Security-Database Blog

RadialNet is a network visualization tool developed for Umit during the Google Summer of Code 2007. In Umit it’s called UmitMapper. It consists in a graphical tool to illustrate the Nmap network mapping.

d3vscan is a network manager which is able to uniquely identify and graphically plot network & Bluetooth devices to provide a higher degree of understanding of a particular network.

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocol

The PTF (pentestration tests framework) enumerates the stages one’s should perform during a test (as described in the OSSTMM manual) Network footprinting Discovery & Probing Enumeration Vulnerability assessment Penetration (or exploitation) Plus other tests as well as physical, wireless assessment....

PacketTrap’s FREE pt360 Tool Suite consolidates the PacketTrap free network management tools into a real time reporting solution and replaces disparate IT tools from multiple vendors.

Maltego can be used for the information gathering phase of penetration testing making it possible for less experienced testers to work faster and more accurately. Maltego has fantastic applications in forensic investigations, law enforcement, intelligence operations, identity fraud investigation and identity verification processes

CredDump is a pure-Python implementation of the bkhive/samdump2, lsadump2, and cachedump utilities commonly used to audit Windows password security.

The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool. It is Based on the SATAN model

Today CULT OF THE DEAD COW (cDc), the world’s most attractive hacker group, announced the release of Goolag Scanner, a web auditing tool. Goolag Scanner enables everyone to audit his or her own web site via Google.

VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop into the Voice VLAN on specific Ethernet switches. VoIP Hopper does thisby mimicking the behavior ofan IP Phone, in both Cisco and Avaya IP Phoneenvironments. VoIP Hopper is a VLAN Hop test tool but also a tool to test VoIP infrastructure security.

SAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of the scan results are presented in hyperlinked HTML pages, and reports on complete scan results can be generated and saved.