Questions tagged [tools]

Tools used by security professionals

This can include

  • scanners
  • exploits
  • hardware
  • software
  • checklists
  • scripts
  • Live CD's

etc

201 questions
122
votes
6 answers

How to find out what programming language a website is built in?

I think that it's fundamental for security testers to gather information about how a web application works and eventually what language it's written in. I know that URL extensions, HTTP headers, session cookies, HTML comments and style-sheets may…
storm
  • 1,714
  • 4
  • 16
  • 25
63
votes
16 answers

What tools are available to assess the security of a web application?

What tools are available to assess the security of a web application? Please provide a small description of what the tool does. Update: More specifically, I'm looking for tools that assume no access to the source code (black box).
48
votes
5 answers

Open-source penetration-test automation

What order do typical open-source penetration tests operate? Which tools are run first, second, third -- and how do you control them? Does one simply use Metasploit RC files? A network vulnerability scanner in a special way? A command-line, custom,…
atdre
  • 18,885
  • 6
  • 58
  • 107
48
votes
5 answers

What's an easy way to perform a man-in-the-middle attack on SSL?

I'd like to perform a man-in-the-middle attack on SSL connections between clients and a server. Assuming the following: I've got a certificate that the client will accept, via poor cert validation or other means. I know the IP address of the server…
Polynomial
  • 132,208
  • 43
  • 298
  • 379
40
votes
5 answers

How should source code security be checked?

How to check whether the source code of an open-source project contains no malicious content? For example, in a set of source code files with altogether 30,000 lines, there might be 1-2 lines containing a malicious statement (e.g. calling curl…
tonychow0929
  • 2,247
  • 3
  • 13
  • 14
30
votes
8 answers

Best way to administer all my passwords

I am trying to figure out what the best solution is to store different types of passwords: Personal passwords (my personal email, my company's email, all the services I use to buy things like Amazon, etc.) My business passwords (all the tools…
Lautaro Rosales
  • 403
  • 4
  • 7
29
votes
7 answers

How to keep an eye on upgrades, patches and security issues for used open-source libraries?

For a project with many open-source libraries as a part of it, I began to search for information source concerning all upgrades and security issues. The kind of sources I gathered are either announcement list or issue/bug tracker in the form of RSS…
28
votes
4 answers

What benefits does Nessus have over OpenVAS?

Nessus and OpenVAS appear to have fairly similar features. Why would you choose one over the other, besides the benefit of commercial support (which isn't available for Nessus Home Feed users anyways)?
atdre
  • 18,885
  • 6
  • 58
  • 107
25
votes
4 answers

Reduce Noise when Penetration Testing

Recently I participated in a capture the flag competition which was attached with SOC analysis teams monitoring our traffic. There we were told that many tools were very noisy. Eg Sqlmap which has its full header. As all of us were new so we weren't…
Khopcha
  • 465
  • 5
  • 11
22
votes
7 answers

Convenient cross-platform help on checking secure hashes like SHA-256

It is often helpful to be able to obtain a good cryptographic checksum of a file, e.g. the SHA-256 hash. This can be used to verify file integrity, so long as you have a reliable source for the hash. Support for both SHA-256 and MD5 from the…
nealmcb
  • 20,544
  • 6
  • 69
  • 116
22
votes
7 answers

Computer Forensics: what is in your toolbox?

What tools do you use for collecting evidence, making disk images, inspecting live memory and so on?
gbr
  • 2,000
  • 1
  • 16
  • 22
21
votes
4 answers

Testing clean urls with sqlmap

Is it possible to test for SQL injection vulnerabilities with using sqlmap with a url that is using mod rewrite (or something like it) to make the urls clean? I know how to test my sites that have urls like: http://mysite.com/?id=1 But what about my…
chadgh
  • 319
  • 1
  • 2
  • 4
21
votes
6 answers

Backing up sensitive data - pitfalls and best practices

Obviously, securely backing up sensitive data is a challenge. A remote backup is important for surviving a variety of disasters. What are some of the "gotcha's" lurking out there, and what best practices can avoid them? To make it a bit more…
nealmcb
  • 20,544
  • 6
  • 69
  • 116
20
votes
6 answers

Browsing exploits with Metasploit console

Is there any way to browse certain exploits in MSFconsole? The show exploits command shows too many and I cannot find a way to show just Windows file format exploits, for example.
Sonny Ordell
  • 3,476
  • 9
  • 33
  • 56
18
votes
4 answers

Criteria for Evaluating Static Analysis Tools

As with any tools purchase part of the outcome is in how good the evaluation criteria are, so it is important to understand the criteria people might use when assessing Security static analysis tools. Obviously the weighting on each criterion would…
Rory McCune
  • 60,923
  • 14
  • 136
  • 217
1
2 3
13 14