Network Security Tools For Security Researchers And Penetration Testers To Use

Penetration testing and network security is a pretty vast topic. These tools cover almost every aspect of it.

Network security is one of the biggest buzzwords nowadays. There are a number of security tools available, each with its own unique ability. That said, there are some that you will find on almost every security expert's computer. These are the ones that are the best and should be on your computer too. Here are 30 of the top network security tools, stay tuned for more.

1. Wireshark

This one was known as Ethereal till the summer of 2006. It is an open source platform network protocol analyzer.

Latest release: 26 July 2013, version 1.10.1

2. Metasploit

This is an open source platform that was released in 2004. It can be launched for developing, testing and using exploit codes. While the framework is free and open source, since its acquisition by Rapid7 in 2009, but there are paid editions to it too.

Latest release: 7 December 2012, version 4.5

3. Nessus

This is another one of the most popular network security tools. It is a vulnerability scanner that costs $1,200. It used to be a free and open source application till 2005.

Latest release: 7 May 2013, version 5.2.1

4. Aircrack

This tool used the best cracking algorithms for 802.11 A/b/g WEP and WPA cracking. It is best used to recover wireless keys.

Latest release: 24 April 2010, version 1.1

5. Snort

This is one of the best available network intrusion applications that has its forte in traffic analysis and packet logging on IP networks. Snort itself is free and open source, but SourceFire (the parent company) offers other complimentary products at a price. In addition, it offers its own VRT-certified rules for $499 per sensor per year.

Latest release: 30 July 2013, version 2.9.5.3

6. Cain and Abel

How is this security tool different from others? Well, it’s a Windows only tool, which is very unlike other tools that support Linux and UNIX before Windows. Cain & Abel is a password recovery tool that can handle a number of tasks.

Latest release: 3 December 2011, version 4.9.43

7. BackTrack

If you’re even remotely involved with hacking you would have heard of BackTrack. This is a Live CD Linux distribution that comes from Whax and Auditor. It has a huge suite of security and forensics tools and is known to be the hacker’s distribution.

Latest release: 13 August 2012, version 5 R3

8. Netcat

Want to read data across UDP or TCP network connections? This is the go to tool for most security personnel for this purpose. First released in 1995 by Hobbit, it is one of the most popular security tools. Interestingly, it hasn’t been maintained despite its popularity. Recognising its usefulness, the Nmap Project made a modern version of the tool called Ncat.

Latest release: 20 March 1996, version 1.10

9. tcpdump

This is a network traffic sniffer that lost its popularity to Wireshark. It still have a respectably large user base though.

Latest release: 20 May 2013, version 4.4.0

10. John the Ripper

Compatible with the Linux, UNIX and Mac OS X platforms, this is a commonly used password cracker.

Latest release: 30 May 2013, version 1.8.0

11. Kismet

This tool is a wireless network detector, intrusion detection system and network sniffer that is used quite commonly for wardriving, warflying, warwalking and warskating.

Latest release: 11 April 2011, version Kismet 2011-03-R2

12. OpenSSH/PuTTY/SSH

This is the go to tool for logging into and executing commands on a remote machine.

13. Burp Suite

This is a tool that is used for attacking web applications. The limited version is available for free, while the pro version costs $299.

Latest release: 3 June 2011, version 1.4.01

14. Nikto

This is an open source web server that performs tests against other web servers for multiple items. This includes more than 6,400 potentially dangerous files/CGIs and other checks.

Latest release: 20 February 2011, version 2.1.4

15. Hping

You can use this one to send custom TCP, ICMP and UDP packets and then display replies. The tool was inspired by the ping command but can be used to perform far more controlled probes.

Latest release: 5 November 2005, version hping3-20051105

16. Ettercap

If a man in the middle attack on LAN networks is what you’re looking at then Ettercap is the tool that you need.

Latest release: 22 March 2013, version 0.7.6-Locard

17. Sysinternals

This tool can be used to gain access to a number of small windows utilities that can be used for low-level windows hacking.

Latest release: 4 February 2011

18. w3af

This is a powerful framework that is used for searching and exploiting web application vulnerabilities.

Latest release: 11 October 2011, version 1.1

19. OpenVAS

This is a vulnerability scanner that was forked from Nessus. The last free version of Nessus, before it became a proprietary tool in 2005, was used for this.

