Vulnerability Assessment Tools:
Vulnerability scanners automate security auditing and can play a vital part in your IT security by scanning your network and websites for different security risks. It is also possible for some to even automate the patching process.
This is an open source tool serving as a central service that provides vulnerability assessment tools for both vulnerability scanning and vulnerability management.
OpenVAS supports different operating systems
The scan engine of OpenVAS is constantly updated with the Network Vulnerability Tests
OpenVAS scanner is a complete vulnerability assessment tool identifying issues related to security in the servers and other devices of the network
OpenVAS services are free of cost and are usually licensed under GNU General Public License (GPL)
Nikto is a greatly admired and open source web scanner employed for assessing the probable issues and vulnerabilities.
It is also used for verifying whether the server versions are outdated, and also checks for any particular problem that affects the functioning of the server
Nikto is used to perform a variety of tests on web servers in order to scan different items like a few hazardous files or programs
It is not considered as a quiet tool and is used to test a web server in the least possible time
It is used for scanning different protocols like HTTPS, HTTPd, HTTP etc. This tool allows scanning multiple ports of a specific server
3. Tripwire IP360
Developed by Tripwire Inc, Tripwire IP360 is considered to be a leading vulnerability assessment solution that is employed by different agencies and enterprises in order to manage their security risks.
It uses a wide-ranging view of networks to spot all the vulnerabilities, configurations, applications, network hosts etc.
It uses the open standards to help in the integration of risk management and vulnerability into multiple processes of the business
Wireshark is an extensively used network protocol analyzer considered to be the most powerful tool in the security practitioners toolkit.
Wireshark is used across different streams like government agencies, enterprises, educational institutions etc.. to look into the networks at a microscopic level
It captures the issues online and executes the analysis offline
It runs on different platforms like Linux, masOS, Windows, Solaris etc.
5. Retina CS Community
Retina CS is an open source and web-based console that has helped the vulnerability management to be both simplified and centralized.
With its feasible features like compliance reporting, patching and configuration compliance, Retina CS provides an assessment of cross-platform vulnerability
Retina CS help save the time, cost and effort for managing the network security
It is included with automated vulnerability assessment for DBs, web applications, workstations, and servers
Being an open source application, Retina CS presents complete support for virtual environments like vCenter integration, virtual app scanning etc.
6. Microsoft Baseline Security Analyzer (MBSA)
MBSA is a free Microsoft tool ideal for securing a Windows computer based on the specifications or guidelines set by Microsoft.
MBSA allows enhancing their security process by examining a group of computers for any misconfiguration, missing updates, and any security patches etc.
It can only scan for security updates, service packs and update rollups putting aside the Critical and Optional updates
It is used by medium-sized and small-sized organizations for managing the security of their networks
After scanning a system, MBSA will present a few solutions or suggestions related to fixing of the vulnerabilities
7. AT&T Cybersecurity Vulnerability Scanning
The AT&T Cybersecurity Vulnerability Scanning Solution can be delivered either as a managed service or run from within IT. It helps detect security vulnerabilities in systems, web applications and network devices. It is probably best as a managed service for IT departments lacking cybersecurity expertise.
Nessus is a widely used vulnerability assessment tool. It is probably best for experienced security teams, as its interface can be a little tricky to master at first. It can be used in conjunction with pen testing tools, providing them with areas to target and potential weaknesses to exploit.
Skybox offers scanless assessment, threat prioritization and smart remediation based on risk. By tying threat intelligence into vulnerability control, and merging results from third-party scanners, it is effective at finding blind spots. User reviews are generally very good. It is probably better for mid-sized to large organizations than SMBs.
10. Alibaba Cloud Managed Security Service
Alibaba offers a managed service for port inspection, scans for web and system vulnerability, and a vulnerability review to eliminate false positives. It is focused on the cloud and is probably best for non-U.S. businesses in light of ongoing trade hostilities between the U.S.A. and China.
Metasploit covers the scanning and testing of vulnerabilities. Backed by a huge open-source database of known exploits, it also provides IT with an analysis of pen testing results so remediation steps can be done efficiently. However, it doesn’t scale up to enterprise level and some new users say it is difficult to use at first.
