Ferramentas para Segurança de Redes
Esta é uma compilação de ferramentas gratuitas para Segurança de Redes, especialmente na parte de análise e diagnóstico de segurança e vulnerabilidades.
Tenho feito algumas manutenções nesta lista e ela ainda é bastante útil, mas faz um bom tempo que não ministro uma disciplina específica de segurança, por isso talvez não seja a lista mais completa que você irá encontrar. Sugestões e atualizações serão bem-vindas!
Use com responsabilidade, consciência e ética!
Distribuições Linux customizadas para segurança – Penetration test & ethical hacking
Kali
A distribuição que se tornou sinônimo de teste de penetração.
BackBox Linux
Flexible Penetration Testing Distribution. BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools.
Distribuições Linux customizadas para segurança – Firewall completo
Algumas distribuições desta lista são pagas!
Untangle
Untangle is the world’s first commercial-grade open source solution for blocking spam, spyware, viruses, adware and unwanted content on the network. The Untangle Gateway Platform, which is built around more than 30 of the best open source projects, provides small and medium businesses and channel partners with a free and better alternative to costly, inflexible proprietary appliances.
Demo (Live GUI Preview): http://demo.untangle.com/admin/index.do
SmoothWall Express
The SmoothWall Open Source Project was set up to develop and maintain SmoothWall Express - a Free firewall that includes its own security-hardened GNU/Linux operating system and an easy-to-use web interface.
IPCop
The IPCop Firewall is a Linux firewall distro. It will be geared towards home and SOHO users. The difference with existing firewalls is that the IPCop interface will be very user-friendly and task-based.
VyOS
VyOS is an open source network operating system that can be installed on physical hardware or a virtual machine on your own server, or a cloud platform . It is based on GNU/Linux and joins multiple applications such as Quagga, ISC DHCPD, OpenVPN, StrongS/WAN and others under a single management interface.
Endian Firewall Community
Endian Firewall Community is a "turn-key" linux security distribution that turns every system into a full featured security appliance. The software has been de signed with "usability in mind" and is very easy to install, use and manage, without losing its flexibility. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN). The main advantage of Endian Firewall is that it is a pure "Open Source" solution that is sponsored by Endian.
Securepoint Security UTM Software
http://www.securepoint.cc/products-software.html
Securepoint gives you the possibility to use the Securepoint Security Suite 2007nx on any hardware (see whitepapers), in order to enable an entirely individual scaling suited to your company or the use with fixed manufacturer's specifications.
Zeroshell
Zeroshell is a small Linux distribution for servers and embedded devices aimed at providing the main network services a LAN requires. It is available in the form of Live CD or Compact Flash image and you can configure and administer it using your web browser.
pfSense
pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices.
Scanners TCP/IP
Radmin Scanner Avançado de IP - Radmin Scanner Avançado de Porta
http://www.advanced-ip-scanner.com/br/ - http://www.advanced-port-scanner.com/br/
O Scanner Avançado de IP Scanner é um scanner para LAN rápido, robusto e fácil de usar para Windows. Com ele é possível ter acesso fácil e em poucos segundos a vários tipos de informações sobre a rede local de computadores!
O Scanner Avançado de Porta é um scanner de porta pequeno, rápido, robusto e fácil de usar para plataforma Win32. Ele usa uma técnica de múltiplos threads, assim em máquinas rápidas é possível rastrear portas de modo bem mais rápido. Ele contém também descrições para portas em comum e é possível rastrear em variações pré definidas de portas.
ANT (Advanced Net Tools)
http://www.dreamsyssoft.com/advanced-net-tools/
Scanners e outros utilitários.
Roguescanner
https://sourceforge.net/projects/roguescanner/
RogueScanner is a tool focused on device discovery and rogue detection. It is focused solely on classifying devices so you can quickly understand what's on your network. If you want to capture more IT data and answer computer, network, and user questions, use the Paglo Crawler!
NetBrute
http://www.rawlogic.com/netbrute/
NetBrute scans a range of IP addresses for shared resources that have been shared via Microsoft File and Printer Sharing. In addition, any SMB compatible shared resources will show (i.e. Samba Servers on a Unix/Linux machine). It is to be used by system administrators or home users to see what types of resources are shared and to warn the computer users if any unsecured resources are displayed.
NirSoft
NirSoft web site provides a unique collection of small and useful freeware utilities.
Scanners de vulnerabilidades
Acunetix WVS Free Edition
https://www.acunetix.com/vulnerability-scanner/online-scanner/
Acunetix online scanner performs a full web and network security scan from Acunetix servers.
N-StalkerFreeEdition
http://www.nstalker.com/products/free/
It provides a free set of Web Security Assessment checks to enhance the overall security of your web server infrastructure, using the most complete web attack signature database available in the market – “N-Stealth Web Attack Signature Database™”.
Sniffers
Wireshark
Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
WinPcap
WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.
Packetyzer
https://sourceforge.net/projects/packetyzer/
Packetyzer is a packet analyzer for Windows with a Windows user interface for the Ethereal packet capture and dissection library.
Gerenciadores / monitores de rede
Spiceworks
Automatic PC and software inventory and IT asset reporting to simplify your job. Network monitoring and troubleshooting to keep things running smoothly. An easy to use IT help desk for your company. IT answers, product reviews, and advice from SMB IT pros like you.
NetLimiter
Internet traffic monitoring tool
Serviços online
F-Secure Health Check
http://support.f-secure.com/enu/home/onlineservices/fshc.shtml
Checks whether you have an Anti-Virus, Firewall and Anti-Spyware software installed on your computer. Checks whether you have known vulnerabilities in your applications. Checks whether you have applications that are no longer supported by the vendor. Helps you fix the vulnerabilities found.
Qualys Free Network Security Scanner : Free Security Scan
FreeScan allows you to quickly and accurately scan your server for thousands of vulnerabilities that could be exploited by an attacker. If vulnerabilities exist on the IP address provided, FreeScan will find them and provide detailed information on each risk - including its severity, associated threat, and potential impact. It even provides links to give you more information about the vulnerability and how to correct it.
Qualys' free SANS Top 20 Scan
http://www.qualys.com/forms/trials/sans20/
Qualys' free SANS Top 20 Scan detects the 20 most dangerous vulnerabilities impacting networks worldwide. The top 20 list is published twice a year by the SANS Institute, a trusted source for information security training, certification and research. If any of the top 20 vulnerabilities are found, Qualys provides a detailed report with information for each vulnerability and links to verified fixes.
DES Password Analysis
http://www.rawlogic.com/password/
Serviço online para quebrar senhas Unix.
Miscelânea
Firewall Builder
http://fwbuilder.sourceforge.net/
Firewall Builder is a GUI firewall configuration and management tool that supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA) and Cisco routers extended access lists. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations.
Technitium MAC Address Changer
http://www.technitium.com/tmac/
Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must tool in every security professionals tool box. Technitium MAC Address Changer is coded in Visual Basic 6.0.
NirSoft
NirSoft web site provides a unique collection of small and useful freeware utilities.
Extensões para Firefox
FoxyProxy
https://addons.mozilla.org/pt-BR/firefox/addon/foxyproxy-standard/
FoxyProxy is an advanced proxy management tool that completely replaces Firefox's limited proxying capabilities.
Extensões para Chrome
Web Sniffer
View all HTTP Requests and Responses sent between the Web browser and the Web server.
WebSpy: explore and test website
Monitor HTTP GET/POST requests. XML/JSON Viewer/Formatter for request and response body. REST Client: send GET/POST/PATCH requests.
Retornar para Redes - Telecom - Datacom - Segurança.