BEST IT Security and Auditing Software 2007

Since we have started IT security auditing and assessment, we have tested and used tons of tools, utilities and softwares. A lot of them were discontinuted, closed their code or just bought by vendors. But (hopefully), the best are still alive.

Now, by the end of the year 2007, i become slightly melancholic and decide to release a survey of the most efficient IT Security Softwares for auditors, security administrators and pentesters.

However, I deeply think that every little script or utility wrote by individual developer or hacker is a gem. Just take a look at sourceforge project repositories to be amazed. They will continue to serve us for years to come.

— Happy New Year.

Scoring criteria

This survey was based upon specific criteria, so the classification reflects only our opinion at the moment of writing this article.

Criteria Comment
Audience TargetIT Auditors, pentesters, IT technical staff, IT Management staff
Software featuresBuilt-in features , capabilities and options.
Updates and maintenanceFrequency of updates (database, signature, plugins and addons). Maintenance ( bug fixes, bug reporters, support...). Future releases and roadmap.
Use of standards and metricsUse of security metrics and standards (CVE, CVSS, XCCDF, OVAL, CPE, SANS TOP20, OWASP..)
ReportingDashboards, charting and graphing, types of report export (HTML, XML, PDF..)
Security-Database Track PopularityAverage of visits and downloads. Based on our internal stats during the year 2007.

++++

Penetration Tests

Open source and Free Softwares

Category Best Recommended/Excellent
Information GatheringMaltego GUI and Web basedex aequo : SEAT (Search Engine Assessment Tool)) & RevHosts
Protocol mappersNMapTHC-Amap
Vulnerability scannersTenable NessusSaint Scanner Basic release
Application scannersW3AF : Web Application Attack Audit Frameworkex aequo: Paros Proxy & Nikto
ExploitersMetasploit 3.xex aequo: Inguma & Milw0rm WebSite
Wireless hackingex aequo: AirCrack-NG & AirCrack PTWAiroScript
LiveCDsBackTrack 2.x and 3.xex aequo: NST (Network Security Toolkit) & OSWA (Organizational Systems Wireless Auditor)

Methodologies

Document Best Recommended/Excellent
Network and System testingOSSTMMNIST SP 800-115
Application testingOWASP GuidesWebAppSec papers
Testing FrameworkPTF Penetration tests FrameworkN/A
Testing FrameworkWTF Wireless Testing FrameworkN/A

++++

Security Assessment

Open source and Free Softwares

Category Best Recommended/Excellent
Windows auditingOVAL Interpreterex aequo : Belarc Advisor & WinAudit & SysInternals
Unix auditingex aequo : CIS Scoring Tools & Tiger Security Toolex aequo : Babel Enterprise & OVAL Unix interpreters (Sussen, Debian, Fedora, OpenSuse)
Filtering devicesNipperNCat
Password CrackingCain and AbelOphCrack Suite
Code auditingFindBugsPixy
Wireless testingOSWARussix
Database auditingTHC-OracleSQL Power Injector
Application auditingOWASP LabRatOWASP Cal9000
VoIP auditingSiVusCain and Abel

Methodologies

Document Best Recommended/Excellent
PublicationsNIST CSRC documents
Security ChecklistsDISA STIGsex aequo: CIS Checklists & AuditNet Resources

++++

Commercial Softwares - Best OFF

Category Best Recommended/Excellent
Penetration TestsCore ImpactSaint Suite (Saint scanner and SaintExploit)
Application testsAcunetix Web Vulnerability ScannerWebInspect
Compliance ScannersLAnGuard NSSTenable Security Center

++++

Links and references

Open source and free softwares

Name Link
Maltegohttp://www.paterva.com
SEAThttp://midnightresearch.com
RevHostshttp://www.revhosts.org
NMaphttp://www.nmap.org
Nessus & Tenable productshttp://www.tenablesecurity.com
Saint Scanner and SaintExploithttp://www.saintcorporation.com
W3AFhttp://w3af.sourceforge.net
Niktohttp://www.cirt.net/code/nikto.shtml
Paros Proxyhttp://www.parosproxy.org/index.shtml
Metasploithttp://www.metasploit.com
Ingumahttp://inguma.sourceforge.net
Milw0rm Resourceshttp://www.milw0rm.com
AirCrack-NGhttp://www.aircrack-ng.org
AirCrack-PTWCDC informatik darmstadt
AiroScripthttp://airoscript.aircrack-ng.org
BackTrackhttp://www.remote-exploit.org
NSThttp://networksecuritytoolkit.org
OSWA Assistanthttp://securitystartshere.org
OVAL Interpretershttp://oval.mitre.org
Belarc Advisorhttp://www.belarc.com
Sussen OVALhttp://dev.mmgsecurity.com/projects/sussen/
WinAudithttp://www.pxserver.com/WinAudit.htm
SysInternalshttp://www.sysinternals.com
CIS Scoring Tools and Checklistshttp://www.cisecurity.org
Tiger Security Suitehttp://www.nongnu.org/tiger
Babel Enterprisehttp://babel.sourceforge.net
Nipper Network Infrastructure Parserhttp://sourceforge.net/projects/nipper
NCathttp://ncat.sourceforge.net
Cain And Abelhttp://www.oxid.it
OphCrackhttp://ophcrack.sourceforge.net
FindBugshttp://findbugs.sourceforge.net
PixyPixyBox WebSite
Russixwww.russix.com
THC Utilitieshttp://freeworld.thc.org
SQL Power Injectorhttp://www.sqlpowerinjector.com
SiVushttp://www.vopsecurity.org

++++

Commercial softwares

Name Link
Core Impacthttp://www.coresecurity.com
LanGuard NSShttp://www.gfi.com
Acunetix WVSwww.acunetix.com
WebInspectwww.spidynamics.com

Methodologies and references

Name Link
OSSTMMhttp://www.isecom.org/
OWASP Software and Methodologyhttp://www.owasp.org
PTF Penetration tests Frameworkhttp://www.vulnerabilityassessment.co.uk
WTF Wireless Testing Frameworkhttp://www.wirelessdefence.org
WebAppSec documentshttp://www.webappsec.org
NIST Releaseshttp://csrc.nist.gov/publications/
DISA STIGshttp://iase.disa.mil/stigs
AuditNet Resourceshttp://www.auditnet.org

Survey realised with Security-Database Tools Watch Service Statistics.

Copyright © 2008 Security-Database.com


Comments