AAA Technologies Pvt Ltd, Mumbai
Details of the Audit Tools
Freeware :
- Nessus
-
Whisker
-
HUNT - TCP/IP protocol vulnerability exploiter, packet injector
-
DOMTOOLS - DNS-interrogation tools
-
SARA - Vulnerability scanner
-
RAT
-
Nikto - This tool scans for web-application vulnerabilities
-
Snort - IDS
-
Firewalk - Traceroute-like ACL & network inspection/mapping
-
Hping – TCP ping utilitiy
Dsniff - Passively monitor a network for interesting data (passwords, e-mail, files, etc.). facilitate the interception of network traffic normally unavailable to an attacker
-
HTTrack - Website Copier
-
Chkrootkit - Rootkit discovery tool
-
Tools from FoundStone - Variety of free security-tools
-
SQL Tools - MS SQL related tools
-
John the Ripper - Password-cracking utility
-
ITS4 - Scan C/C++ source-code for vulnerabilities
-
Paros
-
NMAP - The famous port-scanner
-
Ethereal - GUI for packet sniffing. Can analyse tcpdump-compatible logs
-
Nemesis - Packet injection suite
-
NetCat - Swiss Army-knife, very useful
-
RAT – CISecurity’s Router Auditing Tool
-
DSniff - A collection of different purpose sniffers
-
Achilles - An SSL-proxy allowing to change data
-
Whitehats - Snort IDS-signatures & other resources
-
Hping2 - TCP/IP packet analyzer/assembler, packet forgery, useful for ACL inspection
-
Brutus – password cracking for web applications, telnet, etc.
-
WebSleuth - web-app auditing tool
-
Mieliekoek - SQL Injection tool, use with HTTrack
-
NT Toolbox - Resources & tools for NT
-
@Stake Tools - Tools provided by @-Stake
-
TSCrack - Wordlist-based Terminal Server login-cracker
L0phtcrack - NT-password cracking utility
-
HTTPrint – detect web server and version
-
Web proxy - web application testing
-
Web server vulnerability assessment tool
Commercial :
None
Proprietary :
- AAA - Used for Finger Printing and identifying open ports, services and misconfiguration