Penetration Testing mailing list archives
Scanning Tools
From: "Andy Cuff [Talisker]" <lists () securitywizardry com>
Date: Mon, 3 Nov 2003 18:23:01 -0000
Hi, For those that aren't aware I maintain a list of security products categorising them and providing a few salient details about each tool. The Site is non-profit making, unbiased and vendor neutral. I'm about to update all the scanning tools categories but cannot do so without your help. This part of the site is well out of date due to work commitments and a motorcycle accident but I'm now recovering and getting back on track, in order to minimise list noise I've incorporated all the categories in a single post. Please note that I'm looking for tools NOT managed services or rebadged scanners that don't extend the functionality over the original tool. Suggestions regarding categories are welcomed. Firstly as I'm sure you're all aware it would be impossible to list all such products on a single page therefore I've divided them up into the following categories, from the simple upwards: Network Enumerators/Mappers. Lightweight scanning tools which discover multiple hosts on a network. http://www.securitywizardry.com/enum.htm Fingerprinting tools; Active & Passive. Tools which will probably include Network Enumerator functionality but designed to identify the operating system of a host(s) and the services running on it/them http://www.securitywizardry.com/osfa.htm http://www.securitywizardry.com/osfp.htm Application Scanners. Scanners designed to test applications such as websites and databases either from the network with no privileges or from the host with root/admin privileges. http://www.securitywizardry.com/database.htm http://www.securitywizardry.com/wscan.htm Host Scanners. Scanners which test the hosts operating system for vulnerabilities from a privileged account, many will also fix the vulnerabilities they find. http://www.securitywizardry.com/h_scan.htm Network Vulnerability Scanners. Nearing the top of the range, these test the host or range of hosts for some or all of the above scanning hosts remotely for vulnerabilities. http://www.securitywizardry.com/N_scan.htm Distributed Vulnerability Scanners. Getting around firewall and bandwidth issues scanners can be distributed around a network, reporting to a central location. http://www.securitywizardry.com/dist.htm As indicated above functionality increases through the categories therefore nmap is under active fingerprinters not enumerators, I have changed the menu on site to reflect the order of the above but cannot upload it until month end. Thanks for any help you can offer take care -andy Talisker Security Tools Directory http://www.securitywizardry.com --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ----------------------------------------------------------------------------
Current thread:
- Scanning Tools Andy Cuff [Talisker] (Nov 03)
- Reporting aspect of pen-testing TJ O'Grady (Nov 30)