15 Best Network Security Tools For You! 

 Saturday, September 06, 2014:  There are several network security tools which can be used for open source and commercial uses. Here are 15 coolest tools among the whole lot which can give you a smoother run ahead.

1. The Sleuth Kit :

The Sleuth Kit was previously known as TSK and it is a collection of UNIX-based command line file and volume system forensic analysis tools. This tool allows you to examine file systems of computer which is a suspect in intrusion. The tools never rely on the operating system to process the file systems, deleted and hidden content is shown. The latest release of this tool is version 4.0.1.

2. Websecurify :

It is a powerful web application security testing environment which has been designed from the ground to provide the best combination of automatic and manual vulnerability testing technologies. Its latest version is 1.0.2.

3. Knoppix :

Knoppix is a representative collection of GNU/Linux software and automatic hardware detection. It supports many graphics cards, sound cards, SCSI and USB devices and other peripherals. Knoppix can be used as a productive Linux system fin the desktop, educational CD and rescue system. Its latest release is version 7.2.0.

4. THC Amap :

Amap does great job in determining what application is listening on a given port. It is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap also allows parsing Nmap output files. Its latest release is version 5.4.

5. RainbowCrack :

RainbowCrack tool is a hash cracker which uses a large-scale time-memory trade-off. It tries all possible plaintexts and it uses a time-memory trade-off to do all the cracking-time computation in advance. It also stores the results in so-called "rainbow tables". Its latest version is 1.5.

6. Grendel-Scan:

The latest being version 1.1, Grendel-Scan is an open-source web application security testing tool. It automates testing module for detecting common web application vulnerabilities. It also features geared at aiding manual penetration tests.

7. dradis:

It's an open source framework which enables effective sharing of information among participants in a penetration test. This web application is self-contained and it provides a centralised repository of information. It has plugins to read and collect the output of network scanning tools, like Nmap, Burp Suite and Nikto. Its latest release is version 2.6.1.

8. Socat:

This is almost similar to Netcat which works with protocols and through files, pipes, devices (terminal or modem, etc.), sockets (Unix, IP4, IP6 - raw, UDP, TCP), a client for SOCKS4, proxy CONNECT, or SSL, etc. Its latest version is 2.0.0-b4.

9. DumpSec:

DumpSec, with its latest version 2.8.6, is a security auditing program for Microsoft Windows NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) and shares in a concise, readable format.

10. SAINT:

This is a commercial vulnerability assessment tool. Once it was free and open source but now it is a commercial product. SAINT runs on Linux and Mac OS X and its latest version is 7.13.

11. NBTScan:

NBTScan is a program which is used for scanning IP networks for NetBIOS name information. It sends a NetBIOS status query in human readable form. It lists IP address, NetBIOS computer name, logged-in user name and MAC address from every responded IP host. The original nbtscan was written by Alla Bezroutchko, later altered by Steve Friedl. The latest version of this program is 1.5.1.

12. DirBuster:

It looks for hidden pages and directories on a web server and when some developers leave a page accessible, but unlinked; DirBuster finds these potential vulnerabilities. This is a Java application developed by OWASP and its latest version is 2.0-RC1.

13. WinDbg:

It is a graphical debugger from Microsoft which is just one component of the Debugging Tools for Windows package. It also includes the KD, CDB, and NTSD debuggers and claims to be debugging memory dumps produced after a crash. It can even debug in kernel mode too. Its latest release is version 6.2.9200.16384.

14. Wfuzz:

Wfuzz bruteforces Web Applications and it can be used for finding resources which are not linked (like directories, servlets, scripts, etc), bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.), bruteforcing form parameters (user/password), fuzzing, and more. Its latest release is version 2.0.

15. ArcSight SIEM platform:

A suite of tools is provided for SIEM—security information and event management by ArcSight. ArcSight Enterprise Security Manager (ESM), the best one, is a log analyzer and correlation engine which was designed for important network events.