background preloader

NetworkMiner - The NSM and Network Forensics Analysis Tool

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. NetworkMiner makes it easy to perform advanced Network Traffic Analysis (NTA) by providing extracted artifacts in an intuitive user interface. The way data is presented not only makes the analysis simpler, it also saves valuable time for the analyst or forensic investigator. NetworkMiner has, since the first release in 2007, become a popular tool among incident response teams as well as law enforcement. NetworkMiner showing files extracted from sniffed network traffic to disk NetworkMiner showing thumbnails for images extracted to disk Related:  Tools

SecTools.Org Top Network Security Tools Port Search - Find Ports by Name, Number or Trojan Often, a firewall allows programs to communicate unrestricted over the internet; if that program was targeted by a virus or missed by your antivirus, it may now be reporting your personal information to a malicious websites or simply waiting for remote commands. Simply enter your port number above to find detailed information. Want to browse our port database rather than use our easy search tool? Here is a listing of computer ports below with each linking to individual pages about what programs may have that port open. Ports Page · Ports Page 2 · Ports Page 3 · Ports Page 4 · Ports Page 5 · Ports Page 6 · Ports Page 7

PsExec Introduction Utilities like Telnet and remote control programs like Symantec's PC Anywhere let you execute programs on remote systems, but they can be a pain to set up and require that you install client software on the remote systems that you wish to access. PsExec is a light-weight telnet-replacement that lets you execute processes on other systems, complete with full interactivity for console applications, without having to manually install client software. PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems. Note: some anti-virus scanners report that one or more of the tools are infected with a "remote admin" virus. Installation Just copy PsExec onto your executable path. Using PsExec See the July 2004 issue of Windows IT Pro Magazine for Mark's article that covers advanced usage of PsExec. psexec \\marklap"c:\long name app.exe"

IP Address Tracker: IP Address Tracer - Trace Country, City, Map IP Address Locator IP finder and IP Address Tracker aids you in tracking the real IP address of the system you are currently working on. The address is given in the corresponding format along with the logical name of the system. The conversion of IP address to the respective name is done using Domain Naming Systems. There are many IP address locator and IP address tracker on the Internet of which only the reliable ones are to be trusted. As mentioned earlier, IP addresses are unique. The extended version of IP address tracker has come up under the name IP to city. On the other hand several malpractices has occurred by locating the IP address through improper channels. IP Address Tracker to track IP location Our Web based IP Address Tracker tool is very effective to trace and track fast and exactly location of any IP address.

Nessus Vulnerability Scanner | Tenable Network Security With Advanced Support for Nessus Professional, your teams will have access to phone, Community, and chat support 24 hours a day, 365 days a year. This advanced level of technical support helps to ensure faster response times and resolution to your questions and issues. Advanced Support Plan Features Phone Support Phone support 24 hours a day, 365 days a year, available for up to ten (10) named support contacts. Chat Support Chat support available to names support contacts, accessible via the Tenable Community is available 24 hours a day, 365 days a year. Tenable Community Support Portal All named support contacts can open support cases within the Tenable Community. SLAs P1-Critical: < 2 hr P2-High: < 4 hr P3-Medium: < 12 hr P4-Informational: < 24 hr Support Contacts Support contacts must be reasonably proficient in the use of information technology, the software they have purchased from Tenable, and familiar with the customer resources that are monitored by means of the software.

Troubleshooting Microsoft Windows Event Logs Penetration Testing Software | Metasploit s | Password Haystacks: How Well Hidden is Your Needle? ... and how well hidden is YOUR needle? Every password you use can be thought of as a needle hiding in a haystack. After all searches of common passwords and dictionaries have failed, an attacker must resort to a “brute force” search – ultimately trying every possible combination of letters, numbers and then symbols until the combination you chose, is discovered. If every possible password is tried, sooner or later yours will be found. The question is: Will that be too soon . . . or enough later? This interactive brute force search space calculator allows you to experiment with password length and composition to develop an accurate and quantified sense for the safety of using passwords that can only be found through exhaustive search. <! (The Haystack Calculator has been viewed 8,151,017 times since its publication.) IMPORTANT!!! It is NOT a “Password Strength Meter.” Since it could be easily confused for one, it is very important for you to understand what it is, and what it isn't: Okay.

Open Port Check Tool Clearinghouse for Incident Handling Tools Disclaimer Inclusion of a particular piece of software does not imply any form of recommendation from ENISA, TERENA or the contributors. This is up to you to decide whether a particular program is suitable for your purposes. Also note that an unauthorised use of some of these tools may constitute a criminal offence. Please read our warning before proceeding. Please take note that adding and removing of entries in the clearinghouse is done based on decisions made within the Task Force, and only tools that actively are being used and suggested by member teams are included! Clearinghouse Organisation The first group of tools relates directly to the investigation of incidents. Gathering evidence from the scene of an incident Investigating evidence of an incident Supportive tools for handling evidences Recovering the system after an incident The second group constitutes tools to support daily operations of CSIRT. Implementing CSIRT operational procedures Providing secure Remote access

Nmap - Free Security Scanner For Network Exploration & Security Audits. FreeSWITCH | Communication Consolidation

Related: