Zenmap - Official cross-platform Nmap Security Scanner GUI Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scan results can be compared with one another to see how they differ. Top Five Hacker Tools Every CISO Should Understand As the role of the CISO continues to evolve within organizations towards that of an executive level position, we see a growing emphasis on traditional business administration skills over the more technical skills that previously defined the top security leadership job. Nonetheless, CISOs need to keep abreast of the latest down-in-the-weeds tools and technologies that can benefit their organization’s security posture, as well as those tools that are widely available which could be misused by malicious actors to identify and exploit network security weaknesses. In light of that fact, we recently spoke to Nabil Ouchn (@toolswatch), the organizer of the Arsenal Tools exhibit and activities at the BlackHat Conferences in both the US and Europe since 2011, as well as being the founder of the portal ToolsWatch.org. (Part Two Here: Five More Hacker Tools Every CISO Should Understand) Armitage
Acunetix Web Vulnerability Scanner As many as 70% of websites have vulnerabilities that could lead to the theft of sensitive corporate data such as, credit card information and customer lists. Hackers concentrate their efforts on web-based applications – shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases and also allow hackers to perform illegal activities using the compromised site.
Nessus Vulnerability Scanner Detect & Assess Nessus is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits. Report & Take Action Top 10 Web hacking techniques of 2010 revealed Network World - A Web hack that can endanger online banking transactions is ranked the No. 1 new Web hacking technique for 2010 in a top 10 list selected by a panel of experts and open voting. Called the Padding Oracle Crypto Attack, the hack takes advantage of how Microsoft's Web framework ASP.NET protects AES encryption cookies. FROM THE SECURITY WORLD: Quirky moments at Black Hat DC 2011
PuTTY Download Page Home | Licence | FAQ | Docs | Download | Keys | Links Mirrors | Updates | Feedback | Changes | Wishlist | Team PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham. The latest version is beta 0.67. LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. HyperTerminal Alternatives for Windows 7 If you’ve recently upgraded to Windows 7 and are wondering what happened to HyperTerminal, you’re not alone! HyperTerminal was a sweet little program that let you connect to other computers, Telnet sites, host computers, BBSs, etc using your modem or Ethernet connection. In Windows 7 and Vista, you will no longer find the HyperTer minal program.
How the NSA's Firmware Hacking Works and Why It's So Unsettling One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. ssh(1): OpenSSH SSH client Name ssh - OpenSSH SSH client (remote login program) Synopsis ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] [ -D[ bind_address:]port] [-e escape_char] [-F configfile][-i identity_file] [ -L [ bind_address:]port:host:hostport][-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [ -R [ bind_address:]port:host:hostport] [-S ctl_path] [-W host:port][ -w local_tun[:remote_tun]] [ user@]hostname [command] Description