Latest release: 17 April 2013, version 6.0

20. Scapy

Interactive packer manipulation, network scanning, packet generating, packet sniffing, are the activities that Scapy excels in. It is a low level tool and you need Python to interact with it.

Latest release: 28 February 2011, version 2.2.0

20. Ping/telnet/dig/traceroute/whois/netstat

This is a basic security auditing tool that is still very useful. You may be ignoring these for other high tech tools, but knowing these is important too.

21. THC Hydra

This is one tool that has been revered for brute force cracking on temote authentication services. The application can manage rapid dictionary attacks against over 30 protocols like https, ftp, http, telnet, smb, a number of databases and others.

Latest release: 23 May 2012, version 7.3

22. Perl/Python/Ruby

Secripting languages allow you to write your own canned security tools. You can also use them to modify existing tools.
no rating Paros proxy (#24, 8)

23. Paros proxy

This is a Java-based web proxy server that can be used for finding out the web vulnerabilities.

Latest release: 8 August 2006, version 3.2.13

24. NetStumbler

This is a Windows tool that can be used for finding open wireless access points. It is free but not open source and is a Windows-only application.

Latest release: 1 April 2004, version 0.4.0

25. Google

You may think that this is a weird choice for a list like this. But you’re wrong. Google’s database can be is recognised as an important security tool by experts and penetration testers everywhere.

26. OSSEC HIDS

This performs log analysis, rootkit detection, integrity checking, time-based alerting and active response. It is also used as a SEM/SIM solution/

Latest release: 16 November 2012, version 2.7

27. WebScarab

This tool records requests and responses that it observes and lets the operator review them in different ways. It is a tool that can expose the functioning of HTTP(S)-based applications.

Latest release: 20 August 2010, version 20100820-1632

28. Core Impact

This tool is considered by many to be the most powerful exploitation tool that is available right now. It is also much more expensive than others though.

Latest release: 8 August 2011, version 12

29. sqlmap

This is an open source penetration testing tool, which can be used in order to automate the detection and exploitation of SQL injection flaws.

Latest release: 11 April 2011, version 0.9

30. TrueCrypt

This is a very useful open source disk encryption system for Mac, Windows and Linux-based systems.

Latest release: 7 February 2012, version 7.1a 

Author :Shivam Kotwalia, CodeKill

Ultrasonic Password Security for Google Accounts

Does a Strong Password Guarantee you the Security of your Online Account? If yes, then you should once check out our 'Data breaches' section on the website.

A Startup Company, SlickLogin has developed a technology that enables you to login into online accounts using Ultrasonic sound, instead of entering username and password on your.

The company claims its technology offers "military-grade security" that replaces passwords in the two-step process simply by placing your Phone next to their laptop or tablet.

When you sign-in via SlickLogin enabled website, the computer will play a sound which is encrypted into Ultrasonic Sound, inaudible to the human ear, but your Smartphone can hear it.

The Smartphone Sends data back to the SlickLogin Servers for authentication and grants immediate access. Each sound is different, unique and cannot be reused to hack an account.

Recently, Google has acquired this two month old Israeli Startup, "Today we're announcing that the SlickLogin team is joining Google, a company that shares our core beliefs that logging in should be easy instead of frustrating, and authentication should be effective without getting in the way." SlickLogin website said.

SlickLogin also uses WiFi, Bluetooth, NFC, QR codes and GPS to prevent your account from hackers on the other side of the world.

SlickLogin Technology gives you a way to set an unforgettable password, but at the same time physical access to the Smartphone may pose critical threat to your online accounts and Smartphones with Low battery Backup may trouble you most of the times.

Author : Shivam Kotwalia, CodeKill

11 Software And Utilities For Securing Your Network

Security tools are useful for both newbies and professionals. At a time when even your government is spying on your data, what tools are you using? 

Security is one of the buzzwords on the internet nowadays. When we talk about security, two things come to mind — hackers and security software. Utilities and software related to security is especially useful as they make it easy for even less savvy users to improve their security arrangements. Here are 11 of these security software and utilities that you can use in order to improve your system's protection against attackers.

As cited on netsecurity.about.com, here are 11 such tools that offer protection-
ZoneAlarm Pro –This is freely available and offers much more protection. Zonelabs has added extra security functionality including the quarantining of malicious email attachments and increased protection for your privacy at the time of surfing the Web.

