Top 10 Linux Tools
- Nmap ("Network Mapper") is a free opensource utility for network exploration or security auditing.It was designed to rapidly scan large networks, althoughit works fine against single hosts. Nmap uses raw IPpackets in novel ways to determine what hosts areavailable on the network, what services (applicationname and version) those hosts are offering, whatoperating systems (and OS versions) they are running,what type of packet filters/firewalls are in use, anddozens of other characteristics. Nmap runs on mosttypes of computers and both console and graphicalversions are available.2.
- Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests againstweb servers for multiple items, including over 3200potentially dangerous files/CGIs, versions on over 625servers, and version specific problems on over 230servers. Scan items and plugins are frequently updatedand can be automatically updated (if desired).3.
- Amap is a next-generation tool for assistingnetwork penetration testing. It performs fastand reliable application protocol detection, independanton the TCP/UDP port they are being bound to.4.
- Ethereal is used by network professionalsaround the world for troubleshooting, analysis, softwareand protocol development, and education. It has all of the standard features you would expect in a protocolanalyzer, and several features not seen in any other product.5.
- Number one of the biggest securityholes are passwords, as every password security studyshows. Hydra is a parallized login cracker whichsupports numerous protocols to attack. New modulesare easy to add, beside that, it is flexible and very fast.6.
- The MetasploitFramework is an advanced open-source platform for developing, testing, and using exploit code. This projectinitially started off as a portable network game and hasevolved into a powerful tool for penetration testing,exploit development, and vulnerability research.7.
- John the Ripper is a fastpassword cracker, currently available for many flavors of Unix (11 are officially supported, not counting differentarchitectures), DOS, Win32, BeOS, and OpenVMS. Itsprimary purpose is to detect weak Unix passwords.Besides several crypt(3) password hash types mostcommonly found on various Unix flavors, supported outof the box are Kerberos AFS and WindowsNT/2000/XP/2003 LM hashes, plus several more withcontributed patches.8.
- Nessus is the world's most popular vulnerability scanner used in over 75,000 organisationsworld-wide. Many of the world's largest organisationsare realising significant cost savings by using Nessus toaudit business-critical enterprise devices andapplications.
Top 10 Windows Tools
- Cain & Abel is a password recoverytool for the Microsoft Windows Operating System. Itallows easy recovery of various kind of passwords bysniffing the network, cracking encrypted passwordsusing Dictionary, Brute-Force and Cryptanalysis attacks,recording VoIP conversations, decoding scrambledpasswords, revealing password boxes, uncoveringcached passwords and analyzing routing protocols.2.
- SuperScan is a powerful TCP portscanner, pinger, resolver. SuperScan 4 (CurrentVersion) is a completely-rewritten update of the highlypopular Windows port scanning tool, SuperScan.3.
-GFI LANguard N.S.S. is a network vulnerabilitymanagement solution that scans your network andperforms over 15,000 vulnerability assessments. Itidentifies all possible security threats and provides youwith tools to patch and secure your network. GFILANguard N.S.S. was voted Favorite CommercialSecurity Tool by NMAP users for 2 years running andhas been sold over 200,000 times!4.
- Retina Network Security Scanner,recognised as the industry standard for vulnerabilityassessment, identifies known security vulnerabilitiesand assists in prioritising threats for remediation.Featuring fast, accurate, and non-intrusive scanning,users are able to secure their networks against even themost recent of discovered vulnerabilities.5.
- SamSpade provides a consistent GUIand implementation for many handy network querytasks. It was designed with tracking down spammers inmind, but can be useful for many other networkexploration, administration, and security tasks. Itincludes tools such as ping, nslookup, whois, dig,traceroute, finger, raw HTTP web browser, DNS zonetransfer, SMTP relay check, website search, and more.6.
- N-Stealth is a commercial web server security scanner. It is generally updated more frequentlythan free web scanners such as whisker and nikto, butyou have to pay for the privilege.7.
- Solarwinds contains many networkmonitoring, discovery and attack tools. The advancedsecurity tools not only test internet security with theSNMP Brute Force Attack and Dictionary Attack utilitiesbut also validate the security on Cisco Routers with theRouter Security Check. The Remote TCP Resetremotely display all active sessions on a device and thePassword Decryption can decrypt Type 7 CiscoPasswords. The Port Scanner allows testing for openTCP ports across IP Address and port ranges or selection of specific machines and ports.8.
- The first publicly released general-purpose web application security assessment tool.Achilles acts as a HTTP/HTTPS proxy that allows auser to intercept, log, and modify web traffic on the fly.Due to a cyber squatter, Achilles is no longer online at