Search Results for "netbios auditing tool"

Scout Suite is an open-source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically. Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time...

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services...

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries. Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website...

Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard...

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them...

JBrute is an open source tool written in Java to audit security and stronghold of stored password for several open source and commercial apps. It is focused to provide multi-platform support and flexible parameters to cover most of the possible password-auditing scenarios. Java Runtime version 1.7 or higher is required for running JBrute. Supported algorithms: MD5 MD4 SHA-256 SHA-512 MD5CRYPT SHA1 ORACLE-10G ORACLE-11G NTLM LM MSSQL-2000 MSSQL-2005 MSSQL-2012 MYSQL-322 MYSQL...

Security Configuration Assistant for Apache, MySQL and PHP (SCAAMP) is a security configuration vulnerability auditing and fixing tool for Apache HTTP Server, PHP Interpreter and MySQL Database Server.

Black scalpel is an advanced graphical (Swing gui) security and analysis tool written in Java, C and Assembler (platform independent). Current stage is early alpha, many features are still missing. Use SVN!

This purpose of this tool is to manage SOD conflicts within an ERP environment (in our case of SAP). Segregation of Duties (SOD) is an important tool in ensuring that a business is under control from an auditing perspective. Files are available !!!

IceScan is a free open source network analyzing and security auditing tool for Unix-like and Windows operating systems. It uses libpcap, a packet capture and filtering library.

PDit is a PHP Auditing and Analyzing Tool, it will cover the most common and significant vulnerabilities that can be found in a php pages/scripts.

PEStudio is a network protocol analysis and security auditing tool for Windows which allows you to apply scripts to winsock calls in order to filter / edit the data that travels to and from your computer, giving you complete control over your network.

Exploits some of the known vulnerabilities of Oracle. Includes SID Enumeration, Passwords tests [common/ dictionary]. Supports attachment of malformed shell codes with TCP packets for crashing the remote server or gain DBA privileges on it.

NBTscan-Ipanto is a command-line tool that scans for NETBIOS devices on a local or remote TCP/IP network. NBTscan-Ipanto is more powerful than others NETBIOS scanners as it is designed not to flood ARP tables and firewalls.

KayRa is a Web Application Security Auditing Tool designed to test the security of websites by analyzing web pages. Some of the tests include: SQL Injection, XSS, Form behaviour with bad data. All tests carried out will be based on the OWASP guide.

Cisco Torch mass scanning, application layer fingerprinting, and exploitation tool to discover and attack remote Cisco hosts running Telnet, SSH, Web, TFTP, NTP and SNMP services. Useful in auditing large networks for misconfigured/un-updated Ciscos.

Sherlock Roams is a Python-based password auditing tool for Un*x-based systems. It uses a brute force approach on the shadow file (or the regular password file if that fails) to determine which users on your system have obviously insecure passwords.

NetBios Scan is a tool that scan ip ranges and searchs host with share resources. With this program you can get information like machine name, workgroup,the user list, share resources... and you can connect and disconnect to these resources!!.

kkp is a security tool based on a vulnerability in handling of the NetBIOS protocol by the Microsoft Windows 9x platform. It is meant to be the most reliable and efficient tool for this use. It has been tested on POSIX, and might work under Win32.