Más de una vez nos hemos encontrado con que teníamos que realizar una tarea en lo que a seguridad se refiere, y requeríamos de alguna herramienta válida para dicho propósito.
Jeromie Jackson, reconocido consultor de seguridad informática ha elaborado una lista bajo su criterio de las que serían las 100 mejores herramientas dedicadas a la seguridad.
Dicha lista de herramientas junto con sus links de descargas la podemos encontrar en la siguiente URL:
http://www.jeromiejackson.com/index.php/top-100-security-tools
Top 100 Open Source Security Tools
Written by Jeromie Jackson
Monday, 13 April 2009 02:04
Top 100 Security Assessment, Vulnerability Auditing, & Security Tools
1-Stockade-Virtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Others
2-Nessus-Open source vulnerability assessment tool
3-Snort-Intrusion Detection (IDS) tool
4-Wireshark-TCP/IP Sniffer- AKA Ethereal
5-WebScarab -Analyze applications that communicate using the HTTP and HTTPS protocols
6-Wikto -Web server assessment tool
7-BackTrack-Penetration Testing live Linux distribution
8-Netcat-The network Swiss army knife
9-Metasploit Framework-Comprehensive hacking framework
10-Sysinternals-Collection of windows utilities
11-Paros proxy -Web application proxy
12-Enum-Enumerate Windows information
13-P0F v2-Passive OS identification tool
14-IPPersonality-Masquerade IP Stack
15-SLAN-Freeware VPN utility
16-IKE Crack-IKE/IPSEC cracking utility
17-ASLEAP-LEAP cracking tool
18-Karma-Wireless client assessment tool- dangerous
19-WEPCrack-WEP cracking tool
20-Wellenreiter-Wireless scanning application
21-SiteDigger-Great Google hacking tool
22-Several DDOS Tools-Distributed Denial of Service(DDOS) tools
23-Achilles-Web Proxy Tool
24-Firefox Web Developer Tool-Manual web assessment
25-Scoopy-Virtual Machine Identification tool
26-WebGoat-Learning tool for web application pentests
27-FlawFinder-Source code security analyzer
28-ITS4-Source code security analyzer
29-Slint-Source code security analyzer
30-PwDump3-Dumps Windows 2000 & NT passwords
31-Loki-ICMP covert channel tool
32-Zodiac-DNS testing tool
33-Hunt-TCP hijacking tool
34-SniffIT-Curses-Based sniffing tool
35-CactiEZ-Network traffic analysis ISO
36-Inprotect-Web-based Nessus administration tool
37-OSSIM-Security Information Management (SIM)
38-Nemesis-Command-Line network packet manipulation tool
39-NetDude-TCPDump manipulation tool
40-TTY Watcher-Terminal session hijacking
41-Stegdetect-Detects stego-hidden data
42-Hydan-Embeds data within x86 applications
43-S-Tools-Embeds data within a BMP, GIF, & WAV Files
44-Nushu-Passive covert channel tool
45-Ptunnel-Transmit data across ICMP
46-Covert_TCP-Transmit data over IP Header fields
47-THC-PBX Hacker-PBX Hacking/Auditing Utility
48-THC-Scan-Wardialer
49-Syslog-NG-MySQL Syslog Service
50-WinZapper-Edit WinNT 4 & Win2000 log files
51-Rootkit Detective-Rootkit identification tool
52-Rootkit Releaver-Rootkit identification tool
53-RootKit Hunter-Rootkit identification tool
54-Chkrootkit-Rootkit identification tool
55-LKM-Linux Kernal Rootkit
56-TCPView-Network traffic monitoring tool
57-NMAP-Network mapping tool
58-Ollydbg-Windows unpacker
59-UPX-Windows packing application
60-Burneye-Linux ELF encryption tool
61-SilkRpoe 2000-GUI-Based packer/wrapper
62-EliteWrap-Backdoor wrapper tool
63-SubSeven-Remote-Control backdoor tool
64-MegaSecurity-Site stores thousands of trojan horse backdoors
65-Netbus-Backdoor for Windows
66-Back Orfice 2000-Windows network administration tool
67-Tini-Backdoor listener similar to Netcat
68-MBSA-Microsoft Baseline Security Analyzer
69-OpenVPN-SSL VPN solution
70-Sguil-An Analyst Console for network security/log Monitoring
71-Honeyd-Create your own honeypot
72-Brutus-Brute-force authentication cracker
73-cheops / cheops-ng-Maps local or remote networks and identifies OS of machines
74-ClamAV-A GPL anti-virus toolkit for UNIX
75-Fragroute/Fragrouter-Intrusion detection evasion toolkit
76-Arpwatch-Monitor ethernet/IP address pairings and can detect ARP Spoofing
77-Angry IP Scanner-Windows port scanner
78-Firewalk-Advanced traceroute
79-RainbowCrack-Password Hash Cracker
80-EtherApe-EtherApe is a graphical network monitor for Unix
81-WebInspect-Web application scanner
82-Tripwire-File integrity checker
83-Ntop-Network traffic usage monitor
84-Sam Spade-Windows network query tool
85-Scapy-Interactive packet manipulation tool
86-Superscan-A Windows-only port scanner
87-Airsnort -802.11 WEP Encryption Cracking Tool
88-Aircrack-WEP/WPA cracking tool
89-NetStumbler-Windows 802.11 Sniffer
90-Dsniff -A suite of powerful network auditing and penetration-testing tools
91-John the Ripper-Multi-platform password hash cracker
92-BASE-The Basic Analysis and Security Engine- used to manage IDS data
93-Kismet-Wireless sniffing tool
94-THC Hydra-Network authentication cracker
95-Nikto-Web scanner
96-Tcpdump-TCP/IP analysis tool
97-L0phtcrack-Windows password auditing and recovery application
98-Reverse WWW Shell-Shell access across port 80
99-THC-SecureDelete-Ensure deleted files are unrecoverable
100-THC-AMAP-Application mapping tool
Fuente:
http://www.dragonjar.org/top-100-herramientas-de-seguridad-open-source.xhtml
Comentarios
Publicar un comentario