Probably the Best Free Security List in the World. Security List Index Select a Security Category: All Items Keys Discontinued or not updated recently (for at least three years). Item links to a Gizmo's Freeware 'Best Free' page. Item or this icon links to a Gizmo's Freeware page. Web application. Browsers: FF = Firefox; Ch = Chrome; IE = Internet Explorer; OB = Other browsers; AB = All browsers. About This list (earlier "Probably the Best Free Security List in the World") contains thousands of links to free security-related Windows desktop applications and web applications, with the goal of listing everything available that's not malicious or of low usefulness. Use the Windows desktop applications or web applications on this list at your discretion. We periodically check all links on this list with Web of Trust. Use the comments section below, or this (or this) forum thread, to let us know about issues, or suggestions for items that could be added to the list. Related Links Editor This list is maintained by volunteer editor ako (Antti Koponen)
SecLists.Org Security Mailing List Archive Black Hat USA 2014 - Arsenal Returning bigger than ever for 2014, Black Hat is pleased to once again present Arsenal--a Tool/Demo area where independent researchers and the open source community will showcase some awesome weapons. See below for the full list and descriptions of each of these tools. Hours and Location: August 6, 2014 | 10:00 - 18:00 | Breakers JK August 7, 2014 | 10:00 - 18:00 | Breakers JK Android Device Testing Framework The Android Device Testing Framework ("dtf") is a data collection and analysis framework to help individuals answer the question: "Where are the vulnerabilities on this mobile device?" Automated Memory Analysis Automated Memory Analysis is a set of new innovative Cuckoo Sandbox plugins that adds new dynamic and memory analysis abilities such as: Demonstrations will cover how the plugins can help security researchers analyze advanced malware. Malware samples such as Snake (Uroburos), Stuxnet, and friends that evaded analysis will be dissected live to demonstrate the toolkit abilities.
8 Good Password Cracking Tools For You. 1.RainbowCrack RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. It crack hashes with rainbow tables. RainbowCrack uses time-memory tradeoff algorithm to crack hashes. 2.NTAccess NTAccess can replace the administrator password of a Windows NT, Windows 2000, Windows XP, Windows Server 2003 or Windows Vista 32-Bit system by rebooting the computer with a special set of boot disks. 3.NetBIOS Auditing Tool The intention of this package is to perform various security checks on remote servers running NetBIOS file sharing services. 4.Proactive System Password Recovery Proactive System Password Recovery (PSPR; formerly known as Advanced Windows Password Recovery) is a program to recover most types of Windows passwords. 5.Proactive Password Auditor Proactive Password Auditor helps network administrators to examine the security of their networks by executing an audit of account passwords. 6.Password Safe 7.Pandora 8.ophcrack
Black Hat: Top 20 hack-attack tools Network World - Turn someone else’s phone into an audio/video bug. Check. Use Dropbox as a backdoor into corporate networks. Check. Suck information out of pacemakers. Check. The Black Hat conference convening in Las Vegas next week offers hacker tools for all of those plus more. [LOOKING BACK: 10 scariest hacks from Black Hat and Defcon QUIZ: Black Hat's most notorious incidents MUST SEE: 10 more of the world’s coolest data centers] Intended to provide good-guy researchers with tools to test the security of networks and devices, the free tools distributed at the conference can also be used by the bad guys to break into networks, steal data and thwart defenses designed to expose malware halt attacks. Over the course of two days white-hat hackers from consultancies, universities and vendors will present more than 100 briefings on vulnerabilities and exploits they have discovered, and in many cases releasing tools that would be useful to hackers.
Hardware-based security more effective against new threats With software security tools and network vulnerabilities constantly being targeted by hackers, securing hardware components will grow in importance given it is more secure and cybercriminals will find it difficult to alter the physical layer for their purposes. Patrick Moorhead, president and principal analyst of Moor Insight and Strategy, said hardware-based security is more secure than software tools such as antivirus since it cannot be altered. Hardware-based security refers to safeguarding the computer using components such as processors. An RSA spokesperson added the physical layer eliminates the possibility of malware, such as virtual rootkits, from infiltrating the operating system and penetrating the virtualization layer. In 2010, RSA, together with VMWare and Intel, introduced a proof-of-concept framework to integrate security into the entire hardware stack. One example is ARM's joint venture with Gemalto and Giesecke & Devrient to set up Trustonic in December 2012.
