Here are 5 of the best free security tools for password recovery, password management, penetration testing, vulnerability scanning, steganography and secure data wiping. This list is intended to supplement the list provided on 101 Free Admin Tools. Additionally, other tools that can also be used for security purposes (e.g. file or disk level encryption) can be found on Top 20 Free Disk Tools for SysAdmins. Even if you may have heard of some of these tools before, I’m confident that you’ll find a gem or two amongst this list.
BackTrack is a free bootable Linux distribution that contains a plethora of open source tools that you can use for network security and penetration testing. The tools are organized into different categories such as ‘Information Gathering’, ‘Vulnerability Assessment’, ‘Exploitation Tools’, ‘Privilege Escalation’ and ‘Maintaining Access’, amongst others.
When you boot into BackTrack, you are taken to a Linux shell where you will need to enter “startx” to load the GUI. When the BackTrack GUI has loaded, click the ‘Install BackTrack’ shortcut on the desktop to initiate the BackTrack installation. Once complete, reboot the machine and access the tools from Applications > BackTrack.
Kali Linux
Note: When BackTrack was taken over by a commercial entity, they remained committed to sustaining an open source security and penetration testing distribution and re-built BackTrack from the ground up into what is now known as Kali Linux. Kali Linux is another useful addition to your security toolkit and will eventually render BackTrack redundant. Download it from here and try it out for yourself.
When you launch Cain & Abel, start by exploring the Decoders tab and the Cracker tab – this is where you can set Cain & Abel to decode and display passwords for various protocols or applications. You should also check out the Sniffer tab – this is where you can capture usernames and passwords as they travel across the network between different hosts.
When you load Password Safe for the first time, you’ll first need to create a new Password Safe Database and then enter a Safe Combination which will be used to encrypt the database. The Safe Combination will be used every time you wish to gain access to the list of passwords. Once you’ve created the database, right click on a blank area within the main window and choose “Create Entry” to create a new entry – here, you’ll be able to store a username, a password and any relevant notes.
Tip: Password Safe contains an in-built Password Generator which you can access from Manage > Generate Password, or by using CTRL + P.
To get started, open Eraser, right click anywhere on the blank section of the main window and click “New Task”. You will be asked to select when the task should be run, the data you wish to remove and the erasure method to be used (e.g. US Air Force 5020 (3 passes) or Gutmann (35 passes)).
When you boot from the Security Onion ISO file, you are given the option to launch the live system or system installer. If you choose to launch the live system you will be taken to an Ubuntu-based Linux interface with a series of tools available for you to use. You will also have the ability to launch the Security Onion setup wizard.
01 BackTrack
BackTrack is a free bootable Linux distribution that contains a plethora of open source tools that you can use for network security and penetration testing. The tools are organized into different categories such as ‘Information Gathering’, ‘Vulnerability Assessment’, ‘Exploitation Tools’, ‘Privilege Escalation’ and ‘Maintaining Access’, amongst others.
When you boot into BackTrack, you are taken to a Linux shell where you will need to enter “startx” to load the GUI. When the BackTrack GUI has loaded, click the ‘Install BackTrack’ shortcut on the desktop to initiate the BackTrack installation. Once complete, reboot the machine and access the tools from Applications > BackTrack.
Kali Linux
Note: When BackTrack was taken over by a commercial entity, they remained committed to sustaining an open source security and penetration testing distribution and re-built BackTrack from the ground up into what is now known as Kali Linux. Kali Linux is another useful addition to your security toolkit and will eventually render BackTrack redundant. Download it from here and try it out for yourself.
02 Cain & Abel
Cain & Abel allows you to recover passwords by sniffing the network, cracking encrypted passwords, recording VoIP conversations, decoding scrambled passwords, and revealing password boxes, amongst others. It also contains an Access Database password decoder, RDP password decoder, VNC password decoder and Hash Calculator.When you launch Cain & Abel, start by exploring the Decoders tab and the Cracker tab – this is where you can set Cain & Abel to decode and display passwords for various protocols or applications. You should also check out the Sniffer tab – this is where you can capture usernames and passwords as they travel across the network between different hosts.
03 Password Safe
Password Safe allows you to create an encrypted database container for listing all your usernames and passwords, which can only be accessed by means of a “master password”. The encrypted database container file can be backed up and transferred between locations for convenience.When you load Password Safe for the first time, you’ll first need to create a new Password Safe Database and then enter a Safe Combination which will be used to encrypt the database. The Safe Combination will be used every time you wish to gain access to the list of passwords. Once you’ve created the database, right click on a blank area within the main window and choose “Create Entry” to create a new entry – here, you’ll be able to store a username, a password and any relevant notes.
Tip: Password Safe contains an in-built Password Generator which you can access from Manage > Generate Password, or by using CTRL + P.
04 Eraser
Eraser allows you to completely remove data from your hard drive by overwriting each data block several times using an erasure method of your choice.To get started, open Eraser, right click anywhere on the blank section of the main window and click “New Task”. You will be asked to select when the task should be run, the data you wish to remove and the erasure method to be used (e.g. US Air Force 5020 (3 passes) or Gutmann (35 passes)).
05 Security Onion
Security Onion is a Linux distribution tailored for use as an IDS (Intrusion Detection System) and NSM (Network Security Monitoring) toolkit. It contains tools like Snort, ELSA, Xplico, and NetworkMiner and the in-built setup wizard makes it easy to use.When you boot from the Security Onion ISO file, you are given the option to launch the live system or system installer. If you choose to launch the live system you will be taken to an Ubuntu-based Linux interface with a series of tools available for you to use. You will also have the ability to launch the Security Onion setup wizard.
No comments:
Post a Comment