Una recopilación de 100 herramientas de seguridad Open Source que he encontrado vía jeromiejackson.com, que dejo publicada con el objetivo de revisar y comparar con el Top 100 Network Security Tools de sectools.org
|
1
|
Stockade | Virtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Others |
|
2
|
Open source vulnerability assessment tool | |
|
3
|
Snort | Intrusion Detection (IDS) tool |
|
4
|
Wireshark | TCP/IP Sniffer- AKA Ethereal |
|
5
|
Analyze applications that communicate using the HTTP and HTTPS protocols | |
|
6
|
Wikto | Web server assessment tool |
|
7
|
BackTrack | Penetration Testing live Linux distribution |
|
8
|
Netcat | The network Swiss army knife |
|
9
|
Metasploit Framework | Comprehensive hacking framework |
|
10
|
Sysinternals | Collection of windows utilities |
|
11
|
Paros proxy | Web application proxy |
|
12
|
Enum | Enumerate Windows information |
|
13
|
P0F v2 | Passive OS identification tool |
|
14
|
IPPersonality | Masquerade IP Stack |
|
15
|
SLAN | Freeware VPN utility |
|
16
|
IKE Crack | IKE/IPSEC cracking utility |
|
17
|
ASLEAP | LEAP cracking tool |
|
18
|
Karma | Wireless client assessment tool- dangerous |
|
19
|
WEPCrack | WEP cracking tool |
|
20
|
Wellenreiter | Wireless scanning application |
|
21
|
Great Google hacking tool | |
|
22
|
Several DDOS Tools | Distributed Denial of Service(DDOS) tools |
|
23
|
Achilles | Web Proxy Tool |
|
24
|
Firefox Web Developer Tool | Manual web assessment |
|
25
|
Scoopy | Virtual Machine Identification tool |
|
26
|
WebGoat | Learning tool for web application pentests |
|
27
|
FlawFinder | Source code security analyzer |
|
28
|
ITS4 | Source code security analyzer |
|
29
|
Slint |
Source code security analyzer |
|
30
|
PwDump3 | Dumps Windows 2000 & NT passwords |
|
31
|
Loki | ICMP covert channel tool |
|
32
|
Zodiac | DNS testing tool |
|
33
|
Hunt | TCP hijacking tool |
|
34
|
SniffIT | Curses-Based sniffing tool |
|
35
|
CactiEZ | Network traffic analysis ISO |
|
36
|
Inprotect | Web-based Nessus administration tool |
|
37
|
OSSIM | Security Information Management (SIM) |
|
38
|
Nemesis | Command-Line network packet manipulation tool |
|
39
|
NetDude | TCPDump manipulation tool |
|
40
|
TTY Watcher | Terminal session hijacking |
|
41
|
Stegdetect | Detects stego-hidden data |
|
42
|
Hydan | Embeds data within x86 applications |
|
43
|
S-Tools | Embeds data within a BMP, GIF, & WAV Files |
|
44
|
Nushu | Passive covert channel tool |
|
45
|
Ptunnel | Transmit data across ICMP |
|
46
|
Covert_TCP | Transmit data over IP Header fields |
|
47
|
THC-PBX Hacker | PBX Hacking/Auditing Utility |
|
48
|
THC-Scan | Wardialer |
|
49
|
Syslog-NG | MySQL Syslog Service |
|
50
|
Edit WinNT 4 & Win2000 log files | |
|
51
|
Rootkit Detective | Rootkit identification tool |
|
52
|
Rootkit Releaver | Rootkit identification tool |
|
53
|
RootKit Hunter | Rootkit identification tool |
|
54
|
Rootkit identification tool | |
|
55
|
LKM | Linux Kernal Rootkit |
|
56
|
TCPView | Network traffic monitoring tool |
|
57
|
NMAP | Network mapping tool |
|
58
|
Ollydbg | Windows unpacker |
|
59
|
UPX | Windows packing application |
|
60
|
Burneye | Linux ELF encryption tool |
|
61
|
GUI-Based packer/wrapper | |
|
62
|
EliteWrap | Backdoor wrapper tool |
|
63
|
SubSeven |
Remote-Control backdoor tool |
|
64
|
MegaSecurity | Site stores thousands of trojan horse backdoors |
|
65
|
Netbus |
Backdoor for Windows |
|
66
|
Back Orfice 2000 | Windows network administration tool |
|
67
|
Tini | Backdoor listener similar to Netcat |
|
68
|
Microsoft Baseline Security Analyzer | |
|
69
|
OpenVPN | SSL VPN solution |
|
70
|
Sguil | An Analyst Console for network security/log Monitoring |
|
71
|
Honeyd | Create your own honeypot |
|
72
|
Brutus | Brute-force authentication cracker |
|
73
|
cheops / cheops-ng | Maps local or remote networks and identifies OS of machines |
|
74
|
ClamAV | A GPL anti-virus toolkit for UNIX |
|
75
|
Fragroute/Fragrouter | Intrusion detection evasion toolkit |
|
76
|
Arpwatch | Monitor ethernet/IP address pairings and can detect ARP Spoofing |
|
77
|
Angry IP Scanner | Windows port scanner |
|
78
|
Firewalk | Advanced traceroute |
|
79
|
RainbowCrack | Password Hash Cracker |
|
80
|
EtherApe | EtherApe is a graphical network monitor for Unix |
|
81
|
WebInspect | Web application scanner |
|
82
|
Tripwire | File integrity checker |
|
83
|
Ntop | Network traffic usage monitor |
|
84
|
Sam Spade | Windows network query tool |
|
85
|
Scapy | Interactive packet manipulation tool |
|
86
|
Superscan | A Windows-only port scanner |
|
87
|
Airsnort | 802.11 WEP Encryption Cracking Tool |
|
88
|
Aircrack | WEP/WPA cracking tool |
|
89
|
NetStumbler | Windows 802.11 Sniffer |
|
90
|
Dsniff | A suite of powerful network auditing and penetration-testing tools |
|
91
|
John the Ripper | Multi-platform password hash cracker |
|
92
|
BASE | The Basic Analysis and Security Engine- used to manage IDS data |
|
93
|
Kismet | Wireless sniffing tool |
|
94
|
Network authentication cracker | |
|
95
|
Nikto | Web scanner |
|
96
|
Tcpdump | TCP/IP analysis tool |
|
97
|
Windows password auditing and recovery application | |
|
98
|
Shell access across port 80 | |
|
99
|
THC-SecureDelete | Ensure deleted files are unrecoverable |
|
100
|
THC-AMAP | Application mapping tool |