Top 100 Open Source Security Tools

Más de una vez nos hemos encontrado con que teníamos que realizar una tarea en lo que a seguridad se refiere, y requeríamos de alguna herramienta válida para dicho propósito.

Jeromie Jackson, reconocido consultor de seguridad informática ha elaborado una lista bajo su criterio de las que serían las 100 mejores herramientas dedicadas a la seguridad.

Dicha lista de herramientas junto con sus links de descargas la podemos encontrar en la siguiente URL:

Top 100 Open Source Security Tools

Written by Jeromie Jackson

Monday, 13 April 2009 02:04

Top 100 Security Assessment, Vulnerability Auditing, & Security Tools

1-Stockade-Virtual Appliance with Snort, BASE, Inprotect, CACTI, NTOP & Others

2-Nessus-Open source vulnerability assessment tool

3-Snort-Intrusion Detection (IDS) tool

4-Wireshark-TCP/IP Sniffer- AKA Ethereal

5-WebScarab -Analyze applications that communicate using the HTTP and HTTPS protocols

6-Wikto -Web server assessment tool

7-BackTrack-Penetration Testing live Linux distribution

8-Netcat-The network Swiss army knife

9-Metasploit Framework-Comprehensive hacking framework

10-Sysinternals-Collection of windows utilities

11-Paros proxy -Web application proxy

12-Enum-Enumerate Windows information

13-P0F v2-Passive OS identification tool

14-IPPersonality-Masquerade IP Stack

15-SLAN-Freeware VPN utility

16-IKE Crack-IKE/IPSEC cracking utility

17-ASLEAP-LEAP cracking tool

18-Karma-Wireless client assessment tool- dangerous

19-WEPCrack-WEP cracking tool

20-Wellenreiter-Wireless scanning application

21-SiteDigger-Great Google hacking tool

22-Several DDOS Tools-Distributed Denial of Service(DDOS) tools

23-Achilles-Web Proxy Tool

24-Firefox Web Developer Tool-Manual web assessment

25-Scoopy-Virtual Machine Identification tool

26-WebGoat-Learning tool for web application pentests

27-FlawFinder-Source code security analyzer

28-ITS4-Source code security analyzer

29-Slint-Source code security analyzer

30-PwDump3-Dumps Windows 2000 & NT passwords

31-Loki-ICMP covert channel tool

32-Zodiac-DNS testing tool

33-Hunt-TCP hijacking tool

34-SniffIT-Curses-Based sniffing tool

35-CactiEZ-Network traffic analysis ISO

36-Inprotect-Web-based Nessus administration tool

37-OSSIM-Security Information Management (SIM)

38-Nemesis-Command-Line network packet manipulation tool

39-NetDude-TCPDump manipulation tool

40-TTY Watcher-Terminal session hijacking

41-Stegdetect-Detects stego-hidden data

42-Hydan-Embeds data within x86 applications

43-S-Tools-Embeds data within a BMP, GIF, & WAV Files

44-Nushu-Passive covert channel tool

45-Ptunnel-Transmit data across ICMP

46-Covert_TCP-Transmit data over IP Header fields

47-THC-PBX Hacker-PBX Hacking/Auditing Utility


49-Syslog-NG-MySQL Syslog Service

50-WinZapper-Edit WinNT 4 & Win2000 log files

51-Rootkit Detective-Rootkit identification tool

52-Rootkit Releaver-Rootkit identification tool

53-RootKit Hunter-Rootkit identification tool

54-Chkrootkit-Rootkit identification tool

55-LKM-Linux Kernal Rootkit

56-TCPView-Network traffic monitoring tool

57-NMAP-Network mapping tool

58-Ollydbg-Windows unpacker

59-UPX-Windows packing application

60-Burneye-Linux ELF encryption tool

61-SilkRpoe 2000-GUI-Based packer/wrapper

62-EliteWrap-Backdoor wrapper tool

63-SubSeven-Remote-Control backdoor tool

64-MegaSecurity-Site stores thousands of trojan horse backdoors

65-Netbus-Backdoor for Windows

66-Back Orfice 2000-Windows network administration tool

67-Tini-Backdoor listener similar to Netcat

68-MBSA-Microsoft Baseline Security Analyzer

69-OpenVPN-SSL VPN solution

70-Sguil-An Analyst Console for network security/log Monitoring

71-Honeyd-Create your own honeypot

72-Brutus-Brute-force authentication cracker

73-cheops / cheops-ng-Maps local or remote networks and identifies OS of machines

74-ClamAV-A GPL anti-virus toolkit for UNIX

75-Fragroute/Fragrouter-Intrusion detection evasion toolkit

76-Arpwatch-Monitor ethernet/IP address pairings and can detect ARP Spoofing

77-Angry IP Scanner-Windows port scanner

78-Firewalk-Advanced traceroute

79-RainbowCrack-Password Hash Cracker

80-EtherApe-EtherApe is a graphical network monitor for Unix

81-WebInspect-Web application scanner

82-Tripwire-File integrity checker

83-Ntop-Network traffic usage monitor

84-Sam Spade-Windows network query tool

85-Scapy-Interactive packet manipulation tool

86-Superscan-A Windows-only port scanner

87-Airsnort -802.11 WEP Encryption Cracking Tool

88-Aircrack-WEP/WPA cracking tool

89-NetStumbler-Windows 802.11 Sniffer

90-Dsniff -A suite of powerful network auditing and penetration-testing tools

91-John the Ripper-Multi-platform password hash cracker

92-BASE-The Basic Analysis and Security Engine- used to manage IDS data

93-Kismet-Wireless sniffing tool

94-THC Hydra-Network authentication cracker

95-Nikto-Web scanner

96-Tcpdump-TCP/IP analysis tool

97-L0phtcrack-Windows password auditing and recovery application

98-Reverse WWW Shell-Shell access across port 80

99-THC-SecureDelete-Ensure deleted files are unrecoverable

100-THC-AMAP-Application mapping tool