Skip to content

Latest commit

 

History

History
40 lines (39 loc) · 3.81 KB

Scanning.md

File metadata and controls

40 lines (39 loc) · 3.81 KB

Open Source

Free and Closed-Source

Paid

Open Source

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

A list of Autopsy features can be found here

BitPim is a program that allows you to view and manipulate data on many CDMA phones from LG, Samsung, Sanyo and other manufacturers. This includes the PhoneBook, Calendar, WallPapers, RingTones (functionality varies by phone) and the Filesystem for most Qualcomm CDMA chipset based phones.

Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. Vega can help you find vulnerabilities such as: reflected cross-site scripting, stored cross-site scripting, blind SQL injection, remote file include, shell injection, and others. Vega also probes for TLS / SSL security settings and identifies opportunities for improving the security of your TLS servers.

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

Free and Closed-Source

Quickly and easily assess the security of HTTP response headers of your website using this webapp. It also gives rating to the assessed website based on the security-headers-score.

Advanced Port Scanner is a free network scanner allowing you to quickly find open ports on network computers and retrieve versions of programs running on the detected ports. The program has a user-friendly interface and rich functionality.

Paid

Acunetix Web Vulnerability Scanner is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross site scripting, and other exploitable vulnerabilities. Find more about it here

Burp Suite is a must have tool if project specifies web application security testing. It offers features like:

  • Automated crawl and scan
  • Custom and advanced scanning for manual testers
  • Lists vulnerabilities identified in a categorical manner
  • Automates custom attacks using Intruder and more
See BurpSuite for more.

Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network. Apart from configuration reviews and compliance checks, Nessus is a handy tool to perform vulnerability assessment on network devices, web applications as well as firewalls.