Vulnerability Analysis (19)
A vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for weaknesses. Some of the solutions alsp provide the ability to exploit the vulnerability once identified, e.g. Metasploit. See also Web Vulnerability Scanners, which are designed to scan web applications.
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
SamuraiSTFU takes the best in bread security tools for traditional network and web penetration testing, adds specialized tools for embedded and RF testing, and mixes in a healthy dose of energy sector context, documentation, and sample files. Oh, and I shouldn't forget the inclusion of emulators for SCADA, Smart Meters, and other types of energy sector systems to provide leverage a full test lab.
Not opensource anymore - SAINT is a Vulnerability Assessment Tool, an updated and enhanced version of Wietse Venema's SATAN. SAINT gathers information about remote hosts and networks by examining such network services as finger, NFS, NIS, ftp and tftp, rexd, statd, and other services. It features a graphical user interface. Previously free software, now a commercial product.
ThreadFix is a software vulnerability aggregation and vulnerability management system that helps organizations aggregate vulnerability data, generate virtual patches, and interact with software defect tracking systems.
ThreadFix aggregates vulnerability test results from disparate static and dynamic scanning tools as well as the results of manual penetration testing, code review and threat modeling to create a single comprehensive view of the security status of all applications within an organization.
The reporting, prioritization and remediation of an organization's application security vulnerabilities are centralized in a single tool, significantly easing communications between the application development and security teams.
Post-exploitation tool written by Benjamin Delpy (gentilkiwi). A lot of times after the initial exploitation phase attackers may want to get a firmer foothold on the computer/network. Doing so often requires a set of complementary tools. Mimikatz is an attempt to bundle together some of the most useful tasks that attackers, and assessors trying to emulate them, will want to perform.
It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is Metasploitable, an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers.
Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego's unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.
Kali Linux is the new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution. Kali Linux is a complete re-build of BackTrack from the ground up, adhering completely to Debian development standards.