Security Tools News & Tips

The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities. The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A diff of the two produced files (ftest.log and ftestd.log) shows the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a firewall. Stateful inspection firewalls are handled with the ‘connection spoofing’ option. A script called freport is also available for automatically parse the log files.

• More information or Write a review...(0)

The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and System administrators. Now release 2.0 is a liveDVD, It features a lot of new or up to date tools for auditing and testing a network, from scanning and discovering to exploiting vulnerabilities. Kcpentrix is based on SLAX 5, a Slackware live Dvd. The Powerful modularity which Kcpentrix uses, allow us to easily customize our version, and include whichever modules we need. KCPENTRIX 2.0 is the most inovative and promising KCPENTRIX ever. It switched to 2.6 kernel line. Zisofs compression was replaced by SquashFS, which provides better compression ratio and higher read speed.

• More information or Write a review...(0)

Network Security Toolkit (NST) is a bootable ISO live CD based on Fedora Core 6. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools.

• More information or Write a review...(0)

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.

• More information or Write a review...(0)

Aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact aircrack is a set of tools for auditing wireless networks.

• More information or Write a review...

Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.

• More information or Write a review...(0)

SolarWinds, a leading provider of Windows-based network monitoring tools and network discovery and network management software, enables network engineers to reduce network downtime, monitor network performance, manage compliancy requirements, perform bulk configuration changes and improve staff efficiency. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more.

• More information or Write a review...(0)

SurfControl solutions provide continuous protection against the Web, e-mail and desktop-based threats, from viruses and phishing attacks to inappropriate use of system resources to regulatory non-compliance. In providing this protection, it offers you the choice of where in your network environment you want to deploy these solutions: on the desktop, on the network (as software or an appliance), or in the Internet cloud. By implementing solutions through layered deployments, you yield tremendous savings in network resources, bandwidth and overall administration, while ensuring that your unique security and compliance requirements are most efficiently met. Websense is another popular solutions that provides similar service except the email filtering.

• More information or Write a review...(0)

The Honeywall CDROM is a bootable CD that copies all the functionality of a Honeywall onto a hard drive. It comes with all the tools and functionality for you to implement data capture, data control, and data analysis. It creates an architecture that allows you to deploy both low-interaction and high-interaction honeypots within it. The purpose of the Honeywall CDROM is to make it easier to deploy, manage, and derive value from honeynet technologies. The CDROM supports several configuration methods, including an interactive menu and .iso customization scripts. The CDROM is an appliance, based on a minimized and secured Linux OS.

• More information or Write a review...(0)

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks “Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection” paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behaviour. This tool was written in good faith to aid in the testing of network intrusion detection systems, firewalls, and basic TCP/IP stack behaviour. Please do not abuse this software.

• More information or Write a review...(0)