Tech Insight: Updating Your Security Toolbox

As threats change, so do the tools for diagnosing and analyzing new threats. Heres a look at some open-source applications that every security department should have

Every now and then, security departments should take a look at their toolboxes and ask whether they have all of the right tools to deal with the current range of threats. What open-source tools are available to help combat new exploits, analyze defenses, or automate our jobs so we can work less and slack off more?
As threats change, new technologies are released, and tools are updated, we occasionally must replace our old favorites with the new hotness. After digging through my applications folder, speaking to consultants and security teams, Ive compiled a list of some trusty tools that you should think about keeping on hand. And heres a bonus: These are all open-source products. No big corporate budgets required.
In no particular order, lets look at some tools that we use regularly and can’t live without. We’ll start with a few oldies that we still love:
Burp
and
Paros
proxies.
Burp and Paros are client-side proxies used to intercept, modify, replay, and craft HTTP requests. They are very similar, so most people use whichever one they like best. I like Paros; when performing a Web application assessment, I use it to intercept and modify HTTP requests for a variety of reasons, from understanding what the application is doing to cookie manipulation. I even use Paros occasionally when I need to debug and test Web applications I’m developing.
Firebug
and
Tamper Data
.
Both Firebug and Tamper Data are FireFox plug-ins designed to help Web developers debug their code in the browser. Many security experts use these to understand Web applications, quickly examine code, and follow JavaScript logic in AJAX calls. Both are valuable tools for Web application assessments.
Metasploit
.
The one, the only, and a favorite of penetration teams. Metasploit is about as simple as it gets when trying to exploit a system and obtain pure ownage. In the good ol days, we had to obtain, compile, and pray an exploit worked. Now Metasploit takes much of the work out of exploitation.
W3af
.
This Web application attack and audit framework has been called the Metasploit of Web application security. Its goal is simple: to make it easy to find and exploit Web application defects. This project is still much younger than many other tools, but shows promise and is sponsored by the owners of Metasploit, Rapid 7.
Skipfish
.
Skipfish is a Web application scanner developed by Google that is offered as an open-source tool and overcomes some problems that are common to other scanners. It works in a way that is similar to other scanners, crawling a Web application and testing for common vulnerabilities. Skipfish claims high performance, ease of use, and well-designed security checks.
Selenium
.
Selenium is a suite of tools used to automate Web application testing. While Selenium wasn’t developed for security teams, it is used by some security organizations to help automate testing of common Web application security problems in place of commercial testing suites.
EtherApe
.
EtherApe is a graphical network monitoring tool useful for inspecting network traffic and seeing what is coming and going on a host.
BackTrack
.
Technically, BackTrack is actually a collection of tools, but we couldn’t leave it out of this list. It’s a great place to start when building a toolkit and features some of the most common tools ready to work out of the box.
Nessus
.
While no longer officially an open-source product, Nessus is still the de facto free vulnerability scanning tool. Many network penetration tests start by using Nessus to sweep across infrastructure and identify services, hosts, and vulnerabilities.
There are more -- Ophcrack, Kismet/Kismac, and John the Ripper -- come to mind -- but this small set of open-source tools is a great start for security departments that are just starting out or looking to update their arsenals. If you havent taken a look at these tools yet, then check them out -- they might be just the ones you need for the next new threat.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Tech Insight: Updating Your Security Toolbox