Hidden Object Locator – You can locate hidden NDS objects in your tree. This zip file consists of two files: an NLM and a text file with instructions.

ippl – This is a daemon that logs IP packets sent to a computer. This keeps running in the background, and displays information regarding the incoming packets. Criteria can be utilized for specifying what packets should be logged and what packets should be ignored.
Intrusion SecureHost – In lieu of detecting and then reacting to an attack post the damage has been done, SecureHost stops the attack from happening in the first place. It instantly defines application behaviors, which are acceptable, based on corporate policy. If any rules for proper application behavior are violated, SecureHost stops the activity before any damage is done.

Riverhead Detector/Guard - Riverhead products spot and defeat the most complex DDoS attacks, retaining business continuity and protecting your most valued corporate assets.
Securify SecurVantage – This is an automated security system enabling customers to quickly produce business-driven security policies, monitor networks for compliance and produce relevant information.

NFR Sentivist IPS – This offers organisations with highly accurate attack prevention. It offers industry unique features like Confidence Indexing, customisation capabilities and minimal impact design.

ISS RealSecure Server Sensor – This offers automated, real-time intrusion protection and detection by analyzing events, hosting logs and inbound and outbound network activity on servers for preventing malicious activity from damaging critical assets.

Scanlogd – This is a TCP port scan detection tool, that was initially designed to show various attacks an IDS developer has to deal with. Different from other port scan detection tools, Scanlogd is quite safe to use.

Folder Lock – This is a fast file-security software which can lock, hide or encrypt a number of files, folders, pictures and documents within seconds. The files are kept safe with your choice of password.

GIANT Anti-Spyware – This searches for and destroys existing spyware on your computer and quickly alerts you as and when potential dangers arise, stopping many spyware even before it is installed.

Author : Shivam Kotwalia, CodeKill

13 Free eBooks On Unix And Linux Security!

We bring 13 interesting and helpful ebooks to help you upgrade your skills and knowledge. This time on Unix and Linux Security.

For a long time security was considered as the last thing in Linux and Unix. But with more and more security threats like hacking rising every day, Linux and Unix security is becoming the hottest thing in the IT job market. Here we bring to you 13 free ebooks to help you upgrade your Unix/Linux security skills.

1. Linux Administrator's Security Guide

Author: Kurt Seifried

The book was one of the very first on Linux security. From the table of content, the book covers:
Linux Physical and Console Security, Linux Administration, Linux Backup Guide, Linux File System and File Security, Linux User Authentication, Linux System and User Logging and much more.

2. The SELinux Notebook, 2nd Edition

Author(s) Richard Haines
Publisher: Richard Haines (2010)

This Notebook has been assembled from information that is available within the public domain and where necessary, updated to reflect the Linux Security Module (LSM) and Security-Enhanced Linux (SELinux) services as built into the Fedora 10 release of GNU/Linux. It explains:

SELinux and its purpose in life.
The LSM / SELinux architecture, its supporting services and how they are implemented within GNU/Linux.
The core SELinux policy language and how basic policy modules can be constructed for instructional purposes.
The core SELinux policy management tools with examples of usage.
The Reference Policy architecture, its supporting services and how it is implemented.

3. Network Security Tools: Writing, Hacking, and Modifying Security Tools

Author(s) Justin Clarke, Nitesh Dhanjani
Publisher: O'Reilly Media; 1 edition (April 11, 2005)

As the introduction of the book says, “If you're an advanced security professional, then you know that the battle to protect online privacy continues to rage on. Security chat rooms, especially, are resounding with calls for vendors to take more responsibility to release products that are more secure. In fact, with all the information and code that is passed on a daily basis, it's a fight that may never end. Fortunately, there are a number of open source security tools that give you a leg up in the battle.

Often a security tool does exactly what you want, right out of the box. More frequently, you need to customize the tool to fit the needs of your network structure. Network Security Tools shows experienced administrators how to modify, customize, and extend popular open source security tools such as Nikto, Ettercap, and Nessus.

This concise, high-end guide discusses the common customizations and extensions for these tools, then shows you how to write even more specialized attack and penetration reviews that are suited to your unique network environment. It also explains how tools like port scanners, packet injectors, network sniffers, and web assessment tools function.”

