2014 Top Security Tools as Voted by ToolsWatch.org Readers

Dear ToolsWatchers,

We are honored to announce the 2014 Top Security Tools as Voted by ToolsWatch.org Readers, this is the second edition of our online voting by users and readers.

Thanks for your time and your votes, are very useful for the community. 🙂

Results by Year

01 – Unhide (NEW)

02 – OWASP ZAP – Zed Attack Proxy Project (-1↓)

03 – Lynis (+3↑)

04 – BeEF – The Browser Exploitation Framework (-2↓)

05 – OWASP Xenotix XSS Exploit Framework (0→)

06 – PeStudio (-2↓)

07 – OWASP Offensive (Web) Testing Framework (NEW)

08 – Brakeman (NEW)

09 – WPScan (0→)

10 – Nmap (NEW) 01 – OWASP Zed Attack Proxy

02 – BeEF – The Browser Exploitation Framework Project

03 – Burp Suite

04 – PeStudio

05 – OWASP Xenotix XSS Exploit Framework

06 – Lynis

07 – Recon-NG The Web Reconnaissance Framework

08 – Suricata The Network IDS/IPS

09 – WPScan

10 – O-SAFT OWASP SSL Advanced Forensic Tool

2014 Top Security Tools as Voted by ToolsWatch.org Readers

01 – Unhide

Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. Unhide runs in Unix/Linux and Windows Systems. It implements six main techniques.

Features

Compare /proc vs /bin/ps output

Compare info gathered from /bin/ps with info gathered by walking thru the procfs. ONLY for unhide-linux version

Compare info gathered from /bin/ps with info gathered from syscalls (syscall scanning).

Full PIDs space ocupation (PIDs bruteforcing). ONLY for unhide-linux version

Compare /bin/ps output vs /proc, procfs walking and syscall. ONLY for unhide-linux version. Reverse search, verify that all thread seen by ps are also seen in the kernel.

Quick compare /proc, procfs walking and syscall vs /bin/ps output. ONLY for unhide-linux version. It’s about 20 times faster than tests 1+2+3 but maybe give more false positives.

URL: http://www.unhide-forensics.info

Testimonials

“It is a very complete and very useful security tool. You can easily find any hidden file, ports, etc.”

“Good tool for detect malware in linux system!!”

“A good command-line tool essential nowdays to detect rootkits in unix based systems.”

02 – OWASP ZAP – Zed Attack Proxy Project

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

Features

Open source

Cross platform (it even runs on a Raspberry Pi!)

Easy to install (just requires java 1.7)

Completely free (no paid for ‘Pro’ version)

Ease of use a priority

Comprehensive help pages

Fully internationalized

Translated into over 20 languages

Community based, with involvement actively encouraged

Under active development by an international team of volunteers

URL: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Testimonials

“It is open source and easy to use which covers all issues.”

“Loads of features (weekly releases). Easy to use. Active community. Scripting. Runs on all platforms with Java. Extensive documentation.”

“Stable, maintained and improved, well-documented, and supports WebSockets!”

03 – Lynis

Lynis is an auditing tool which tests and gathers (security) information from Unix based systems. The audience for this tool are security and system auditors, network specialists and system maintainers.

Lynis performs an in-depth local scan on the system and is therefore much more thorough than network based vulnerability scanners. It starts with the bootloader and goes up to installed software packages. After the analysis it provides the administrator with discovered findings, including hints to further secure the system.

Features

System and security audit checks

File Integrity Assessment

System and file forensics

Usage of templates/baselines (reporting and monitoring)

Extended debugging features

URL: https://cisofy.com/download/lynis/

Testimonials

“Helped me several times to harden my systems, love it.”

“Really great auditing tool! It’s easy to use plus it’s free.”

“It helps to quickly satisfy compliance requirements in a jiffy…”

04 – BeEF – The Browser Exploitation Framework

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

Features

Key Logger.

Bind Shells.

Port Scanner.

Clipboard Theft.

Tor Detection.

Integration with Metasploit Framework.

Many Browser Exploitation Modules.

Browser Functionality Detection.

Mozilla Extension Exploitation Support.

URL: http://beefproject.com

Testimonials

“Because there’s only one tool like it. No other tool serves the same purpose.”

“Nothing demonstrates the internal threat and vulnerability of a browser better than the browser exploitation framework.”

“BeEF besides the integrate attacks. It provides clients with clear pictcure of what could happen just by visiting a poisoned site.”

05 – OWASP Xenotix XSS Exploit Framework

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. Xenotix provides Zero False Positive XSS Detection by performing the Scan within the browser engines where in real world, payloads get reflected. Xenotix Scanner Module is incorporated with 3 intelligent fuzzers to reduce the scan time and produce better results.

Features

Scanner Modules

Information Gathering Modules

Exploitation Modules

Auxiliary Modules

Xenotix Scripting Engine

URL: https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework

Testimonials

“It helps me to make interesting proof of concepts for all the XSS vulnerabilities which I found during Web-app Vulnerability Assesments.”

“XSS is a menace and this scanner allows one to scan for advanced XSS attacks from a mobile device. Moreover it eases the whole scanning effort with an amazing interface.”

“It’s UI is easy to use. It has many payloads than you can ever imagine. Overall, I would recommend it as the best tool for XSS testing.”

06 – PeStudio

PeStudio is a unique tool that performs the static investigation of 32-bit and 64-bit executable. PEStudio is free for private non-commercial use only.

