BEST IT Security and Auditing Software 2007

Since we have started IT security auditing and assessment, we have tested and used tons of tools, utilities and softwares. A lot of them were discontinuted, closed their code or just bought by vendors. But (hopefully), the best are still alive.

Now, by the end of the year 2007, i become slightly melancholic and decide to release a survey of the most efficient IT Security Softwares for auditors, security administrators and pentesters.

However, I deeply think that every little script or utility wrote by individual developer or hacker is a gem. Just take a look at sourceforge project repositories to be amazed. They will continue to serve us for years to come.

— Happy New Year.

Scoring criteria

This survey was based upon specific criteria, so the classification reflects only our opinion at the moment of writing this article.

Criteria Comment
Audience Target IT Auditors, pentesters, IT technical staff, IT Management staff
Software features Built-in features , capabilities and options.
Updates and maintenance Frequency of updates (database, signature, plugins and addons). Maintenance ( bug fixes, bug reporters, support...). Future releases and roadmap.
Use of standards and metrics Use of security metrics and standards (CVE, CVSS, XCCDF, OVAL, CPE, SANS TOP20, OWASP..)
Reporting Dashboards, charting and graphing, types of report export (HTML, XML, PDF..)
Security-Database Track Popularity Average of visits and downloads. Based on our internal stats during the year 2007.

++++

Penetration Tests

Open source and Free Softwares

Category Best Recommended/Excellent
Information Gathering Maltego GUI and Web based ex aequo : SEAT (Search Engine Assessment Tool)) & RevHosts
Protocol mappers NMap THC-Amap
Vulnerability scanners Tenable Nessus Saint Scanner Basic release
Application scanners W3AF : Web Application Attack Audit Framework ex aequo: Paros Proxy & Nikto
Exploiters Metasploit 3.x ex aequo: Inguma & Milw0rm WebSite
Wireless hacking ex aequo: AirCrack-NG & AirCrack PTW AiroScript
LiveCDs BackTrack 2.x and 3.x ex aequo: NST (Network Security Toolkit) & OSWA (Organizational Systems Wireless Auditor)

Methodologies

Document Best Recommended/Excellent
Network and System testing OSSTMM NIST SP 800-115
Application testing OWASP Guides WebAppSec papers
Testing Framework PTF Penetration tests Framework N/A
Testing Framework WTF Wireless Testing Framework N/A

++++

Security Assessment

Open source and Free Softwares

Category Best Recommended/Excellent
Windows auditing OVAL Interpreter ex aequo : Belarc Advisor & WinAudit & SysInternals
Unix auditing ex aequo : CIS Scoring Tools & Tiger Security Tool ex aequo : Babel Enterprise & OVAL Unix interpreters (Sussen, Debian, Fedora, OpenSuse)
Filtering devices Nipper NCat
Password Cracking Cain and Abel OphCrack Suite
Code auditing FindBugs Pixy
Wireless testing OSWA Russix
Database auditing THC-Oracle SQL Power Injector
Application auditing OWASP LabRat OWASP Cal9000
VoIP auditing SiVus Cain and Abel

Methodologies

Document Best Recommended/Excellent
Publications NIST CSRC documents
Security Checklists DISA STIGs ex aequo: CIS Checklists & AuditNet Resources

++++

Commercial Softwares - Best OFF

Category Best Recommended/Excellent
Penetration Tests Core Impact Saint Suite (Saint scanner and SaintExploit)
Application tests Acunetix Web Vulnerability Scanner WebInspect
Compliance Scanners LAnGuard NSS Tenable Security Center

++++

Links and references

Open source and free softwares

Name Link
Maltego http://www.paterva.com
SEAT http://midnightresearch.com
RevHosts http://www.revhosts.org
NMap http://www.nmap.org
Nessus & Tenable products http://www.tenablesecurity.com
Saint Scanner and SaintExploit http://www.saintcorporation.com
W3AF http://w3af.sourceforge.net
Nikto http://www.cirt.net/code/nikto.shtml
Paros Proxy http://www.parosproxy.org/index.shtml
Metasploit http://www.metasploit.com
Inguma http://inguma.sourceforge.net
Milw0rm Resources http://www.milw0rm.com
AirCrack-NG http://www.aircrack-ng.org
AirCrack-PTW CDC informatik darmstadt
AiroScript http://airoscript.aircrack-ng.org
BackTrack http://www.remote-exploit.org
NST http://networksecuritytoolkit.org
OSWA Assistant http://securitystartshere.org
OVAL Interpreters http://oval.mitre.org
Belarc Advisor http://www.belarc.com
Sussen OVAL http://dev.mmgsecurity.com/projects/sussen/
WinAudit http://www.pxserver.com/WinAudit.htm
SysInternals http://www.sysinternals.com
CIS Scoring Tools and Checklists http://www.cisecurity.org
Tiger Security Suite http://www.nongnu.org/tiger
Babel Enterprise http://babel.sourceforge.net
Nipper Network Infrastructure Parser http://sourceforge.net/projects/nipper
NCat http://ncat.sourceforge.net
Cain And Abel http://www.oxid.it
OphCrack http://ophcrack.sourceforge.net
FindBugs http://findbugs.sourceforge.net
Pixy PixyBox WebSite
Russix www.russix.com
THC Utilities http://freeworld.thc.org
SQL Power Injector http://www.sqlpowerinjector.com
SiVus http://www.vopsecurity.org

++++

Commercial softwares

Name Link
Core Impact http://www.coresecurity.com
LanGuard NSS http://www.gfi.com
Acunetix WVS www.acunetix.com
WebInspect www.spidynamics.com

Methodologies and references

Name Link
OSSTMM http://www.isecom.org/
OWASP Software and Methodology http://www.owasp.org
PTF Penetration tests Framework http://www.vulnerabilityassessment.co.uk
WTF Wireless Testing Framework http://www.wirelessdefence.org
WebAppSec documents http://www.webappsec.org
NIST Releases http://csrc.nist.gov/publications/
DISA STIGs http://iase.disa.mil/stigs
AuditNet Resources http://www.auditnet.org

Survey realised with Security-Database Tools Watch Service Statistics.

Copyright © 2008 Security-Database.com