Search results

...documentation are organized into seven categories: network reconnaissance, auditing, privilege escalation, post-exploitation, denial of service, web applicatio [[Category:Security Testing & Auditing]]

...ve report of the system's security posture and recommends steps to improve security. Lynis is open source and available free of charge. [[Category:Security Testing & Auditing]]

...ol. It can be used to identify hosts and services on a network, as well as security issues. Nmap can be used to scan for vulnerable open ports on systems. [[Category:Attack & Penetration Testing]]

...ize security risks in their code. Contrast Security’s application security testing helps developers find and fix vulnerabilities in their code before it is de [[Category:Security Testing & Auditing]]

...ol. It can be used to identify hosts and services on a network, as well as security issues. Nmap can be used to scan for vulnerable open ports on systems. [[Category:Security Testing & Auditing]]

...modify HTTP and HTTPS traffic. Paros Proxy can be used to perform security testing of web applications. It can be used to find vulnerabilities such as SQL inj [[Category:Security Testing & Auditing]]

The SANS Institute's XSpider is a tool for web application security testing. It automates the spidering and scanning of web applications, and can be us [[Category:Security Testing & Auditing]]

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection f [[Category:Security Testing & Auditing]]

Hping3 is a network tool that can be used for tasks such as network testing, scanning, and finding vulnerabilities. It can be run on Linux and Windows, [[Category:Security Testing & Auditing]]

...ol. It can be used to identify hosts and services on a network, as well as security issues. Nmap can be used to scan for vulnerable open ports on systems. [[Category:Security Testing & Auditing]]

...that provides users with a wide range of features to help them assess the security of web applications. Burp Suite is available in both a free and paid versio [[Category:Security Testing & Auditing]]

...udes a powerful rule-based engine that can be used to automate response to security incidents. [[Category:Security Testing & Auditing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

...used to create fuzzers, which are programs that generate random inputs for testing. The platform also includes a number of ready-made fuzz [[Category:Security Testing & Auditing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

...te also provides a forum for discussion and an online store for purchasing security products. [[Category:Security Testing & Auditing]]

...tool from the SANS Institute that can be used to scan a system for common security vulnerabilities. The MBSA can be run on Windows systems and will report any [[Category:Security Testing & Auditing]]

The tool Batea found at https://github.com/delvelabs/batea is a Security Information and Event Management (SIEM) system that helps businesses to sec [[Category:Security Testing & Auditing]]

...e developed by Offensive Security. The tool contains a large collection of security-related tools divided into categories. The categories include information g [[Category:Security Testing & Auditing]]

...curity Project (OWASP) is a nonprofit foundation that works to improve the security of software. One of its projects is OWASP ZAP, a tool for finding vulnerabi ...rks by spidering the application to find all the links and forms, and then testing them for common vulnerabilities.

...so offers a variety of resources to help users learn about web application security. [[Category:Attack & Penetration Testing]]

...a SANS Institute project that aims to help penetration testers and network security professionals identify and exploit vulnerabilities in routers and other net [[Category:Security Testing & Auditing]]

...that can be used for a variety of tasks, making it a valuable tool for any security professional. [[Category:Security Testing & Auditing]]

...lines on an on-going basis. The SCT is updated on a regular basis with new security best practices, and [[Category:Security Testing & Auditing]]

The Atomic Red Team is a set of tools that allow you to test your security controls by executing known attacks. It includes a library of attacks that [[Category:Security Testing & Auditing]]

...on best practices, training, and tools to help organizations improve their security. One of the tools the Institute provides is Reaver, a tool that helps organ [[Category:Security Testing & Auditing]]

...traffic. Aircrack-ng can be used to detect wireless intruders, to test the security of wireless networks, and to assess the strength of wireless passwords. [[Category:Security Testing & Auditing]]

The SANS Institute's SSRF Finder tool helps organizations find and fix security vulnerabilities related to servers that are exposed to the Internet. The to [[Category:Security Testing & Auditing]]

...itor and analyse their own wireless network in order to identify potential security threats. It can be used to crack WEP and WPA-PSK keys, and also allows for [[Category:Security Testing & Auditing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

Nessus Professional is a network security analysis tool that can be used to identify vulnerable systems and applicati [[Category:Attack & Penetration Testing]]

...abilities, and edit program code. The software was created by the National Security Agency (NSA) and is now maintained by the NSA's Research Directorate. ...security researchers to understand a program's purpose and find potential security flaws.

...a generated from these simulations. This allow users to identify potential security issues and gaps in their Splunk instance, and then take corrective action t [[Category:Security Testing & Auditing]]

...specializes in information security. They offer a variety of tools to help security professionals protect their organizations, including the Hydra tool. [[Category:Security Testing & Auditing]]

...words, usernames, and NTLM hashes. Mimikatz can also be used to modify the security configuration of a Windows system, making it less secure. [[Category:Security Testing & Auditing]]

...tfolios, integrate security with development processes, and enhance manual testing. ...nner. By automating the scanning process, it frees up time for application security teams to focus on other important tasks.

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

...s one of the most popular password cracking tools available and is used by security professionals and ethical hackers alike. John the Ripper uses a variety of [[Category:Security Testing & Auditing]]

[[Category:Security Testing & Auditing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

...rity testing, providing users with a comprehensive solution to enhance the security of their web applications. [[Category:Security Testing & Auditing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]

[[Category:Security Testing & Auditing]] [[Category:Attack & Penetration Testing]]