mercoledì 28 ottobre 2009

100 tools open source per la sicurezza informatica

Qualche mese fa (aprile) su jeromiejackson.com è stato pubblicato un elenco di strumenti relativi alla sicurezza Open Source. I tools - catalogati per esperti nel settore - sono ben 100

Eccoli:

1
Stockade
Virtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Others

2
Nessus
Open source vulnerability assessment tool

3
Snort
Intrusion Detection (IDS) tool

4
Wireshark
TCP/IP Sniffer- AKA Ethereal

5
WebScarab
Analyze applications that communicate using the HTTP and HTTPS protocols

6
Wikto
Web server assessment tool

7
BackTrack
Penetration Testing live Linux distribution

8
Netcat
The network Swiss army knife

9
Metasploit Framework
Comprehensive hacking framework

10
Sysinternals
Collection of windows utilities

11
Paros proxy
Web application proxy

12
Enum
Enumerate Windows information

13
P0F v2
Passive OS identification tool

14
IPPersonality
Masquerade IP Stack

15
SLAN
Freeware VPN utility

16
IKE Crack
IKE/IPSEC cracking utility

17
ASLEAP
LEAP cracking tool

18
Karma
Wireless client assessment tool- dangerous

19
WEPCrack
WEP cracking tool

20
Wellenreiter
Wireless scanning application

21
SiteDigger
Google hacking tool

22
Several DDOS Tools
Distributed Denial of Service(DDOS) tools

23
Achilles
Web Proxy Tool

24
Firefox Web Developer Tool
Manual web assessment

25
Scoopy
Virtual Machine Identification tool

26
WebGoat
Learning tool for web application pentests

27
FlawFinder
Source code security analyzer

28
ITS4
Source code security analyzer

29
Slint
Source code security analyzer

30
PwDump3
Dumps Windows 2000 & NT passwords

31
Loki
ICMP covert channel tool

32
Zodiac
DNS testing tool

33
Hunt
TCP hijacking tool

34
SniffIT
Curses-Based sniffing tool

35
CactiEZ
Network traffic analysis ISO

36
Inprotect
Web-based Nessus administration tool

37
OSSIM
Security Information Management (SIM)

38
Nemesis
Command-Line network packet manipulation tool

39
NetDude
TCPDump manipulation tool

40
TTY Watcher
Terminal session hijacking

41
Stegdetect
Detects stego-hidden data

42
Hydan
Embeds data within x86 applications

43
S-Tools
Embeds data within a BMP, GIF, & WAV Files

44
Nushu
Passive covert channel tool

45
Ptunnel
Transmit data across ICMP

46
Covert_TCP
Transmit data over IP Header fields

47
THC-PBX Hacker
PBX Hacking/Auditing Utility

48
THC-Scan
Wardialer

49
Syslog-NG
MySQL Syslog Service

50
WinZapper
Edit WinNT 4 & Win2000 log files

51
Rootkit Detective
Rootkit identification tool

52
Rootkit Releaver
Rootkit identification tool

53
RootKit Hunter
Rootkit identification tool

54
Chkrootkit
Rootkit identification tool

55
LKM
Linux Kernal Rootkit

56
TCPView
Network traffic monitoring tool

57
NMAP
Network mapping tool

58
Ollydbg
Windows unpacker

59
UPX
Windows packing application

60
Burneye
Linux ELF encryption tool

61
SilkRpoe 2000
GUI-Based packer/wrapper

62
EliteWrap
Backdoor wrapper tool

63
SubSeven
Remote-Control backdoor tool

64
MegaSecurity
Site stores thousands of trojan horse backdoors

65
Netbus
Backdoor for Windows

66
Back Orfice 2000
Windows network administration tool

67
Tini
Backdoor listener similar to Netcat

68
MBSA
Microsoft Baseline Security Analyzer

69
OpenVPN
SSL VPN solution

70
Sguil
An Analyst Console for network security/log Monitoring

71
Honeyd
Create your own honeypot

72
Brutus
Brute-force authentication cracker

73
cheops/ cheops-ng
Maps local or remote networks and identifies OS of machines

74
ClamAV
A GPL anti-virus toolkit for UNIX

75
Fragroute/Fragrouter
Intrusion detection evasion toolkit

76
Arpwatch
Monitor ethernet/IP address pairings and can detect ARP Spoofing

77
Angry IP Scanner
Windows port scanner

78
Firewalk
Advanced traceroute

79
RainbowCrack
Password Hash Cracker

80
EtherApe
EtherApe is a graphical network monitor for Unix

81
WebInspect
Web application scanner

82
Tripwire
File integrity checker

83
Ntop
Network traffic usage monitor

84
Sam Spade
Windows network query tool

85
Scapy
Interactive packet manipulation tool

86
Superscan
A Windows-only port scanner

87
Airsnort
802.11 WEP Encryption Cracking Tool

88
Aircrack
WEP/WPA cracking tool

89
NetStumbler
Windows 802.11 Sniffer

90
Dsniff
A suite of powerful network auditing and penetration-testing tools

91
John the Ripper
Multi-platform password hash cracker

92
BASE
The Basic Analysis and Security Engine- used to manage IDS data

93
Kismet
Wireless sniffing tool

94
THC Hydra
Network authentication cracker

95
Nikto
Web scanner

96
Tcpdump
TCP/IP analysis tool

97
L0phtcrack
Windows password auditing and recovery application

98
Reverse WWW Shell
Shell access across port 80

99
THC-SecureDelete
Ensure deleted files are unrecoverable

100
THC-AMAP
Application mapping tool


Fonte:
http://www.jeromiejackson.com/index.php/top-100-security-tools