| chkrootkit |
Chkrootkit is a rootkit discovery tool. It can at the moment detect 44 rootkits, worms & LKMs. If you suspect you have been hacked and someone is using your system, check this tool out. This tool works on several unix platforms.
|
693 |
|
| isc.incidents.org |
This is the Internet Storm Center. The site gets data around the world and maps the most attacked ports on the internet. They also provide analysis information about worms, virii & exploits when these get wide-spread. You can also find some news on t |
467 |
|
| IT security cookbook |
This site hosts the IT Security Cookbook. This book aims to touch various issues from policies to more technical level information like firewalls and respective topologies. The technical part doesn't go THAT deep that it would give hands-on informati |
567 |
|
| ITS 4 |
Cigital has released a C/C++ source-code analyser that scans for possible vulnerabilities. Might be useful in automating the process of auditing C/C++ code and useful for programmers themselves.
|
452 |
|
| John the ripper |
John the Ripper is a password-cracking tool that can use wordlists and brute-force. The tool is available for unix, dos & windows. It also has plugins for other schemes, like cracking NTLM hashes.
|
544 |
|
| Legal & Regulatory  |
Sarbanes-Oxley (SOX)—Impact on Security In Software
By Keith Pasley, CISSP |
923 |
|
| Net calculator |
This site has a neat network calculator. It might come useful to people like me who don't understand how netmasks really affect to the amount of IP's in a subnet (or how to calculate this).
|
489 |
|
| Network security library |
This is a network security library. It has lots of FAQs, articles and papers hosted. It also covers some "books" that are available in digital format. I see this as a good resource, as the stuff on the site is quite good quality. You can find informa |
484 |
|
| NIST publications |
This page holds the special publications of NIST that are mainly guidelines. You can find lots of interesting information from here that can be useful, for example you can find tips for securing public webservers, information about IDSes and so on.
|
486 |
|
| patchfinder 2 |
PatchFinder2 is a W2K-utility for detecting W2K-based rootkits that work via DLL-injection or kernel-level attacks. Might be very useful if you suspect a break-in. |
537 |
|
| SQL security scripts |
SQLSecurity has collected some useful MS-SQL scripts & tools on their page that can be used to enumerate MS SQL servers and check security of the databases. Might come handy.
|
596 |
|
| The coroners toolkit |
The Coroner's Toolkit is a toolkit for forensics analysts. Notable TCT components are the grave-robber tool that captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that reco |
492 |
|
| tscrack |
TScrack is a wordlist-based terminal server login-cracker, developed by gridrun. This tool basically hits a terminal server by using a wordlist. If you need to enumerate passwords and terminal services is enabled, this is one way to go.
|
959 |
|
| unxutils.sourceforge.net |
These Win32 tools work like their unix-equivalents. Might come handy at some point and if you miss those simple unix-tools, you can now get them on Windows :) Check out what the tools are from the site.
|
494 |
|
| www.cotse.com |
This site has good online tools, like name lookups, traceroute, proxy checks and so on. It also has loads of information of networking protocols and hosts the Internet Encyclopedia. There is also a plethora of tools listed on the site that can come h |
475 |
|
| www.foundstone.com |
Foundstone has released a variety of free tools to the community. The tools include forensics-tools, assessment-tools, intrusion detection tools, scanning tools & stress testing tools. You might find something useful in here. |
600 |
|
| www.proxyblind.org |
Proxy Blind is dedicated to all the people who have an interest in security, privacy, and anonymity. This site has some tutorials about privacy and has proxy/security tools available. There is also a forum where you can discuss privacy issues.
|
470 |
