Showing posts with label Security Tools. Show all posts
Showing posts with label Security Tools. Show all posts

MBSA (Microsoft Baseline Security Analyzer)

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.

What You Must Know

MBSA requires the following software to be installed:
  • Windows 2000 SP3 or later, Windows XP (local scans only on computers running Windows XP that use simple file sharing), Windows Server 2003, Windows Vista, or Windows Server 2008
  • The latest Windows Update Agent (WUA) client; MBSA automatically updates computers that need an updated WUA client if the option Configure computers for Microsoft Update and scanning prerequisites is selected.
  • IIS 5.0, 5.1 or 6.0 (required for IIS vulnerability checks)
  • SQL Server 2000 or MSDE 2.0 (required for SQL vulnerability checks)
  • Microsoft Office 2000, Office XP, or Office 2003 (required for Office vulnerability checks)
  • The following services must be installed or enabled: Server service, Workstation service, Remote Registry service, File & Print Sharing, and the DCOM updates and firewall exceptions (required for security update checks)


SuperSecret provides secure storage for all of your logins and  passwords so that you have one password to remember  from now on.Only one password is required to use SuperSecret.

Nmap (Security Scanner)
A popular tool used for portsscaning and OS finger printing.

Shadow Security Scanner (A commercial vulnerability assessment tool)

XProbe2 (Active OS fingerprinting tool )
XProbe is a tool for determining the operating system of a remote host.Xprobe has always emphasized the ICMP protocol in their fingerprinting approach.

Firewalk (Advanced traceroute )
Firewalk employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks

N-Stealth (Web server scanner )
N-Stealth is a commercial web server security scanner. It is generally updated more frequently than free web scanners such as whisker and nikto

SAINT (Security Administrator's Integrated Network Tool )
Security Administrator's Integrated Network Tool 
Saint is another commercial vulnerability assessment tool (like ISS Internet Scanner or eEye Retina). Unlike those Windows-only tools 
Saint used to be free and open source, but is now a commercial product.

Retina Network Security Scanner

Retina's function is to scan all the hosts on a network and report on any vulnerabilities found.

Windows TCP port scannerIt can handle ping scans and port scans using specified IP ranges

Nikto is a web server scanner which looks for over 2600 potentially dangerous files/CGIs and problems on over 625 servers

GFI Languard
A commercial network security scanner for Windows.GFI LANguard allows you to analyze the state of your network security and take action before it is compromised


A suite of powerful network auditing and penetration-testing tools This popular and well-engineered suite by Dug Song includes many tools.