Security Tool Websites

Having the right tool can make the testing and analysis of infrastructure security much easier. Listed next are some sites that maintain various security tools:

DumpSec is a GUI Windows-based enumeration tool that can provide account information, RID information, open shares, and more. The link is shown as follows:

A nice list of bootable Linux CDs is available at the following address. Many of these have really good distributions of tools preconfigured and ready to go that will be of aid to those doing security work.

Cain and Abel is a GUI Windows-based password cracking and enumeration tool that is free to download at

NetStumbler is the leading wireless scanning tool used to identify and enumerate 802.11 wireless networks. You can download it at

Nmap is an open source Windows and Linux scanning tool. To learn more about it or download the tool, visit the following link:

SuperScan is a Windows scanning tool for TCP and UDP. It's available for free from Foundstone at

Scanrand is another useful security tool that is free to download from the following url:

TCH-Amap is a valuable scanning tool that is free to download at

John the Ripper is a Linux and Windows password-cracking tool that can be used to audit the strength of your passwords. It can be downloaded from

SNORT is a great open source IDS tool available for Windows and Linux. SNORT can be downloaded at the following site:

Packetyzer is Ethereal with a new interface. It's free to download from:

Rainbowcrack is a password-cracking tool that works off of the fast time-memory trade-off technique. You can download it at

Ophcrack is another password-cracking tool that uses the fast time-memory trade-off technique. You can download it from the following site:

Nessus is one of the premiere open source scanning tools. You can download it from the following site:

Metasploit is an exploit and vulnerability assessment tool. You can download it at:

Introduction to Assessing Network Vulnerabilities

Foundations and Principles of Security

Why Risk Assessment

Risk-Assessment Methodologies

Scoping the Project

Understanding the Attacker

Performing the Assessment

Tools Used for Assessments and Evaluations

Preparing the Final Report

Post-Assessment Activities

Appendix A. Security Assessment Resources

Appendix B. Security Assessment Forms

Appendix C. Security Assessment Sample Report

Appendix D. Dealing with Consultants and Outside Vendors

Appendix E. SIRT Team Report Format Template

Inside Network Security Assessment. Guarding your IT Infrastructure
Inside Network Security Assessment: Guarding Your IT Infrastructure
ISBN: 0672328097
EAN: 2147483647
Year: 2003
Pages: 138 © 2008-2020.
If you may any questions please contact us: