IT Vulnerability & ToolsWatch
Nabil OUCHN & Maximiliano SOLER
The present document describes the Best Tools and Utilities from 2011. Divided into categories, carefully separated, based on the VulnerabilityDatabase.com Scoring Criteria.
228 Hamilton Avenue 3rd Floor Palo Alto, CA 94301 contact (at) netpeas (dot) com Automn e 08
Introduction
The world is changing, the security information too. For years we see that the protests are made by people - face to face - using violence and the media to disseminate what happens at that time.
LulzSec and others organized groups like Anonymous have threatened huge companies, defending what they believed right. Changing the way of manifestation from political to social issues.
Great personalities related to the technology and information security world have passed away. These include publicly the following people: Steven Paul Jobs, Dennis Ritchie, John S McCarthy and Paul ‘CrashFR’ Pinto. Talent people that created and innovated. Leading theories and tools that we know today e and are used as the basis of creation. c From VulnerabilityDatabase.com we create this inform developed through ToolsWatch u vision with the best tools and applications that we have focused during 2011. r i t Nabil OUCHN Maximiliano SOLER y CTO & Co-Founder NETpeas SA. ToolsWatcher Leader Twitter: @toolswatch Twitter: @maxisoler &
- Page 2 of 14 - A u What is VulnerabilityDatabase.com?
VD is the first Collaborative Vulnerability & Tools Watch Service. It provides updates on Threats & Security Tools.
The main features are the following:
. Huge Database of Tools.
. Latest Security News.
. Community Feature enabled.
. Ask a Hacker Forum.
. Free Registration.
- Page 3 of 14 - Content
Scoring Criteria ...... 5
Open Source & Free Utilities ...... 6
Penetration Testing and Ethical Hacking ...... 6
Security Assessment ...... 6
Commercial Software ...... 7
Links and References ...... 8
2011 Security News in Brief ...... 12
What Happened ...... 12
Cool Papers ...... 12
The Great Loss ...... 13
Top Hacks ...... 13
Conferences ...... 14
The worst and stupid Internet Strategy ...... 14
- Page 4 of 14 - Scoring Criteria
We have conducted this new survey on the basis on some criteria (as we did two years before).
Since the last survey (2009), we decided to add these new criteria:
Community Support. Documentation. Popularity (Twitter followers).
Criteria Comment
Audience Each tool has its target audience.
Built-in, plug-in, functionalities, capabilities, use of APIs, Features interoperability with other systems.
Frequency of updates: adding new features, new plug-in, Updates updating vulnerability database, updating techniques.
Frequency of bugs fixing, generating new releases, nightly Maintenance builds, beta testing.
Tool has a community version with support and the Community Support appropriate documentation.
All documentation are easy to read and to understand and Documentation at least written in English. Wiki, blogs and other collaborative support are a must.
Support of charts, dashboard, exporting to multiple formats Reporting (HTML, XML, PDF).
The ability of the tool to map findings with Compliance, standards and open standards or to score vulnerability / Standards, Metrics & risks with metrics. Open Standards Standard and metrics could be : CVE, CVSS, CWE, CPE, CCE, OVAL, SCAP, CAPEC, ISO 2700x, NIST, PCI DSS.
The popularity of the tool among the community.
Twitter followers Popularity Average of visits and download based on our statistics for the year 2009.
