• Insecure.org Top 100 Network Security Tools

    by  • January 20, 2007 • Product Reviews, Security Tool Profiles

    In 2000, Fyodor, creator of the NMap Scanner, conducted a survey of the readers of the nmap-hackers mailing list and compiled the Top 50 Security Tools.

    Three years later, Fyodor again conducted the survey, and expanded the list to include the Top 75 Security Tools. Another three years have gone by and another survey has been done. With 3,243 readers responding, Fyodor has compiled the Top 100 Security Tools from his 2006 survey and they are now posted on the Insecure.org web site.

    There are a total of 42 new tools on the list. That means that 42 out of 100 tools on the Top 100 Security Tools list did not appear on the 2003 Top 75. Thirteen of the new tools even made the top 50. Had the list been maintained at the Top 75, the length of the list in 2003, 27 of the tools (almost half) would be new to the list.

    For the complete, detailed listing of all 100 tools, complete with links to download them, you should visit the Top 100 Security Tools listing on Insecure.org. I will summarize here the top 10, as well as providing a list of the new tools on the list.

    Top 10 Tools

    1. Nessus (vulnerability scanners)
    2. Wireshark (packet sniffers- previously known as Ethereal)
    3. Snort (IDS – intrusion detection system)
    4. Netcat (Netcat)
    5. Metasploit Framework (vulnerability exploitation tools)
    6. HPing2 (packet crafting tools)
    7. Kismet (wireless tools or packet sniffers)
    8. TCPDump {packet sniffers)
    9. Cain and Abel (password crackers or packet sniffers)
    10. John The Ripper (password crackers)

    New Tools In The Top 100

    • Metasploit Framework
    • Paros Proxy
    • Aircrack
    • Sysinternals
    • Scapy
    • BackTrack
    • P0f
    • Google
    • WebScarab
    • WebInspect
    • Core Impact
    • IDA Pro
    • Rainbow Crack
    • AngryIP Scanner
    • RKHunter
    • Ike-scan
    • KisMAC
    • OSSEC HIDS
    • Tor
    • Knoppix
    • chrootkit
    • Yersinia
    • Nagios
    • X-scan
    • Socat
    • QualysGuard
    • ClamAV
    • BurpSuite
    • Unicornscan
    • BASE
    • Argus
    • Wikto
    • SGuil
    • IP Filter
    • Canvas
    • VMware
    • OpenVPN
    • OllyDbg
    • Helix
    • Acunetix Web Vulnerability Scanner
    • TrueCrypt
    • Watchfire AppScan

    About

    Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

    http://www.tonybradley.com