Saturday, April 16, 2011

some useful security tools

The following information is from:

http://www.securityfocus.com/cgi-bin/index.cgi?o=0&l=10&c=33&op=display_list&Keyword=&CategoryID=95&PlatformID=


Katana: Portable Multi-Boot Security Suite
Added 2009-11-25
by .ronin
Katana v1 (Kyuzo) has just been released from www.hackfromacave.com .
The Katana: Portable Multi-Boot Security Suite is designed to fulfill
many of your computer security needs. The idea behind this tool is to
bring together many of the best security distributions and
applications to run from one USB Flash Drive. Instead of keeping track
of dozens of CDs and DVDs loaded with your favorite security tools,
you can keep them all conveniently in your pocket. Katana includes
distributions which focus on Penetration Testing, Auditing, Password
Cracking, Forensics and Honey Pots. Katana comes with over 100
portable Windows applications, such as Wireshark, HiJackThis,
Unstoppable Copier, Firefox, and OllyDBG. It also includes the
following distributions: - Backtrack 4 pre - the Ultimate Boot CD -
Ophcrack Live - Damn Small Linux - the Ultimate Boot CD for Windows -
Got Root? Slax - Organizational Systems Wireless Auditor (OSWA)
Assistant - Damn Vulnerable Linux Katana is also highly customizable.
You can modify Katana by adding or removing distributions and portable
apps with ease. You can add functionality to distributions like the
Ultimate Boot CD, Got Root? Slax and UBCD4Win. You can also load your
personal scripts and documents to keep them conveniently with you on
your flash drive to use in concert with the provided tools. More
informations on this can be found at forum.hackfromacave.com

Graudit
Added 2009-10-12
by Wireghoul
Graudit is a simple script and signature sets that allows you to find
potential security flaws in source code using the GNU utility grep.
It's comparable to other static analysis applications like RATS, SWAAT
and flaw-finder while keeping the technical requirements to a minimum
and being very flexible.

moth
Added 2009-06-08
by Bonsai - Information Security
Moth is a VMware image with a set of vulnerable Web Applications and
scripts, that you may use for: 1. Testing Web Application Security
Scanners 2. Testing Static Code Analysis tools (SCA) 3. Giving an
introductory course to Web Application Security

Yasca
Added 2008-09-30
by Michael Scovetta
Yasca is a source code analyzer that integrates other open-source
tools (PMD, FindBugs, Jlint) to produce a single output file. Yasca is
easily extensible and includes a large number of custom rules
implemented via a plugin-based architecture. Yasca is designed to find
"low hanging fruit" and has plugins supporting a variety of languages,
but mostly focused on Java and C/C++.

Source Security
Added 2007-01-15
by
sourcesec.com provides Web-based access to code auditing applications,
and was created to assist developers and users in auditing their
programs for vulnerabilities. You can upload your code for static
analysis by RATS, Flawfinder and ITS4 as applicable - the C/C++, PHP
Python and Perl languages are supported. Additionally, a simplified
search function is available which easily allows efficient Web
searches for security-related information.

LAPSE
Added 2006-09-14
by Benjamin Livshits
LAPSE is designed to help with the task of auditing Java J2EE
applications for common types of security vulnerabilities found in Web
applications. LAPSE is inspired by existing lightweight security
auditing tools such as RATS, pscan, and FlawFinder. Unlike those
tools, however, LAPSE addresses vulnerabilities in Web applications.
LAPSE is not intended as a comprehensive solution for Web application
security, but rather as an aid in the code review process.

SWAAT
Added 2006-09-08
by Security Compass Team
Security compass Web Application Auditing Tool (SWAAT) is a free
static web application source code auditing tool. The aim of SWAAT is
to help developers, testers, security staff, and auditors locate
potentially dangerous portions of source code; it is designed to
assist source code review.

JAAScois X-Code v1.0 PHP Version
Added 2006-07-26
by JAAScois
analysis all php projects & discover exploits

LiLith
Added 2005-11-03
by Michael Hendrickx, CISSP
LiLith is a tool written in Perl to audit web applications. This tool
analyses webpages and looks for html <form> tags , which often refer
to dynamic pages that might be subject to sql injection or other
flaws.

Flawfinder
Added 2003-10-01
by David Wheeler
Flawfinder searches through source code looking for potential security
flaws. It will provide a list of potential security flaws, sorted by
risk, with the most potentially dangerous flaws shown first. This risk
level depends not only on the function, but on the values of the
parameters of the function. Flawfinder ignores text inside comments
and strings.

RatScan
Added 2003-06-16
by BeetleSoft
'RatScan' a security tool and front-end for the RATS scanner which can
check your source code for weaknesses, vulnerabilities and exploits.
It can detect potentially dangerous coding practices and advise you on
the risks and the various steps needed to secure your code further. It
is compatible with multiple programming languages including PHP,
C/C++, Perl and others.

RATS (Rough Auditing Tool for Security)
Added 2002-05-14
by Secure Software Solutions
RATS, the Rough Auditing Tool for Security, is a security auditing
utility for C and C++ code. RATS scans source code, finding
potentially dangerous function calls. The goal of this project is not
to definitively find bugs (yet). The current goal is to provide a
reasonable starting point for performing manual security audits.

Fenris
Added 2002-05-09
by Michal Zalewski
Fenris started as a binary code tracing utility, but since the first
release, it gets more and more difficult to write a simple summary of
its functionality. Fenris is a comprehensive multi-level code tracer,
a bit of a C decompiler, an interactive modular debugger, a code
analysis tool, an execution path visualisation tool, a function
fingerprinting and symtab recovery tool - all depends on how you use
it. Fenris is suitable for everything from bug tracking or protocol
analysis to forensics and reverse engineering, doing all the mindless
work for you and making your life a bit easier.