- Page 5 of 14 - Open Source & Free Utilities Penetration Testing and Ethical Hacking
Recommended Winner Excellent (Promising)
Ex æquo : Ex æquo : Foca Information Gathering Maltego theHarvester Google Hacking WhatWeb Diggity Project
Network Scanners & Ex æquo : OWASP Zed Nmap Discovery AutoScan Attack Proxy
Ex æquo : Vulnerability Scanners Nessus OpenVAS VEGA NeXpose
Application Scanners w3af Arachni Nikto
Metasploit Exploitation Frameworks DB Exploit Website SAP Bizploit Armitage
Wireless Hacking Kismet AirCrack suite AirCheck
Live CDS BackTrack 5 Matriux BackBox
Security Assessment
Recommended Winner Excellent (Promising)
Microsoft Web Application Windows Auditing OVAL Interpreter Sysinternals Tools Configuration Analyzer
Lynis Unix Auditing OpenSCAP
Security Onion Network Monitoring SAMHAIN PacketFence LiveDVD
- Page 6 of 14 - Suricata
BurpSuite WhatWeb Application Assessment WebSecurify W3AF WebSecurify
Wireless Auditing Kismet inSSIder Wifite
DFF (Digital Mobius Forensic Forensics NetworkMiner Forensics Toolkit Framework)
Datamining / Logs Dradis Graylog2 Log2timeline Management
IT Management SpiceWorks OpenDLP Splunk
PHP Vulnerability Code Analysis Agnitio Graudit Hunter
Ex æquo :
Password Analysis Cain & Abel John the Ripper Patator
THC-Hydra
Havij Pangolin Database Auditing The Mole SQL Map
VoIP / Telephony Auditing UCSniff Viper VAST Mausezahn
Commercial Software
Recommended Winner Excellent (Promising)
Ex æquo :
Tenable Nessus Ex æquo : COREvidence™ Vulnerability Management ProFeed WebSaint / Marketplace NeXpose Entreprise
Ex æquo : Application Security COREvidence™ Acunetix / SandCat Pro Assessment Marketplace Netsparker
- Page 7 of 14 - Ex æquo :
Patch Management GFI Languard NSS / Lumension EndPoint
Shavlik Technologies
Ex æquo : Penetration Testing and CoreImpact / SaintExploit Immunity CANVAS Exploitation Metasploit Pro
Links and References
URL
Maltego http://www.paterva.com/web5/client/download.php
Foca http://www.informatica64.com/foca.aspx
Google Hacking Diggity http://www.stachliu.com/resources/tools Project
theHarvester https://code.google.com/p/theharvester
WhatWeb http://www.morningstarsecurity.com/research/whatweb
Nmap http://nmap.org
AutoScan http://autoscan-network.com
OWASP Zed Attack Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Nessus http://www.nessus.org
NeXpose http://community.rapid7.com
OpenVAS http://www.openvas.org
VEGA http://subgraph.com/products.html
WA3F http://w3af.sourceforge.net
- Page 8 of 14 - Arachni http://arachni.segfault.gr
Nikto http://cirt.net/nikto2
Metasploit http://www.metasploit.org
Exploit DB http://www.exploit-db.com
SAP Bizploit http://www.onapsis.com/research-free-solutions.php
Kismet http://www.kismetwireless.net
AirCrack-NG Suite http://www.aircrack-ng.org
AiroScript-NG http://airoscript.aircrack-ng.org
Backtrack 5 http://www.backtrack-linux.org
Matriux http://www.matriux.com
BackBox http://www.backbox.org
Oval Interpreter http://oval.mitre.org
Microsoft Web Application http://www.microsoft.com/download/en/details.aspx?id=573 Configuration Analyzer
Nessus Local Plug-ins http://www.nessus.org/plugins/index.php?view=all
Sysinternals Tools http://technet.microsoft.com/sysinternals Lynis http://www.rootkit.nl
OpenSCAP http://www.open-scap.org
SAMHAIN http://www.la-samhna.de/samhain
Suricata http://www.openinfosecfoundation.org
PacketFence http://www.packetfence.org
Security Onion LiveDVD http://securityonion.blogspot.com
BurpSuite http://portswigger.net
Websecurify http://www.websecurify.com
Inssider http://www.metageek.net/products/inssider
Wifite https://code.google.com/p/wifite
DEFT http://www.deftlinux.net
Mobius Forensics Toolkit http://freshmeat.net/projects/mobiusft
- Page 9 of 14 - DFF (Digital Forensics http://www.digital-forensic.org Framework)
