(Page 5 of 9)   < Prev  1 2 3 4 5 6 7 8 9  Next >

Category: Auditing » Network » Web

The OpenAntivirus Project: Summary
Added 2003-09-04
by cbricart, fz-net, hfuhs, kurti and reniar
Developing Open Source AntiVirus Solutions

Nikto
Added 2003-06-16
by CIRT.net
Nikto is a PERL, open source web server scanner which supports SSL. Based on LibWhisker, it has features which Whisker 1.4 lacks, including proxy support, host authentication, and SSL. Nikto checks for (and if possible attempts to exploit) remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site.Nikto is a PERL, open source web server scanner which supports SSL. Based on LibWhisker, it has features which Whisker 1.4 lacks, including proxy support, host authentication, and SSL. Nikto checks for (and if possible attempts to exploit) remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site.

Visual Interactive Datapipe (Vida)
Added 2002-07-19
by embyte
Visual Interactive Datapipe (Vida) is an interactive visual datapipe for all *nix systems, which allows socket communications to be redirected over pipes. It features an ncurses interface that allows the creation of multiple datapipes, each supporting multiple connections. It is possible to sniff and log traffic in various ways, hijack piped connections, perform DNS hijacking on switched LANs, and much more.

nstalker-chunked.c
Added 2002-06-26
by N-Stalker
nstalker-chunked.c is free and open-source, so try it out. The program uses a sophisticated method to find susceptible servers - not just banner checking.

WebProxy
Added 2002-04-26
by Frank Swiderski
WebProxy 1.0 is a cross-platform/browser security tool for use in auditing web sites. Installed as a proxy for your browser, WebProxy allows you to intercept, modify, log, and re-submit requests, both HTTP and HTTPS. Editing capabilities include parsing of query parameters, request headers, and POST parameters, as well as cookie editing. The convenient "browse from here" capability allows you to edit and resubmit previous requests and continue browsing on from the returned page. Request interception allows on-the-fly editing of requests based on a matching regular expression. There is also dynamic certificate generation. Use WebProxy for SQL injection, cookie manipulation, parameter testing, or simply monitoring of requests.

ELZA
Added 2002-04-23
by philip_stoev@iname.com
The ELZA is a scripting language aimed at automating requests on web pages. Scripts written in ELZA are capable of mimicing browser behavior almost perfectly, making it extremely difficult for remote servers to distinguish their activity from the activity generated by ordinary users and browsers. This gives those scripts the opportunity to act upon servers that will not respond to requests generated using netcat, rebol, telnet or similar tool.

Metis
Added 2002-04-16
by Sacha Faust
This is a tool I write to collect information from web servers. This was written for the Open Source Security Testing Methodology (OSSTM) located on http://www.ideahamster.org/osstmm-description.htm. If you get OutOfMemory errors, it means that the site you are scanning is quite big and you need to grow the heap size by using the -Xms option. By default, the metis.bat will set it to 150.

Panoptis
Added 2002-04-08
by Constantinos A. Kotsokalis
Panoptis is a tool to detect and stop DoS/DDoS attacks. It relies on data provided by NetFlow-enabled routers, and includes functionality to cooperate with other "Panoptis" detectors in order to trace the attack back to its source.

VoidEye CGI scanner
Added 2002-03-25
by Duke
VoidEye CGI scanner, build 461. Scans for 78 known vulnerabilities. Runs on: win9x, winNT, win2000. Features: user can add his own holes, editing "exp.dat" in any text editor or via program interface, user can process a site list, editing it via the program interface or the file "servers.dat", scanner can work via a proxy, for more security. Multi-threaded and fast. By Duke.

Typhon
Added 2002-02-06
by Next Generation Security Software Ltd
Typhon, an updated version of Cerberus Internet Scanner, is a vulnerability assessment tool. It will scan a given host for known security holes and vulnerabilities. It does this by looking at the services offered by a host and each of these are examined for holes. For example, Typhon will check for over 180 known vulnerabilities in the web service or daemon offered by a server. Once a scan has been completed a report in HTML is produced detailing what security holes were found, the impact of those holes and how to fix them. Once these holes have been removed then the host will be more secure against attacks. As new vulnerabilities are discovered almost on a daily basis it is necessary to ensure that the Typhon is kept upto date and hosts are scanned on a regular basis.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus