YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut). It do many tests for checking security configuration issue or others good practice. It checks many software configurations like: Apache PHP kernel MySQL OpenVPN Packages [...]
Tag Archive | "auditing"
The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite security [...]
What is ScreenStamp! ScreenStamp! is basically a screen grabbing application for pen-testing and people working in forensics. The app will ask you for a location to save your screen shots to, along with a name that the program will number, allowing the user to concentrate on the job at hand as opposed to saving screen [...]
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It [...]
FWAuto (Firewall Rulebase Automation) is a Perl script and should work on any system with Perl installed. Provide the running config of a PIX firewall to fwauto. It will analyze and give you a list of weak rules in your rule base and store the result in multiple output files. Maybe there have been times [...]
Redseal is launching a free offer next week for security consultants, pen testers and auditors. Redseal develops a product called Security Risk Manager (SRM), it does the following – (non sales overview) Imports firewall and router configuration files Audits and checks them for errors, mis configurations, redundant rules, checks against best practices etc Draws a [...]
After the web 2.0 hacking with firefox and its plugins article I wrote some months ago, recently I found a new way to transform firefox in the ultimate pen-testing tool… actually it has been lying in my inbox for days… …new Firefox Framework Map collection of the most useful security oriented extensions. We called the [...]