Netsparker is very good at what it does – the scanning of websites. But it is not designed to do anything else and so lacks the range of many other products. One plus is ease of use. Its automated web application security scanning capabilities can also be integrated with third party tools. Operators don’t need to be knowledgeable in source code. Very good for SMBs rather than large enterprises.
13. Amazon inspector
If you are an AWS shop, then Amazon Inspector is the automated security assessment service for you. It scans all applications deployed on AWS and can be extended to Amazon EC2 instances, too. But it can’t scan Azure, Google Cloud or on-premises data centers and server rooms. Thus, it s only recommended for those enterprises and SMBs running mainly on the Amazon cloud.
Burp is a web vulnerability scanner used in a great many organizations. Although there is a free version available, it is limited in functionality, with no automation capabilities. Those wishing for the complete package for enterprise wide scalability and automation should be prepared to pay well. Security professional only needing a good automated vulnerability scanner for testing of code can make do with the Professional version, which is cheaper.
15. Acunetix Vulnerability Scanner
Acunetix is another tool that only scans web-based applications. But its multi-threaded scanner can crawl across hundreds of thousands of pages rapidly and it also identifies common web server configuration issues. It is particularly good at scanning WordPress. Therefore, those with a heavy WordPress deployment should consider it.
Intruder is a cloud-based vulnerability scanner that concentrates on perimeter scanning. Any deeper in the enterprise and it needs to be supplemented by other tools. But it is strong at discovering new vulnerabilities. Therefore, it’s a good choice for those looking to harden the perimeter.
Nmap is a port scanner that also aids pen testing by flagging the best areas to target in an attack. That is useful for ethical hackers in determining network weaknesses. As it’s open source, it’s free. That makes it handy for those familiar with the open source world, but it may be a challenge for someone new to such applications. Although it runs on all major OSes, Linux users will find it more familiar.
Autopsy is a GUI-based open source digital forensic program to analyze hard drives and smart phones efficiently. Autospy is used by thousands of users worldwide to investigate what happened in the computer.
It’s widely used by corporate examiners, military to investigate and some of the features are.
- Email analysis
- File type detection
- Media playback
- Registry analysis
- Photos recovery from memory card
- Extract geolocation and camera information from JPEG files
- Extract web activity from browser
- Show system events in graphical interface
- Timeline analysis
- Extract data from Android – SMS, call logs, contacts, etc.
It has extensive reporting to generate in HTML, XLS file format.
2. Encrypted Disk Detector
Encrypted Disk Detector can be helpful to check encrypted physical drives. It supports TrueCrypt, PGP, BitLocker, Safeboot encrypted volumes.
Wireshark is a network capture and analyzer tool to see what’s happening in your network. Wireshark will be handy to investigate network related incident.
4. Magnet RAM Capture
You can use Magnet RAM capture to capture the physical memory of a computer and analyze artifacts in memory.
It supports Windows operating system.
5. Network Miner
An interesting network forensic analyzer for Windows, Linux & MAC OS X to detect OS, hostname, sessions and open ports through packet sniffing or by PCAP file. Network Miner provides extracted artifacts in an intuitive user interface.
NMAP (Network Mapper) is one of the most popular networks and security auditing tools. NMAP is supported on most of the operating systems including Windows, Linux, Solaris, MAC OS, HP-UX, etc. It’s open source so free.
7. RAM Capturer
RAM Capturer by Belkasoft is a free tool to dump the data from computer’s volatile memory. It’s compatible with Windows OS. Memory dumps may contain encrypted volume’s password and login credentials for webmails and social network services.
8. Forensic Investigator
If you are using Splunk, then Forensic Investigator will be a convenient tool. It’s Splunk app and has many tools combined.
- WHOIS/GeoIP lookup
- Port scanner
- Banner grabber
- URL decoder/parser
- XOR/HEX/Base64 converter
- SMB Share/NetBIOS viewer
- Virus Total lookup
FAW (Forensics Acquisition of Websites) is to acquire web pages for forensic investigation which has the following features.
- Capture the entire or partial page
- Capture all types of image
- Capture HTML source code of the web page
- Integrate with Wireshark
HashMyFiles will help you to calculate the MD5 and SHA1 hashes. It works on almost all latest Windows OS.
