- Online Security Checks
- online networking tools
- Internet client selfcheck nice (german)
- Netcraft Network Examination What’s that site running and how long?
- Shields UP! — Internet Connection Security Analysis
- Privacy Analysis of your Internet Connection thinking about Java and JavaScript in your Browser đ
- Symantec Security Check online portscan and trojan testing
- BrowserSpy BrowserSpy will tell you detailed information, like version and support, of your Browser, JavaScript, JVM, Java, Plugins, Components, Language, Screen, Hardware, IP, Cookies, Web Server, FTP Password etc….
- Proxy Check Is your proxy noisy?
- Lookup Tools ripe, arin, apic etc.
- Whois lookup from Geektools.com
- SamSpade Tracing & LookupTools
- Are you cracked? Is your IP in Dshield’s Attacker DB?
- network-tools Tracing & Lookup Tools
- HackerWhacker See your computer the way hackers do.
- HackYourself.com formerly HackerWhacker junior
- Secure-me xDSL testing
- QuickInspector web based security diagnostic
- Online NETBIOS vulnerability check
- webbased Traceroute
- AuditNet Home Page
- IT-Audit.de
- Vulnerabilty Scanners
- Default Password List (Search)
- Another Default Password Lists
- Advanced Host Detection – techniques to validate host-connectivity
- Examining port scan methods – analysing audible techniques
- Online Network Calculator – problems calculating netmasks?
- Security-Audit.de
- Open Source Security Testing Methodology taken from ideahamster.org
- it-auditing.de
- Vulnerability Assessment: Minimizing Configuration Error Related Risk
- Lotus Notes Audit
- some Pentesting Articles
- A Wiki devoted to Vulnerabilty Assessment with a comparison of 10 VA tools
- AS/400 Audit Framework
- Online Vulnerabilty Databases
- XForce
- CVE Vulnerability Search Engine The ICAT Metabase is a product of the Computer Security Division at the National Institute of Standards and Technology.
- Security-Focus
- Security-Tracker
- NetworkICE Vulnerabiliy Database
- CVE Common Vulnerabilities and Exposures
- CERT/CC Vulnerability Notes Database
- Cisco Password Recovery Procedures
- some usefull Tools
- CyberCop Scanner (NAI Vulnerability Scanner)
- Somar Software (DumpSec, DumpACL, DumpEvt) As last released by SomarSoft, these utilities are now offered as FREE utilities for reporting of security, directory, registry, and event information under Windows NT
- ISS Internet Scanner provides automated security vulnerability detection and analysis for devices on a network.
- Nessus Security Scanner for Linux, *BSD*, Solaris and NT with different Frontends like Java and GTK
- Nmap Nmap („Network Mapper“) is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.
- hping TCP pinger, can analyse networks and hosts on the TCP Flag level.
- queso Queso identifies operating systems via the TCP packet signature
- firewalk Firewalking is a technique that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks.
- dnswalk dnswalk is a DNS database debugger. It works by initiating a zone transfer of a current zone, inspecting individual records for inconsistencies with other data, and generating warnings and errors.
- CIS Cerberus‘ Internet Scanner is a free security scanner.
- netcat Swiss Army Knife for TCP and UDP (like socket). Simple Port Scanner, simple Port redirector and simple access to sockets from Scripts.
- Whisker A sophisticated CGI security scanner
- COPS (Computer Oracle and Password System) a Unix host security tool from Dan Farmer
- tiger is a set of scripts that scan a Un*x system looking for security problems, in the same fashion as Dan Farmer’s COPS.
- SARA Security Auditors Research Assistent, based on the SATAN model
- SAINT (Security Administrator’s Integrated Network Tool) is a security assesment tool based on SATAN.
- nemesis is a command-line UNIX network packet injection suite .
- Pandora is a set of tools for testing the security of Novell Netware
- MacAnalysis is a security auditing suite for your Macintosh to perform and help implement a security standard for your computer/network by performing a full security check of network protocols, open services, port scans, vulnerable CGI scripts and much more.
- ngrep network grep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
- Sabernet: Security Tools
- arirang – powerful webserver security scanner
- DominoScan fully automated Domino application security scanner
- Babelweb is a program which allows to automate tests on a HTTP server
- audit.sql testing MS SQL Server 6.5 or 7.0/2000 for weak passwords
- SQLdict is a dictionary attack tool for SQL Server
- SQLAT is a suite of tools which could be usefull for pentesting a MS SQL Server
- Passifist is a tool for passive network discovery.
- VNCPwdump can be used to dump and decrypt the registry key containing the encrypted VNC password in a few different ways.
- some SQL-Scripts for auditing Oracle databases
- Burp proxy is an interactive HTTP/S proxy server for attacking and debugging web-enabled applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw traffic passing in both directions.