Dradis http://dradisframework.org
Graylog2 http://graylog2.org
Log2timeline http://log2timeline.net/files
Spiceworks Community http://www.spiceworks.com
OpenDLP https://code.google.com/p/opendlp
Splunk http://www.splunk.com
Paglo IT http://paglo.com
Graudit http://www.justanotherhacker.com
Agnitio http://www.securityninja.co.uk
PHP Vulnerability Hunter https://code.google.com/p/php-vulnerability-hunter
Cain & Abel http://www.oxid.it
OphCrack http://ophcrack.sourceforge.net
John the Ripper http://www.openwall.com/john
Patator https://code.google.com/p/patator
Havij http://itsecteam.com/en
Pangolin http://www.nosec.org
SQL Map http://sqlmap.sourceforge.net
The Mole http://themole.sourceforge.net
UCSniff http://ucsniff.sourceforge.net
Viper VAST http://vipervast.sourceforge.net
Mausezahn http://www.perihel.at/sec/mz
- Page 10 of 14 -
- Page 11 of 14 - 2011 Security News in Brief
What Happened
Editor
EMC Acquires NetWitness http://www.vulnerabilitydatabase.com/2011/04/emc-acquires- Corporation netwitness-corporation/
http://www.vulnerabilitydatabase.com/2011/03/mcafee-acquires- McAfee Acquires Sentrigo sentrigo-to-enhance-database-security-portfolio/
http://www.vulnerabilitydatabase.com/2011/03/google-acquires- Google Acquires Zynamics zynamics/
SalesForge Acquired http://www.vulnerabilitydatabase.com/2011/01/dimdim-has-been- Dimdim acquired-by-salesforce-com/
http://www.vulnerabilitydatabase.com/2010/12/citrix-acquired- Citrix Acquired NetViewer netviewer/
Hackers break SSL http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/ encryption
GnackTrack project retired https://www.phillips321.co.uk/gnacktrack/
Ettercap New Version (Back http://www.vulnerabilitydatabase.com/2011/12/ettercap-v0-7-4- from 5 years) lazarus-back-from-5-years/
http://www.vulnerabilitydatabase.com/2011/11/owasp-academy- OWASP Academy Portal portal/
Cool Papers
. Results of a Security Assessment of the IPv6
. 2011 CWE/SANS Top 25 Most Dangerous Software Errors v1.0
. Whitepaper on SCADA Security Vulnerabilities
. Common Weakness Risk Analysis Framework (CWRAF)
- Page 12 of 14 - . CybOX v0.6.2 – Cyber Observable eXpression (MITRE)
. Browser Security Comparison: A Quantitative Approach
. Onapsis SAP Security In-Depth
The Great Loss
Steven Paul Jobs (February 24, 1955 – October 5, 2011)
He was co-founder, chairman, and chief executive officer of Apple Inc.
Dennis Ritchie (September 9, 1941 - October 12, 2011)
He created the C programming language and, with long-time colleague Ken Thompson, the Unix operating system.
John McCarthy (September 4, 1927 – October 24, 2011)
The father of "artificial intelligence" (AI), invented the Lisp programming language and was highly influential in the early development of AI.
Paolo Pinto (CrashFR)
Founder of HZV & Sysdreams.
Top Hacks
Sony investigating another hack
Dropbox Lied to Users About Data Security, Complaint to FTC Alleges
OpenSSH 3.5p1 Remote Root Exploit for FreeBSD
Fraudulent Digital Certificates Could Allow Spoofing
Kernel.org Linux repository rooted in hack attack
Attack Code for SCADA Vulnerabilities Released Online
Researchers Uncover The Email That Led To The RSA Hack
- Page 13 of 14 -
Conferences
BlackHat USA 2011
NETpeas SA and ToolsWatch have been present sponsoring Black Hat USA 2011 and organizing the Black Hat Arsenal Tools. This is an area for independent researchers and the open source community that will allow you to showcase their work.
The worst and stupid Internet Strategy
Stop Online Piracy Act (SOPA)
PROTECT IP Act (PIPA)
Anti-Counterfeiting Trade Agreement (ACTA)
www.vulnerabilitydatabase.com Contact Us
228 Hamilton Avenue 3rd Floor Palo Alto, CA 94301 contact (at) netpeas (dot) com Phone: +1 650 798-5109 Fax : +1 650 798-5001
- Page 14 of 14 -