11. USB Write Blocker
View the USB drives content without leaving the fingerprint, changes to metadata and timestamps. USB Write Blocker use Windows registry to write-block USB devices.
12. Crowd Response
Response by Crowd Strike is a windows application to gather system information for incident response and security engagements. You can view the results in XML, CSV, TSV or HTML with the help of CRConvert. It runs on 32 or 64 bit of Windows XP above.
Crowd Strike has some other helpful tools for investigation.
- Totrtilla – anonymously route TCP/IP and DNS traffic through TOR.
- Shellshock Scanner – scan your network for shellshock vulnerability
- Heartbleed scanner – scan your network for OpenSSL heart bleed vulnerability
13. NFI Defraser
Defraser forensic tool may help you to detect full and partial multimedia files in the data streams.
ExifTool helps you to read, write and edit meta information for a number of file types. It can read EXIF, GPS, IPTC, XMP, JFIF, GeoTIFF, Photoshop IRB, FlashPix, etc.
Toolsley got more than ten useful tools for investigation.
- File signature verifier
- File identifier
- Hash & Validate
- Binary inspector
- Encode text
- Data URI generator
- Password generator
SIFT (SANS investigative forensic toolkit) workstation is freely available as Ubuntu 14.04. SIFT is a suite of forensic tools you need and one of the most popular open source incident response platform.
Extract all exciting information from Firefox, Iceweasel and Seamonkey browser to be analyzed with Dumpzilla.
18. Browser History
Foxton has two free exciting tools.
- Browser history capturer – capture web browser (chrome, firefox, IE & edge) history on Windows OS.
- Browser history viewer – extract and analyze internet activity history from most of the modern browsers. Results are shown in the interactive graph, and historical data can be filtered.
Extract the following information with ForensicUserInfo.
- LM/NT Hash
- Password reset/Account expiry date
- Login count/fail date
- Profile path
20. Black Track
Blacktrack is one of the most popular platforms for penetration testing, but it has forensic capability too.
PALADIN forensic suite – the world’s most famous Linux forensic suite is a modified Linux distro based on Ubuntu available in 32 and 64 bit.
Paladin has more than 100 tools under 29 categories, almost everything you need to investigate an incident. Autospy is included in the latest version – Paladin 6.
22. Sleuth Kit
The Sleuth Kit is a collection of command line tools to investigate and analyze volume and file systems to find the evidence.
CAINE (Computer Aided Investigate Environment) is Linux distro that offers the complete forensic platform which has more than 80 tools for you to analyze, investigate and create an actionable report.
- Password Recovery Utilities
- WebBrowserPassView – View the passwords stored by your Web browser (Supports Internet Explorer, Firefox, Chrome, Safari, and Opera)
- RouterPassView: Router Password Recovery – Extract passwords and other information from router backup file (For supported routers).
- Mail PassView – Recover the passwords of popular email clients: Outlook Express, MS Outlook, Eudora, Mozilla Thunderbird , and more…
- Dialupass: Dialup Password Recovery – Recovers the passwords of dialup entries (VPN and Internet connections). Works also under Windows 2000/XP.
- Network Password Recovery – Freeware utility that recovers the network passwords stored by Windows XP (Credentials file).
- BulletsPassView – Reveal the passwords hidden behind asterisk (‘****’) or bullets characters in standard password text-boxes.
- WirelessKeyView – Recover lost wireless network key stored on Windows
- PstPassword – Recover the password of Outlook PST file.
- Network Monitoring Tools
- WirelessNetView – View the details of all wireless network in your area (SSID, Signal Quality, MAC Address, and more…)
- Wireless Network Watcher – Show who is connected to your wireless network.
- BluetoothView – Monitor the Bluetooth activity around you.
- SmartSniff: TCP/IP Sniffer – Capture TCP/IP packets on your network adapter and view the captured data as sequence of conversations between clients and servers.
- CurrPorts: TCP/IP Connections Viewer – Freeware tool that displays the list of all currently opened TCP and UDP ports on your local computer.
- AdapterWatch – displays useful information about your network adapters: IP addresses, Hardware address, WINS servers, DNS servers, MTU value, Number of bytes received or sent, The current transfer speed, and more…
- DownTester – Test the download speed of your Internet connection.