Malicious executable often attempts to hide its malicious behavior and to evade detection. In doing so, it generally presents anomalies and suspicious patterns. The goal of PEStudio is to detect these anomalies, provide Indicators and score the Trust for the executable being analyzed. Since the executable file being analyzed is never started, you can inspect any unknown or malicious executable with no risk.

Features

References

Indicators

Virus Detection

Imports

Resources

Report

Prompt

Interface

URL: http://www.winitor.com

Testimonials

“Great tool, easy to use, efficient for early evaluation of malware potential and intents.”

“Best tool for static PE analysis”

“Easily the best and quickest malware analysis/triage tool. Amazing support from the author, who updates the software almost every other day. Spectacularly useful in my day-to-day analysis.”

07 – OWASP Offensive (Web) Testing Framework

OWASP OWTF, Offensive (Web) Testing Framework is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient, written mostly in Python. The purpose of this tool is to automate the manual, uncreative part of pen testing: For example, spending time trying to remember how to call “tool X”, parsing results of “tool X” manually to feed “tool Y”, etc.

Features

OWASP Testing Guide-oriented.

Report updated on the fly.

“Scumbag spidering”.

Resilience.

Easy to configure.

Easy to run.

Full control of what tests to run.

Easy to review transaction logs and plain text files with URLs.

Basic Google Hacking without (annoying) API Key requirements via “blanket searches”.

Easy to extract data from the database to parse or pass to other tools.

URL: https://www.owasp.org/index.php/OWASP_OWTF

Testimonials

“Helped in automating and managing multiple tools with ease.”

“Because it rocks!!! It is combining all of the owasp vulnerability checks in one framework.”

“It saves me lot of time with repetitive tasks.”

08 – Brakeman

Brakeman is a security scanner for Ruby on Rails applications. Unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it.

Once Brakeman scans the application code, it produces a report of all security issues it has found.

Features

No Configuration Necessary

Run It Anytime

Better Coverage

Best Practices

Flexible Testing

Speed

URL: http://brakemanscanner.org

Testimonials

“Free, high quality, actively developed. Significantly better than many expensive commercial products in our testing. Justin is really nice as well.”

“One of best open source tool available for security vulnerability scanning.”

“Great ruby gem that helps you see what possible security risks you have included in your application.”

09 – WPScan

WPScan is a black box WordPress vulnerability scanner.

Features

Username enumeration (from author querystring and location header)

Weak password cracking (multithreaded)

Version enumeration (from generator meta tag and from client side files)

Vulnerability enumeration (based on version)

Plugin enumeration (2220 most popular by default)

Plugin vulnerability enumeration (based on plugin name)

Plugin enumeration list generation

Other misc WordPress checks (theme name, dir listing, …)

URL: http://wpscan.org

Testimonials

“There are a lot of website developed using wordpress and still vulnerable, using WP Scan which specialized in detecting wordpress security issue can reduce a lot of time for any security tester. No need to configure any payload or something similiar, just let WP Scan do it automatically.”

“The team made a new WPScan vulnerability database (wpvulndb.com). Everyone can populate (after approval) the database with new found vulnerabilities. Now the core program is better separated from the data.”

“Constant la updated. Best tool for WordPress security.”

10 – nmap

Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for network inventory, managing service upgrade schedules, monitoring host or service uptime, and many other tasks. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Features

Host Discovery.

Port Scanning.

Version Detection.

OS Detection.

Nmap Scripting Engine (NSE).

URL: http://nmap.org

Testimonials

“Everyones favourite portscanner.”

“Enumerate ports, find “open door.”

“The best tool that ever Pen Tester must have.”

Others Tools Listed, voted by users:

Arachni: Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. [http://www.arachni-scanner.com]

ArchAssault: The ArchAssault Project is an Arch Linux derivative for penetration testers, security professionals and all-around Linux enthusiasts. [https://archassault.org]

Bellator: Security Audit Program for Microsoft Windows System. [http://sourceforge.net/projects/bellator]

Burp Suite Professional: Integrated platform for performing security testing of web applications. [http://portswigger.net/Burp]

FBHT: Facebook Hacking Tool is an open-source tool written in Python that exploits multiple vulnerabilities on the Facebook platform. [https://github.com/chinoogawa/fbht]

GoLismero: Free software framework for security testing. It’s currently geared towards web security, but it can easily be expanded to other kinds of scans. [http://www.golismero.com]

Iron OWASP: IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. [http://ironwasp.org]

Kautilya: Toolkit which provides various payloads for a Human Interface Device which may help in breaking in a computer during penetration tests. [https://github.com/samratashok/Kautilya]

Metasploit: It is the de-facto standard for penetration testing with more than one million unique downloads per year and the world’s largest, public database of quality assured exploits. [http://www.metasploit.com]

OWASP O-Saft: Tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. [https://www.owasp.org/index.php/O-Saft]

Pipal: Tool to generate statistics from a password file, stats go from number of 6 character passwords to hashcat masks. [http://digi.ninja/projects/pipal.php]

ThreadFix: Software vulnerability aggregation and management system that helps organizations aggregate vulnerability data, generate virtual patches, and interact with software defect tracking systems. [http://www.denimgroup.com/resources-threadfix]

Veil Framework: Tool to generate payload executables that bypass common antivirus solutions. [https://www.veil-framework.com]

Volatility: The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. [https://github.com/volatilityfoundation/volatility]

w3af: Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. [http://w3af.org]

YASAT: YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut). Second goal is to document each test with maximum information and links to official documentation. [http://yasat.sourceforge.net]

ToolsWatch Team

NJ OUCHN & MAXI SOLER

About the Author MaxiSoler www.artssec.com @maxisoler