Tools
Get flash to fully experience Pearltrees
BackTrack 5 Wireless Penetration Testing Beginner's Guide
Posted on 15 September 2011. Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of wireless networking tools used to simulate network attacks and detect security loopholes. Backtrack 5 Wireless Penetration Testing Beginner’s Guide will teach you various wireless testing methodologies taught using live examples, which you will implement throughout this book.
Microsoft publishes a range of free security-related software. One of the best-known is Security Essentials, the excellent antivirus/antimalware product which was recently updated to version 2.0. Many of the other products in the collection are aimed primarily at large business customers, and are not of general interest to anyone else. But of the handful of exceptions, MBSA has always stood out for me. MBSA is the Microsoft Baseline Security Analyzer.
A Handy Guide To Microsoft's Free Security Tools
Free Tools | McAfee Downloads
GetSusp McAfee GetSusp is intended for users who suspect undetected malware on their computer. Mac Stinger Mac Stinger is a standalone utility used to detect and remove specific viruses on Mac OS X. Currently Mac Stinger can detect and remove OSX/Flashfake variants. RootkitRemover
Google has released an experimental extension for its Chrome browser that developers can use to scan their Web applications and flag code that could make them vulnerable to malware attacks. The free tool, called DOM Snitch , is designed to sniff out potential security holes in Web applications' client-side code that could be exploited by attacks such as client-side scripting, Google said on Tuesday . "To do this, we have adopted several approaches to intercepting JavaScript calls to key and potentially dangerous browser infrastructure such as document.write or HTMLElement.innerHTML," Google official Radoslav Vasilev wrote in a blog post. In addition to developers, DOM Snitch is also aimed at code testers and security researchers, the company said.
Google Builds Developer Tool to Flag Web App Vulnerabilities
Safety Scanner - Antivirus | Remove Spyware, Malware, Viruses Free
Do you think your PC has a virus? The Microsoft Safety Scanner is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software. Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.Sometimes a person needs to hide an important file somewhere in order to protect it from unauthorized access. Making it only hidden is not the best way to hide an important file since it can be accessed by using powerful 3rd party search tools. Why not hide the file inside a calculator?
How To Hide A File Inside Calculator [Security]
Running Snort Under Windows
Loras R. Even Updated by Jim McMillan November 2009 Snort is an open source intrusion detection/prevention system created by Martin "Marty" Roesch, founder of Sourcefire. It is capable of performing real-time traffic analysis and logging. It is the most widely used IDS/IPS system.Scapy
Security Power Tools was out in August 2007. I wrote a complete chapter on Scapy Scapy trainings at CanSecWest, EuSecWest, PacSec. NEXT SESSION: CanSecWest march 7th and 8th, 2011 I can give trainings on many subjects ( Scapy , networks, shellcoding, exploit writing, etc.). Contact me directly: phil @ secdev . org
Since the beginning of the media frenzy over CarrierIQ, I have repeatedly stated that based on my knowledge of the software, claims that keystrokes, SMS bodies, email bodies, and other data of this nature are being collected are erroneous. I have also stated that to satisfy users, it’s important that there be increased visibility into what data is actually being collected on these devices. This post represents my findings on how CarrierIQ works, and what data it is capable of collecting. There has been a lot of misinformation about which parties are responsible for which aspects of data collection.
Security Research by Dan Rosenberg
Occasionally an appliction cannot be removed by using “Add/Remove Programs” under the control panel and you have to delete it manually. However, sometimes the entry for the appliction still remains in the installed programs list even though the program is no longer on your computer. This is where Add Remove Programs Cleaner comes in. Add / Remove Programs Cleaner is a standalone freeware application designed to help you clean up remaining/unused entries in “Add / Remove Programs” under control panel. Screenshots:
Repair Tool of the Week: Add Remove Programs Cleaner | Technibble
Nikto2 | CIRT.net
Download: Version 2.1.5 bz2 or gz Nikto is an Open Source ( GPL ) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.Burp Suite
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.psad: Intrusion Detection and Log Analysis with iptables psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic. A typical deployment is to run psad on the iptables firewall where it has the fastest access to log data. psad incorporates many signatures from the Snort intrusion detection system to detect probes for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (FIN, NULL, XMAS) which are easily leveraged against a machine via nmap. When combined with fwsnort and the Netfilter string match extension, psad is capable of detecting many attacks described in the Snort rule set that involve application layer data.
psad - Intrusion Detection with iptables, iptables Log Analysis, iptables Policy Analysis
On Thursday we asked you to share your favorite tool for purging malware from your computer. We've tallied the votes and we're back with the top five contenders for best malware removal tool. Photo by Anonymous9000 .