- Internet Related Utilities
- BrowsingHistoryView: Web Browser History Viewer – View browsing history of your Web browsers (Firefox,Chrome,IE,Edge)
- IPNetInfo – Find all available information about an IP address: The owner of the IP address, the country/state name, IP addresses range, contact information (address, phone, fax, and email), and more.
- MyLastSearch – View your latest searches with Google, Yahoo, and MSN.
- VideoCacheView – Copy video files (.flv and others) from the Web browser cache and temporary folder.
- SiteShoter – Take a screenshot of a Web site.
- DNSDataView – View the DNS records of specified domains.
- IECookiesView: Cookies Viewer/Manager for IE – View/Delete/Modify the cookies that Internet Explorer stores on your computer. Read More >>
- IEHistoryView – View/Delete the URLs that you visited in the last few days.
- WhoisThisDomain – Get information about a registered domain.
- DNSDataView – DNS lookup tool.
- MS-Outlook Tools
- NK2Edit – Edit, delete, add, merge, and repair records in the AutoComplete files (.NK2) of Outlook.
- OutlookAttachView – View and extract attachments of your Outlook mailbox.
- OutlookStatView – Get statistics about your Outlook mailbox.
- OutlookAddressBookView – View or export the address book of Outlook.
- Command-Line Utilities
- NirCmd: Freeware Command-Line Tool – Do some useful tasks from command-line: turn off your monitor, turn off the computer, open/close the door of your cd-rom drive, dial to VPN/Internet connection, change your display settings, and much more !!
- SoundVolumeView – Control the sound volume from command-line or GUI on Windows 10/7/8/2008.
- GUIPropView – hide,show,disable,enable,minimize,maximize,resize windows from command-line.
- Desktop Utilities
- UninstallView – Alternative to the software uninstaller of Windows.
- SearchMyFiles – Alternative to ‘Search For Files And Folders’ module of Windows and also duplicate files search.
- Volumouse – Control the sound volume with your wheel mouse !!
- FileTypesMan – Alternative to ‘File Types’ manager of Windows.
- Freeware System Tools
- ProduKey – Recover Office/Windows CD-Key
- ShellExView – Displays the details of shell extensions installed on your computer, and allows you to easily disable and enable each shell extension.
- WhatInStartup – Add, delete, modify or disable programs that run at Windows startup.
- USBDeview – View all installed/connected USB devices on your system.
- DevManView – Alternative to device manager of Windows.
- DriverView – List all device drivers currently loaded on your Windows.
- RegScanner (Registry Scanner) – Scan and find values in the Registry.
- OpenedFilesView – View opened/locked files in your system.
- SysExporter – Grab the data stored in standard list-views, list boxes, and combo boxes from almost any application running on your system, and export it to text, HTML or XML file.
- BlueScreenView – View crash information stored in the MiniDump files created on blue screen of Windows.
Tools, guides and tips for navigating the Dark Web.
Ahmia makes hidden services accessible to a wide range of people, not just Tor network users.
Commonly used words used on dark web.
List of Dark Net markets.
Dark Net stats regarding .onion sites.
Access dark web results directly, without the need to install Tor.
Archive web page capture for dark web.
Receive daily email reports on the dark web from Hunchly.
Guides and tutorials collected and stored on the MidaSearch Pinboard.
Dark web links.
Tor Search Engine Links | Onion Search Engine | Tor Directory Links | Hidden Wiki Links.
The Dark Web Map is a visualization of the structure of Tor’s onion services.
Dark web toolkit from the International Anti Crime Academy (IACA).
A dark web crawler designed for indexing hidden services.
Enables you to view hidden wiki site addresses without having to connect via TOR.
Searchable TOR cache site.
Onion.link sacrifices client-anonymity for convenience. Those wishing to browse anonymously must download the Tor Browser Bundle.
OnionScan is a free and open source tool for investigating the Dark Web.
An onion search engine without need to download TOR.
Share documents through TOR.
A dark web directory.
The main objective of this project is to collect open data from the deep web (aka dark web) and with the help of data mining algorithms, collect as much information as possible and produce an interactive tree graph.
TOR search engine.
A list of dark web search engines.
TOR Cyber Security forum.
A dark web directory.