Top 100 Security Assessment, Vulnerability Auditing, & Network Security Tools

En esta entrada dejo una recopilación de 100 utilidades de seguridad Open Source que he encontrado vía jeromiejackson.com, y que dejo publicada con el objetivo de revisar y comparar con el Top 100 Network Security Tools de sectools.org

Ni que decir tiene que esta recopilación tiene ya un tiempo, y que las urls puede que no funcionen o apunten a algún sitio fraudulento asi que ¡mucho ojito!

OrdenUtilidadDescripcionDirección
1StockadeVirtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Othershttp://www.comsecinc.com/stockade.php
2NessusOpen source vulnerability assessment toolhttp://www.nessus.org/
3SnortIntrusion Detection (IDS) toolhttp://www.snort.org/
4WiresharkTCP/IP Sniffer- AKA Etherealhttp://www.wireshark.org/
5WebScarabAnalyze applications that communicate using the HTTP and HTTPS protocols
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
6WiktoWeb server assessment toolhttp://www.sensepost.com/research/wikto/
7BackTrackPenetration Testing live Linux distributionhttp://www.remote-exploit.org/index.php/BackTrack
8NetcatThe network Swiss army knifehttp://www.vulnwatch.org/netcat/
9Metasploit FrameworkComprehensive hacking frameworkhttp://www.metasploit.com/
10SysinternalsCollection of windows utilitieshttp://www.microsoft.com/technet/sysinternals/default.mspx
11Paros proxyWeb application proxyhttp://www.parosproxy.org/
12EnumEnumerate Windows informationhttp://www.darkridge.com/%7Ejpr5/src/enum.tar.gz
13P0F v2Passive OS identification toolhttp://lcamtuf.coredump.cx/p0f.shtml
14IPPersonalityMasquerade IP Stackhttp://ippersonality.sourceforge.net/
15SLANFreeware VPN utilityhttp://slan.sourceforge.net/
16IKE CrackIKE/IPSEC cracking utilityhttp://ikecrack.sourceforge.net/
17ASLEAPLEAP cracking toolhttp://asleap.sourceforge.net/
18KarmaWireless client assessment tool- dangeroushttps://theta44.org/svn/public/karma/releases/karma-0.3/
19WEPCrackWEP cracking toolhttp://wepcrack.sourceforge.net/
20WellenreiterWireless scanning applicationhttp://sourceforge.net/projects/wellenreiter
21SiteDiggerGreat Google hacking toolhttp://www.foundstone.com/us/resources/proddesc/sitedigger.htm
22Several DDOS ToolsDistributed Denial of Service(DDOS) toolshttp://www.packetstormsecurity.org/distributed/
23AchillesWeb Proxy Toolhttp://www.mavensecurity.com/achilles
24Firefox Web Developer ToolManual web assessmenthttps://addons.mozilla.org/en-US/firefox/addon/60
25ScoopyVirtual Machine Identification toolhttp://www.trapkit.de/research/vmm/scoopydoo/index.html
26WebGoatLearning tool for web application pentestshttp://www.owasp.org/index.php/OWASP_WebGoat_Project
27FlawFinderSource code security analyzerhttp://www.dwheeler.com/flawfinder/
28ITS4Source code security analyzerhttp://www.cigital.com/its4/
29SlintSource code security analyzerhttp://www.l0pht.com/slint.html
30PwDump3Dumps Windows 2000 & NT passwordshttp://www.ebiz-tech.com/pwdump3
31LokiICMP covert channel toolhttp://www.phrack.com/Archives/phrack51.tgz
32ZodiacDNS testing toolhttp://packetstormsecurity.org/UNIX/audit/zodiac-0.4.6.tar.gz
33HuntTCP hijacking tool
http://ce.sharif.ac.ir/courses/79-80/2/ce443/projects/delivered/6/hunt-1.5.tgz
34SniffITCurses-Based sniffing tool
http://www.programmersheaven.com/download/13658/download.aspx
35CactiEZNetwork traffic analysis ISOhttp://cactiusers.org/index.php
36InprotectWeb-based Nessus administration toolhttp://inprotect.sourceforge.net/
37OSSIMSecurity Information Management (SIM)http://www.ossim.net/
38NemesisCommand-Line network packet manipulation tool
http://www.l0t3k.net/tools/PacketGenerator/nemesis-1.4beta3.tar.gz
39NetDudeTCPDump manipulation toolhttp://netdude.sourceforge.net/
40TTY WatcherTerminal session hijacking
ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/ttywatcher/ttywatcher-1.2.tar.gz
41StegdetectDetects stego-hidden datahttp://www.outguess.org/detection.php
42HydanEmbeds data within x86 applicationshttp://www.crazyboy.com/hydan/
43S-ToolsEmbeds data within a BMP, GIF, & WAV Fileshttp://www.spychecker.com/program/stools.html
44NushuPassive covert channel toolhttp://www.invisiblethings.org/tools/nushu/nushu.tar.gz
45PtunnelTransmit data across ICMPhttp://www.cs.uit.no/%7Edaniels/PingTunnel/
46Covert_TCPTransmit data over IP Header fieldshttp://www.firstmonday.org/issues/issue2_5/rowland/#app