4. Practical UNIX and Internet Security, Second Edition

Author(s) Simson Garfinkel, Gene Spafford
Publisher: O'Reilly Media; Second Edition (April 1996); Third Edition edition (February 28, 2003)

As the introduction of the book says, “If you are a UNIX system administrator or user in this security conscious age, you need this book. It's a practical guide that spells out, in readable and entertaining language, the threats, the system vulnerabilities, and the countermeasures you can adopt to protect your UNIX system, network, and Internet connection. It's complete -- covering both host and network security -- and doesn't require that you be a programmer or a UNIX guru to use it.

Practical UNIX & Internet Security describes the issues, approaches, and methods for implementing security measures. It covers UNIX basics, the details of security, the ways that intruders can get into your system, and the ways you can detect them, clean up after them, and even prosecute them if they do get in. Filled with practical scripts, tricks, and warnings,Practical UNIX & Internet Security tells you everything you need to know to make your UNIX system as secure as it possible can be.”

5. Linux Security HOWTO

Author(s) K. Fenzi, D. Wreski

This read covers some of the main issues that affect Linux security. General philosophy and net-born resources are discussed.

A number of other HOWTO documents overlap with security issues, and those documents have been pointed to wherever appropriate.

This document is not meant to be a up-to-date exploits document. Large numbers of new exploits happen all the time. This document will tell you where to look for such up-to-date information, and will give some general methods to prevent such exploits from taking place.

6. Linux Security for Beginners

Author(s)Neil A. Smyth

As the name suggests this book explains the aspects of Linux security to the beginners. Will take you right from the basics explaining why do you need it, to firewalls, configuration and encryptions!

7. Getting Started with SELinux

Author(s) Faye Coker

This document was put together in response to people asking if an intro level HOWTO was available for getting started with SE Linux. It covers the more basic aspects of SE Linux such as terminology, installation and adding users in addition to a few other areas.

8. Building Internet Firewalls, 2nd Edition

Author(s) Elizabeth D. Zwicky, Simon Cooper and D. Brent Chapman
Publisher: O'Reilly Media; Second Edition edition (January 15, 2000)

Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:

- Firewall technologies: packet filtering, proxying, network address translation, virtual private networks
- Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls
- Issues involved in a variety of new Internet services and protocols through a firewall
- Email and News
- Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)
- File transfer and sharing services such as NFS, Samba
- Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000
- Real-time conferencing services such as ICQ and talk
- Naming and directory services (e.g., DNS, NetBT, the Windows Browser)
- Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);
- Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)
- Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)
- Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)

9. Linux Firewall Configuration: Packet Filtering and Netfilter/iptables

Author(s) O. Andreasson

The author found a big empty space in the HOWTO's out there lacking in information about the iptables and Netfilter functions in the new Linux 2.4.x kernels. Among other things, he has tried to answer questions that some might have about the new possibilities like state matching. Most of this will be illustrated with an example rc.firewall.txt file that you can use in your /etc/rc.d/ scripts. Yes, this file was originally based upon the masquerading HOWTO for those of you who recognize it.

10. Securing Debian Linux

Author(s) J.F. Peña

This document describes security in the Debian project and in the Debian operating system. Starting with the process of securing and hardening the default Debian GNU/Linux distribution installation, it also covers some of the common tasks to set up a secure network environment using Debian GNU/Linux, gives additional information on the security tools available and talks about how security is enforced in Debian by the security and audit team.

11. Linux Security Administrator's Guide

Author(s) Dave Wreski

This document is a general overview of security issues that face the administrator of Linux systems. It covers general security philosophy and a number of specific examples of how to better secure your Linux system from intruders. Also included are pointers to security related material and programs.

12. Secure Programming for Linux and Unix HOWTO

Author(s) David A. Wheeler

This book provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. Specific guidelines for C, C++, Java, Perl, PHP, Python, Tcl, and Ada95 are included.

13.Securing and Hardening Red Hat Linux Production Systems

Author(s) Werner Puschitz

This article is a practical step-by-step guide for securing Linux production systems. It discusses basic Linux Security requirements for systems that need to pass various audits in an enterprise environment. If you work on a corporate Linux Security Standard, or if you do Sarbanes-Oxley Act (SOX) or Statement on Auditing Standards No. 70 (SAS 70) related work, then this article should provide you a good baseline.  

Shivam Kotwalia, CodeKill