SecureCFM
Added 2002-05-08
by Dimitri Muringer
SecureCFM is dedicated to the audit of ColdFusion source code (CFML),
in order to detect then correct possible Cross Site Scripting
vulnerabilities.

Stephanie
Added 2001-10-22
by
In Phrack 54, route|Mike Schiffman wrote a series of patches for
OpenBSD 2.4 for Trusted Path Execution (TPE). Stephanie brings a
modified version of these up to speed for OpenBSD 2.8 and 2.9, along
with some additional features. Stephanie also brings restricted
symbolic links, ala the openwall patches for linux. As time permits,
i'm still working on adding additional features, and will add bits of
the openwall stuff i like. The basic goal is to add an extra layer of
security without being a monumental pain in the ass to legitimate
users, so some things won't be there. I haven't added the additional
hard link restrictions of the openwall patch, but will do something
about this later as time permits

cqual
Added 2001-10-22
by Jeff Foster
cqual is a typed-based analysis tool for finding bugs in C programs.
It extends the type system of C with extra user-defined type
qualifiers. The programmer annotates their program with the
appropriate qualifiers, and cqual checks for errors. Incorrect
annotations indicate potential bugs. cqual presents the analysis
results using Program Analysis Mode, an emacs-based GUI. Among other
applications, cqual can be used to detect potential format-string
vulnerabilities. It includes default configuration files to detect
format-string bugs out-of-the-box.

strace
Added 2001-10-22
by Wichert Akkerman, wakkerma@debian.org
(Update) Strace is a system call trace, i.e. a debugging tool which
prints out a trace of all the system calls made by a another
process/program. The program to be traced need not be recompiled for
this, so you can use it on binaries for which you don't have source.
System calls and signals are events that happen at the user/kernel
interface. A close examination of this boundary is very useful for bug
isolation, sanity checking and attempting to capture race conditions.

Source Code Scanner For File Race Conditions 1.0b
Added 2001-10-22
by Antonomasia, ant@notatla.demon.co.uk
Programs sometimes contain unsafe file handling code, particularly
that involving race conditions. These commonly occur where check is
performed on a file object (for existence, file owner, group or mode)
and some use of the file is decided upon as a result. This can be
insecure if changes occur affecting the file object between the check
and the use. This will be a problem if the code contains the
assumption that a check remains valid (a programming condition) and
the file object concerned can actually be changed by an attacker (an
environmental condition).

ITS4
Added 2001-10-22
by John Viega, viega@list.org
ITS4 is a command-line tool for statically scanning C and C++ source
code for security vulnerabilities. ITS4 scans through source code for
potentially dangerous function calls that are stored in a database.
Anything that is in the database gets flagged. ITS4 tries to automate
a lot of the grepping usually done by hand when performing security
audits.

Strace for NT
Added 2001-10-22
by Todd Sabin, tsabin@razor.bindview.com
Strace for NT is a debugging/investigation utility for examining the
NT system calls made by a process. It is meant to be used like the
strace (or truss) on linux and other unix OSes.

BFBTester
Added 2001-10-22
by Mike Heffner
BFBTester is great for doing quick, proactive, security checks of
binary programs. BFBTester will perform checks of single and multiple
argument command line overflows and environment variable overflows.
Versions 2.0-BETA and higher can also watch for tempfile creation
activity to alert the user of any programs using unsafe tempfile
names. While BFBTester cannot test all overflows in software, it is
useful for detecting initial mistakes that can red flag dangerous
software.

IPWatch.dll
Added 2001-10-22
by Glenn Larsson
IPWatch.dll - Audit data generated by Netstat output. This version
fixes a bug with (default)name conflicts. Written for VB, but should
also work with C++ using Declarative function calls. A complete
description is available at the home page.

PScan (Problem Scanner)
Added 2001-10-22
by Alan DeKok
Are you tired of yet more externally exploitable buffer overflows in C
programs? Do you want to audit your source for common mistakes? If so,
PScan is for you. What PScan does: Scans C source files for
problematic uses of printf style functions. e.g.: sprintf(buffer,
variable); Bad! Possible security breach! sprintf(buffer, "%s",
variable); Ok

Fuzz for Linux
Added 2001-10-22
by Ben Woodard, ben@valinux.com
The overall goal is to improve the overall security of Linux by fixing
bugs. Paraphrasing Theo DeRaadt, the head of the OpenBSD project, If
you go about fixing bugs, then security is one of the benefits.

initd_.sh
Added 2001-10-22
by initd_, initd_@digital.net
A automated script to test binary executables of any type for buffer
overflows while you kick back and sip Guinness.

Wrapper
Added 2001-10-22
by Joe Zbiciak, im14u2c@primenet.com
This wrapper is intended to protect SUID/SGID programs that may either
be susceptible to buffer overflows on commandline arguments, or
inappropriately trust certain environment variables. This wrapper does
not fix file race-conditions, nor does it help with other
bugs/problems.

qaudit.pl
Added 2001-10-22
by v9, v9@fakehalo.org
qaudit.pl is a simple source file auditing tool to check for possible
security holes in C/C++ code. It checks for possible buffer overflows,
format bugs, execution calls, and other potentially dangerous calls.

VisualSoft FileSecure
Added 2001-10-22
by VisualSoft Technologies
VisualSoft FileSecure 1.0 is a cute cryptographic product that helps
encrypt/decrypt files and/or folders using symmetric key mechanism. It
incorporates powerful Blowfish algorithm for the process of encryption
and decryption. It supports file compression and secure file transfer
using FTP. It encrypts selected files and/or folders and produces a
self-decryption archive. The encrypted file can be decrypted simply by
double clicking the archive with the given passphrase.

No comments:

Post a Comment