Many of the best security tools are released for Linux and of Unix like operating system
[http://www.thc.org/releases.php]
THC-Hydra: Parallized network authentication cracker
This tool allows for rapid dictionary attacks against network login systems, including FTP, POP3, IMAP, Netbios, Telnet, HTTP Auth, LDAP NNTP, VNC, ICQ, Socks5, PCNFS, and more. It includes SSL support and is apparently now part of Nessus. Like Amap, this release is from the fine folks at THC.
SPIKE Proxy: HTTP Hacking
Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and directory traversal detection.
Nessus: The premier Open Source vulnerability assessment tool
Nessus is a remote security scanner for Linux, BSD, Solaris, and other Unices. It is plug-in-based, has a GTK interface, and performs over 1200 remote security checks. It allows for reports to be generated in HTML, XML, LaTeX, and ASCII text, and suggests solutions for security problems.
Nikto: A more comprehensive web scanner
Nikto is a web server scanner which looks for over 2000 potentially dangerous files/CGIs and problems on over 200 servers. It uses LibWhisker but is generally updated more frequently than Whisker itself.
XProbe2: Active OS fingerprinting tool
XProbe is a tool for determining the operating system of a remote host. They do this using some of the same techniques as Nmap as well as many different ideas. Xprobe has always emphasized the ICMP protocol in their fingerprinting approach.
And lets not Forget John the Ripper and I'm sure there is more....
|