Dispositivos Android como herramientas para test de penetración. Via @DragonJAR Conozco personas que prefieren no salir, a salir sin su teléfono móvil, lo cierto es que cada vez son mas los conocidos que toman ese tipo de decisiones y no se si es por el entorno en que me muevo y lo “geeks” de mis conocidos o realmente es un indicador de lo dependientes que nos hemos vuelto de estos dispositivos. La verdad es que se han convertido en parte importante de nuestra vida cotidiana, desde ellos hacemos todo tipo de actividades, recreativas, académicas y cada vez mas… laborales. Era de esperarse que empezaran proliferar las herramientas que nos permitieran trabajar desde equipos móviles, la capacidad de computo en ellos ha aumentado rápidamente los últimos años, superando incluso algunas configuraciones de equipos portátiles, son pequeños, fáciles de transportar y siempre los tenemos a la mano para reaccionar frente a cualquier incidente rápidamente. Android Network Toolkit – zAnti Pagina Oficial – Enlace del APK dSploit – Android Network Penetration Suite Connect Cat Nessus
The Web's #1 Hacking Tools Directory - with tutorial videos! Hacking Tools Directory with Video Tutorials By Henry Dalziel | Information Security Blogger | Concise Courses We are big fans of blogging about Hacker Tools – for one major reason: if you are serious about working in cyber security you need to be able to use these tools like a boss. So! We have broken down our directory into the following hacking tools categories: (We feel that the below categories should encompass all the different fields within cyber security but as ever, if you feel that we have missed one out please let us know by dropping a comment below.) Let us know what you think about our Directory – we would love to hear your feedback. What we have tried to do to differentiate ourselves from the other Hacking Tools Sites out there, some of which are doing a great job, is that we have placed tutorial videos where possible to accompany the details about the tools. Drop a comment below to suggest a tool that we might be missing but you can also do that on the directory itself.
OWASP Testing Guide v4.0. Guia de seguridad en aplicaciones Web. La fundación Open Web Application Security Project lidera desde 2001 un proyecto libre sin ánimo de lucro orientado a promover la seguridad del software en general y de aplicaciones web en particular, manteniendo para ello varios proyectos e iniciativas. Bajo licencia Creative Commons, genera y distribuye libremente material de alta calidad desarrollado por decenas de profesionales relacionados con el desarrollo y seguridad del software, entre ellos guías, plataformas educativas y herramientas de auditoría, etc. Situadas entre las publicaciones más valoradas en relación al sector de auditorías de seguridad, las guías publicadas por la fundación OWASP se han convertido en un referente en el mundo de la seguridad del desarrollo y evaluación de aplicaciones. En 2008 se editó la versión 3 de la guía, con su traducción al castellano en 2009 en la que participó activamente INTECO. Guía de pruebas OWASP versión 4. • Gestión de Identidades • Control de errores • Criptografía 1. 2. 3. 4. 5. 6. 7.
SIFT Kit/Workstation: Investigative Forensic Toolkit Download SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3.0 Download SIFT Workstation VMware Appliance Now - 1.5 GB Having trouble downloading? If you are having trouble downloading the SIFT Kit please contact firstname.lastname@example.org and include the URL you were given, your IP address, browser type, and if you are using a proxy of any kind. Having trouble with SIFT 3? If you are experiencing errors in SIFT 3 itself, please submit errors, bugs, and recommended updates here: How To: Download Ubuntu 14.04 ISO file and install Ubuntu 14.04 on any system. -> Once installed, open a terminal and run "wget --quiet -O - | sudo bash -s -- -i -s -y" Congrats -- you now have a SIFT workstation!! SIFT Workstation 3.0 Overview "The SIFT Workstation has quickly become my "go to" tool when conducting an exam. Key new features of SIFT 3.0 include: Installation
Top Network Security Tools Infosec Tricks & Treats. Happy Halloween! This time around, we thought we’d offer up a couple of infosec tricks and treats for your browsing pleasure. Around MSI, we LOVE Halloween! Here are a couple of tricks for you for this Halloween: Columbia University gives you some good tricks on how to do common security tasks here. University of Colorado gives you some password tricks here. and The Moneypit even provides some tricks on cheap home security here. And now for the TREATS!!!!! Here are some of our favorite free tools from around the web: Wireshark - the best network sniffer around Find your web application vulnerabilities with the FREE OWASP ZED Attack Proxy Crack some Windows passwords to make sure people aren’t being silly on Halloween with Ophcrack Actually fix some web issues for free with mod_security Grab our DREAD calculator and figure out how bad it really is.. Put those tricks and treats in your bag and smile. Thanks for reading and have a fun, safe and happy Halloween!
21 Popular Computer Forensics Tools Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime. For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team. These computer forensics tools can also be classified into various categories: Disk and data capture toolsFile viewersFile analysis toolsRegistry analysis toolsInternet analysis toolsEmail analysis toolsMobile devices analysis toolsMac OS analysis toolsNetwork forensics toolsDatabase forensics tools 1. Download: 2. 4. 5. 6. 7. 8. 9. 10. 11.
Insecure.Org - Tools & Hacking resources