sectool – Security Audit Tool & IDS

Keep on Guard!

sectool is a security tool that can be used both as a security audit as well as a part of an intrusion detection system. It consists of set of tests, library and textual/graphical frontend. Tests are sorted into groups and security levels. Administrators can run selected tests, groups or whole security levels.

Security Levels

  1. Naive – pretty basic and short set of tests
  2. Desktop – set of tests prepared to run on box not connected to internet
  3. Network – standard client machine connected to internet
  4. Server – network server
  5. Paranoid – bunch of tests for paranoid admins

The tests print several type of messages during their execution. “Warning” and “Error” messages are used to inform about discovered security risks.

  • warning – something that admin should know about
  • error – issues that should be fixed

Then there are another two messages: “Hint” and “Info”. These two are not print by default, so they need to be turned on.

  • hint – helps to find a way how to resolve discovered issue
  • info – provides information what does the test do at the moment

Test Results

Every test run is finished with one of these results:

  • PASS – Everything went OK, no security risks were discovered
  • WARNING – only warning messages were print
  • ERROR – at least one security issue was discovered
  • FAIL – internal test problem appears, test can’t be run

You can download sectool here:


Or read more here.

Posted in: Countermeasures, Security Software

, , , , , , , , , ,

Recent in Countermeasures:
- Microsoft Azure Web Application Firewall (WAF) Launched
- mongoaudit – MongoDB Auditing & Pen-testing Tool
- Why Are Hackers Winning The Security Game?

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,637 views
- Password Hasher Firefox Extension - 118,163 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,805 views

Comments are closed.