than free web scanners such as Whisker/libwhisker and Nikto, but the claim on its website that it can scan 30,000 vulnerabilities and exploits and dozens of vulnerabilities are added every day is questionable. Anti-intrusion tools like Nessus, ISS Internet Scanner, Retina, SAINT and Sara all contain web scanning components, which are difficult to update daily. N-Stealth runs on the Windows platform and is not open source.
--------------------------------------------------------------------------------
#100 MBSA: Microsoft Baseline Security Analyzer
Microsoft Baseline Security Analyzer (MBSA) is a simple and easy-to-use tool that helps IT professionals detect the security of their small and medium-sized commercial applications, compare user systems with Microsoft security recommendations, and provide specific suggestions and guidance. Through collaboration with Windows’ built-in Windows Update Agent and Microsoft Update infrastructure, MBSA can ensure consistent data with other Microsoft management products, including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM)). MBSA scans an average of 3 million computers per week.
Previous page1234Read the full text