A tool to Audit Cisco Configuration Files.

Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment

DDoSPing is a remote scanner for the most common Distributed Denial of Service programs (often called Zombies by the press). These were the programs responsible for the recent rash of attacks on high profile web sites.
This tool will detect Trinoo, Stacheldraht and Tribe Flood Network programs running with their default settings, although setup of each program type is possible from the configuration screen. Scanning is performed by sending the appropriate UDP and ICMP messages at a controlable rate to a user defined range of addresses.

Foundstone CodeScout™ is a free tool developed by Foundstone to help application developers and code reviewers validate adherence to coding best practices and determine the complexity and scope of a code base. The tool is a plugin that comes with a set of default rules as well as functionality allowing power users to define their own rules. This tool helps users automate part of the code review process by identifying potential hot-spots in the code base and provides useful metrics about to size and scope of the source code of a project.

As its name suggests, this program lists all alternate data streams of an NTFS directory.  Of course it shows the ADS of encrypted files, even when these files were encrypted with another copy of Windows 2000

Foundstone HackPack™ is a tool designed to aid security professionals in keeping up with changes and updates to security software. The tool offers a simple interface to a large variety of security tools. Much like an RSS reader for web page updates, HackPack shows a user a list of all the tools they want to track, along with current versions and links to download locations. This allows users to stay on top of which tools are being updated as well as monitor any current news and information on the tools the user is interested in. Keeping users up to date on new releases means new features can be tested and put to use more quickly allowing for users of HackPack to stay on top of security tools landscape.

Winfingerprint is a Win32 Host/Network Enumeration Scanner. Winfingerprint is capable of performing SMB, TCP, UDP, ICMP, RPC, and SNMP scans. Using SMB, winfingerprint can enumerate OS, users, groups, SIDs, password policies, services, service packs and hotfixes, NetBIOS shares, transports, sessions, disks, security event log, and time of day utilizing NT Domain (Net*), Active Directory, or WMI APIs. Winfingerprint-cli is a command line version of winfingerprint and it is currently bundled with each release.

Wininterrogate is a Win32 file system and process enumeration/integrity tool. A command line version of wininterrogate (currently available in CVS) will be bundled with the next release

fwlogwatch is a packet filter / firewall / IDS log analyzer written by Boris Wesslowski originally for RUS-CERT. It supports a lot of log formats and has many analysis options. It also features incident report and realtime response capabilities, an interactive web interface and internationalization.

CCSAT (Cisco Configuration Security Auditing Tool) is a tool for automated audit of configuration security of large numbers of Cisco routers and switches. The tool is based upon industry best practices, including Cisco, NSA, and SANS security guides and recommendations. It is flexible and can report details down to individual device interfaces, lines, ACLs, and ASs, etc. CCSAT has been tested, and used for real audits, on FreeBSD, Solaris 8 and Linux. It should also work on all other major UNIX platforms (POSIX.2).

fwanalog is a shell script that parses and summarizes firewall logfiles. It currently (version 0.6.9) understands logs from ipf (tested with OpenBSD 2.8's and 2.9's ipf, also FreeBSD, NetBSD and Solaris 8 with ipf (+ ipfw on FreeBSD)), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, some ZyXEL/NetGear routers and Cisco PIX, Watchguard Firebox, Firewall-One (not NG!), FreeBSD ipfw and Sonicwall firewalls.

SQLAT is a suite of tools which could be usefull for pentesting a MS SQL Server. The tools are still in development but tend to be quite stable.

The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be ’sa’ to run some of the tools, but this usually isn’t a problem.

Provides templates for the major IIS-dependent Microsoft products. IIS Lockdown Tool functions by turning off unnecessary features, thereby reducing attack surface available to attackers. To provide in-depth defense or multiple layers of protection against attackers, URLscan, with customized templates for each supported server role, has been integrated into the IIS Lockdown Tool.

The Microsoft Internet Security and Acceleration (ISA) Server Best Practices Analyzer Tool is designed for administrators who want to determine the overall health of their ISA Server computers and to diagnose current problems. The tool scans the configuration settings of the local ISA Server computer and reports issues that do not conform to the recommended best practices

SomarSoft's DumpSec is a security auditing program for Microsoft Windows® NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information.

Pwdump is a tool that is used to grab Windows password hashes from a remote Windows computer.

The Windows NT and Windows 2000 Resource Kits come with a number of command-line tools that help you administer your Windows NT/2K systems. Over time, I've grown a collection of similar tools, including some not included in the Resource Kits. What sets these tools apart is that they all allow you to manage remote systems as well as the local one. The first tool in the suite was PsList, a tool that lets you view detailed information about processes, and the suite is continually growing. The "Ps" prefix in PsList relates to the fact that the standard UNIX process listing command-line tool is named "ps", so I've adopted this prefix for all the tools in order to tie them together into a suite of tools named PsTools.

Hyena uses an easy-to-use visual Explorer-style interface for all operations, including right mouse click pop-up context menus for all objects. Management of users, groups (both local and global), shares, domains, computers, services, devices, events, files, printers and print jobs, sessions, open files, disk space, user rights, messaging, exporting, job scheduling, printing, and more are all supported. Hyena also features extensive Active Directory, Exchange, and WMI support as well.