47THC-PBX HackerPBX Hacking/Auditing Utilityhttp://freeworld.thc.org/download.php?t=r&f=thc-ph11.zip
48THC-ScanWardialerhttp://freeworld.thc.org/download.php?t=r&f=THC-Scan-2.01.zip
49Syslog-NGMySQL Syslog Servicehttp://freshmeat.net/projects/syslog-ng/
50WinZapperEdit WinNT 4 & Win2000 log fileshttp://www.ntsecurity.nu/toolbox/winzapper/
51Rootkit DetectiveRootkit identification tool
http://download.nai.com/products/mcafee-avert/McafeeRootkitDetective.zip
52Rootkit ReleaverRootkit identification toolhttp://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
53RootKit HunterRootkit identification toolhttp://www.rootkit.nl/projects/rootkit_hunter.html
54ChkrootkitRootkit identification toolhttp://www.chkrootkit.org/
55LKMLinux Kernal Rootkit
http://packetstormsecurity.org/UNIX/penetration/rootkits/index3.html
56TCPViewNetwork traffic monitoring toolhttp://download.sysinternals.com/Files/TcpView.zip
57NMAPNetwork mapping toolhttp://nmap.org/download.html
58OllydbgWindows unpackerhttp://www.openrce.org/downloads/browse/OllyDbg_OllyScripts
59UPXWindows packing applicationhttp://upx.sourceforge.net/
60BurneyeLinux ELF encryption toolhttp://bismark.extracon.it/exploits/directory/index.php?dl=46
61SilkRpoe 2000GUI-Based packer/wrapperhttp://digilander.iol.it/obscure/files/SilkRope20.zip
62EliteWrapBackdoor wrapper toolhttp://homepage.ntlworld.com/chawmp/elitewrap/
63SubSevenRemote-Control backdoor tool
http://www.megasecurity.org/trojans/s/subseven/Subseven_all.html
64MegaSecuritySite stores thousands of trojan horse backdoorshttp://www.megasecurity.org/Main.html
65NetbusBackdoor for Windowshttp://www.tcp-ip-info.de/trojaner_und_viren/netbus_eng.htm
66Back Orfice 2000Windows network administration toolhttp://www.bo2k.com/
67TiniBackdoor listener similar to Netcathttp://ntsecurity.nu/toolbox/tini
68MBSAMicrosoft Baseline Security Analyzerhttp://www.microsoft.com/technet/security/tools/mbsahome.mspx
69OpenVPNSSL VPN solutionhttp://openvpn.net/
70SguilAn Analyst Console for network security/log Monitoringhttp://sguil.sourceforge.net/
71HoneydCreate your own honeypothttp://www.citi.umich.edu/u/provos/honeyd/
72BrutusBrute-force authentication crackerhttp://www.hoobie.net/brutus/
73cheops / cheops-ngMaps local or remote networks and identifies OS of machines
74ClamAVA GPL anti-virus toolkit for UNIXhttp://www.clamav.net/
75Fragroute/FragrouterIntrusion detection evasion toolkit
76ArpwatchMonitor ethernet/IP address pairings and can detect ARP Spoofinghttp://www-nrg.ee.lbl.gov/
77Angry IP ScannerWindows port scannerhttp://www.angryziber.com/ipscan/
78FirewalkAdvanced traceroutehttp://www.packetfactory.net/projects/firewalk/
79RainbowCrackPassword Hash Crackerhttp://www.antsight.com/zsl/rainbowcrack/
80EtherApeEtherApe is a graphical network monitor for Unixhttp://etherape.sourceforge.net/
81WebInspectWeb application scannerhttp://www.spidynamics.com/products/webinspect/
82TripwireFile integrity checkerhttp://www.tripwire.com/
83NtopNetwork traffic usage monitorhttp://www.ntop.org/
84Sam SpadeWindows network query toolhttp://www.samspade.org/ssw/
85ScapyInteractive packet manipulation toolhttp://www.secdev.org/projects/scapy/
86SuperscanA Windows-only port scannerhttp://www.foundstone.com/resources/proddesc/superscan.htm
87Airsnort802.11 WEP Encryption Cracking Toolhttp://airsnort.shmoo.com/
88AircrackWEP/WPA cracking toolhttp://www.aircrack-ng.org/
89NetStumblerWindows 802.11 Snifferhttp://www.stumbler.net/
90DsniffA suite of powerful network auditing and penetration-testing toolshttp://www.monkey.org/%7Edugsong/dsniff/
91John the RipperMulti-platform password hash crackerhttp://www.openwall.com/john/
92BASEThe Basic Analysis and Security Engine- used to manage IDS datahttp://sourceforge.net/projects/secureideas/
93KismetWireless sniffing toolhttp://www.kismetwireless.net/
94THC HydraNetwork authentication crackerhttp://www.thc.org/thc-hydra/
95NiktoWeb scannerhttp://www.cirt.net/code/nikto.shtml
96TcpdumpTCP/IP analysis toolhttp://www.tcpdump.org/
97L0phtcrackWindows password auditing and recovery applicationhttp://insecure.org/stf/lc15src.tgz
98Reverse WWW ShellShell access across port 80http://freeworld.thc.org/download.php?t=r&f=thc-uht1.tgz
99THC-SecureDeleteEnsure deleted files are unrecoverable
http://freeworld.thc.org/download.php?t=r&f=secure_delete-3.1.tar.gz
100THC-AMAPApplication mapping toolhttp://freeworld.thc.org/download.php?t=r&f=amap-5.2.tar.gz

Deja un comentario