9

Resource question :- I need to collate a list of security admin tools

For:

  • Web
  • Network
  • Wifi
  • Server unix/Linux/windows/macosx
  • SQL
  • Xss

Please state

-links/version/os used/free v buy

EEAA
  • 109,904

6 Answers6

11

Web

For pen testing web sites, try these Firefox extensions: (All are free.)

I've also heard good things about Fiddler (freeware, any browser, Windows only).

General Networking

  • Wireshark - protocol analysis; see what's on your network. Free, for any OS.
  • Netcat - generic low-level client and server; the "TCP/IP Swiss army knife." Free, for any OS.
  • nmap - scan for open ports and active hosts, and identify OSes and (sometimes) servers. Free, for any OS.
  • Nessus - scan for vulnerabilities on your network. Unix or Linux.

These are the tools I'm most familiar with, but for a much more complete list, see sectools.org.

Wireless

I don't have as much experience with these.

Josh Kelley
  • 993
  • 1
  • 7
  • 17
5

Mine:

  • Perl - To script when I don't have the right tool.
  • NetStumbler - To detect wireless.
  • WireShark - To sniff traffic.
  • Cain & Abel - To crack passwords and exploit LSA Secrets.
  • NMap - Port Scanner
  • SysInternal PSTools Suite - Ton of useful tools
  • Fiddler - IE Proxy that allows you to see HTTP Request / Response even with SSL
  • Nessus - General vulnerability scanner
  • SQLPing 3 - SQL Server scanner
  • SQL Server Profiler - to monitor SQL Server commands going to a particular SQL Server
  • Command Line - a lot of tools here
  • Cygwin - Unix/Linux tools on Windows.
K. Brian Kelley
  • 9,074
5

Web

  • curl - A library and utilities to make custom HTTP/FTP requests
  • wget - A utility to quickly download URLs
  • netcat - A simple yet powerful utility to open a connection to a remote server or listen on a local port
  • Python's urllib2 module - Great for scripting mass downloads, testing URLs, grabbing data quickly to parse, etc

Network

  • nmap - Port scanning, host detection, network mapping, and service detection
  • wireshark - Network protocol analyzer for Win/Linux
  • tcptraceroute - Traceroute utility using TCP packets instead of ICMP packets to bypass filtering or test firewalls
  • arping and arpwatch - ARP-based utilities to detect and observe ARP activity on the network
  • logcheck - Daemon that watches logs and alerts you when unusual events occur
  • fail2ban - Daemon that watches logs and takes action against hosts attempting to guess passwords or attack the network
  • iptables/netfilter - Linux 2.6 firewall software

WiFi

SQL

XSS

Everything

  • Google - Index of all mankind's knowledge
  • Python - Pseudocode interpreter

Hope some of this helps. This is just what's come to mind so far, but there's tons more out there. Where and when to use each is left as an exercise to the reader.

Dan Udey
  • 1,478
4

Have you had a look at BackTrack Linux?

I've written a little framework around it so I can easily drop in my own scripts and packages, that way I just burn a disc each time I need to go remote.

khosrow
  • 4,173
2

inSSIDer is a nice replacement for NetStumbler that works on x64 Windows. I also like Microsoft's Network Monitor packet analyzer.

Already mentioned was Fiddler which is a very nice http protocol analyzer and of course nmap.

Brian Reiter
  • 860
2

What? No love for physical tools?

  • Anti-static Bags
  • Small tool kit, belkin or some other
  • Hard drive write blocker (IDE)
  • A write blocked thumb drive: loaded with AV and other goodies
  • A digital camera (especially for taking pictures of BIOS settings)
  • Various adapters and gender-benders
  • A flashlight/LED keyfob
  • A stack of bootdisks
  • A stack of blank DVD/CD
  • A floppy disk or two (you NEVER know ...)
  • A paper notebook: Keeps logs, diagrams, notes, and never needs charging
  • Pens and pencils

Another great resource for a list of SA tools, SAGE Sysadmin Toolbox

Joseph Kern
  • 9,939