KPMG, Gurgaon

Details of the Information Security Audit Tools

Freeware Tools :

1. NMAP - Network security
2. NetStumbler - Network security
3. AirSnort - Network security
4. SuperScan - Network security
5. Nikto - Web Systems & Applications security
6. THC - Web Systems & Application security
7. CIS - Local Systems & Applications security
8. As400 - Local Systems & Applications security
9. CAIN - Password cracking
10. Brutus - Password cracking
11. JohntheRipper - Password cracking
12. SNMPWalk - Router and network management
13. SNMP Scanner - Router and network management
14. RIP query - Router and network management
15. RAT - Router and network management
16. DumpSec - Windows security
17. Wireshark - Network sniffing
18. MBSA - Windows security
19. SQL Scan - Database security

Commercial Tools :

1. ISS Internet - Network security
2. Webinspect - Web Systems & Applications security
3. AppScan - Web Systems &Applications security
4. Bindview - Local Systems & Applications security
5. ISS DB - Database Security
6. AppDetective - Database Security
7. Nessus - Network security
8. Power Tech
9. VeloSecure
10. IPLocks - Database Security
11. Qualsys Guard
12. Core Impact

Proprietary Tools :

1. *nix Scripts - Security Configuration review of *nix systems
2. Database Scripts - Security Configuration review of databases
3. SAP Security Explorer - Security and Configuration review of SAP
4. CHILLI (V. 1.2.0) - Network Discovery
5. OSCR - Oracle Security Review
6. KPMG Application Quality Assessment Tool
7. AS/400 User Profile Analysis - Security Review