- Internet Security Alliance
- ANSI – IT Security Standards
- SANS’ Internet Storm Center – Country Report
- Global Information Assurance Certification (GIAC)
- The Open Web Application Security Project (OWASP)
- National Institute of Standards and Technology (NIST)
- Institute for Security and Open Methodologies (ISCOM)
- Information Systems Audit and Control Association (ISACA)
- Center for Internet Security
- Common Configuration Enumeration – The CCE List provides unique identifiers to security-related system configuration issues in order to improve workflow by facilitating fast and accurate correlation of configuration data across multiple information sources and tools.
- Homeland Security Digital Library
- Nmap – Nmap (“Network Mapper”) is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.
- MalwareBytes – Has a free version of their malware removal tool
- SNORT-Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
- McAfee free tools – McAfee is committed to your security and provides an assortment of free McAfee tools to help in your software development. Simply select a tool and download it for free. For more details, read the McAfee Software Free Tools.
- Well known Ports – Service names and port numbers are used to distinguish between different
services that run over transport protocols such as TCP, UDP, DCCP, and
SCTP. Service names are assigned on a first-come, first-served process, as
documented in [RFC952].
- Microsoft Port Requirements – This article discusses the essential network ports, protocols and services that
are used by Microsoft client and server operating systems, server-based programs
and their subcomponents in the Microsoft Windows server system.
- Wireshark – Network Protocol Analyzer.
- Microsoft Security Compliance Manager – The Microsoft Security Compliance Manager provides centralized security baseline management features, a baseline portfolio, customization capabilities, and
security baseline export flexibility to accelerate your organization’s ability
to efficiently manage the security and compliance process for the most widely
used Microsoft technologies.
- Federal Desktop Core Configuration – These recommendations were developed at the National Institute of Standards and Technology, which collaborated with OMB, DHS, DISA, NSA, USAF, and Microsoft to produce the Windows XP and Vista FDCC baseline. Pursuant to title 17 Section 105 of the United States Code, these recommendations are not subject to copyright protection and are in the public domain. NIST assumes no responsibility whatsoever for their use by other parties, and makes no guarantees, expressed or implied, about their quality, reliability, or any other characteristic. We would appreciate acknowledgement if the recommendations are used.
- WinPCap – WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.
- WinDump – WinDump is the Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules. It can run under Windows 95, 98, ME, NT, 2000, XP, 2003 and Vista.
- Microsoft Baseline Security Analyzer – Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance.
- SSL Certificates – EV SSL – Leading reseller of wildcard SSL certificates in the UK from trusted certification authorities such as VeriSign and RapidSSL.
- Burp Suite – Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
- Zulu URL Risk Analyzer – Zulu is a dynamic risk scoring engine for web based content. For a given URL, Zulu will retrieve the content and apply a variety of checks in three different categories.
- FileInsight – McAfee FileInsight, developed by McAfee Labs, is an integrated tool environment for website and file analysis. Its many built-in editing and analysis features can be easily extended through simple Python-based plugins.
- Prads – Is a `Passive Real-time Asset Detection System`. It passively listen to network traffic and gathers information on hosts and services it sees on the network. This information can be used to map your network, letting you know what services and hosts are alive/used, or can be used together with your favorite IDS/IPS setup for “event to host/service” correlation.
- LOIC – Low Orbit Ion Cannon is an open source tool used to do stress tests on web sites.
- OWASP ZAP – The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
- OpenVAS – The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
- Httprecon – The httprecon project is doing some research in the field of web server fingerprinting, also known as http fingerprinting. The goal is the highly accurate identification of given httpd implementations. This is very important within professional vulnerability analysis.
- Havij – Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
- SQL Ninja – Fancy going from a SQL Injection on Microsoft SQL Server to a full GUI access on the DB? Take a few new SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically generates a debug script, put all this in a shaker with a Metasploit wrapper, shake well and you have just one of the attack modules of sqlninja!
- safe3si – Safe3SI is one of the most powerful and easy usage penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database,to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
- KeePass – KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file.
- Crypto.cat – Cryptocat lets you instantly set up secure conversations. It’s an open source encrypted, private alternative to other services such as Facebook chat.Messages are encrypted inside your own browser using AES-256. Encrypted data is securely wiped after one hour of inactivity.
- HashCat – Advanced password recovery
- Attack Surface Analyzer – The purpose of this tool is to help software developers, Independent Software Vendors (ISVs) and IT Professionals better understand changes in Windows systems’ attack surface resulting from the installation of new applications.
- Cookie Cadger – Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests.
- Shodan – Expose online devices. Webcams, Routers, Power Plants, iPhones, Wind Turbines, Refrigerators, VoIP Phones.
- MAP Toolkit – The Microsoft Assessment and Planning (MAP) Toolkit is an agentless inventory, assessment, and reporting tool that can securely assess IT environments for various platform migrations—including Windows 8, Windows 7, Office 2010 and Office 365, Windows Server 2012 and Windows 2008 R2, SQL Server 2012, Hyper-V, Microsoft Private Cloud Fast Track, and Windows Azure.
- Forensic Focus – The International Society of Forensic Computer Examiners (ISFCE) is dedicated to the advancement of the science of forensic computer examinations.
- Digital Corpora – DigitalCorpora.org is a website of digital corpora for use in computer forensics education research. All of the disk images, memory dumps, and network packet captures available on this website are freely available and may be used without prior authorization or IRB approval. We also have available a research corpus of real data acquired from around the world. Use of that dataset is possible under special arrangement.
- AFFLIB – This server is the distribution site for currents and archival releases of forensic software by Simson L. Garfinkel. All of the software distributed at this server is either covered by a liberal Open Source license agreement or is in the public domain.
- SleuthKit – sleuthkit.org is the official web site for The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (a.k.a. digital forensic tools) that run on Windows and Unix systems (such as Linux, OS X, Cygwin, FreeBSD, OpenBSD, and Solaris). They can be used to analyze NTFS, FAT, HFS+, Ext2, Ext3, UFS1, and UFS2 file systems and several volume system types.
- Oxygen Forensic Suite – Oxygen Forensic Suite 2011 is a mobile forensic software that goes beyond standard logical analysis of cell phones, smartphones and PDAs. Using advanced proprietary protocols permits Oxygen Forensic Suite 2011 to extract much more data than usually extracted by logical forensic tools, especially for smartphones.
Oxygen Forensic Suite – Smart Forensics for Smart Phones.
- WinHex – WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards
- X-Ways Forensics – X-Ways Forensics is an advanced work environment for computer forensic examiners and our flagship product. It runs under Windows 2000/XP/2003/Vista*/2008*/7*, 32 Bit/64 Bit. Compared to its competitors, X-Ways Forensics is more efficient to use after a while, often runs faster, is not as resource-hungry, finds deleted files and search hits that the competitors will miss, offer many features that the others lack, …, and it comes at a fraction of the cost! It is based on the WinHex hex and disk editor and part of an efficient workflow model where computer forensic examiners share data and collaborate with investigators that use X-Ways Investigator