Sunday, December 19, 2010

New tools

If you are a corporate information security practitioner and you want to try out some new tools during the free period you may get during the holidays, check out these tools.

Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems.
    This tool helps parse various log files and artifacts found on suspect systems and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators.

    This tool currently supports various logs including Windows OS, IIS, AV logs, and Firefox.

    This is a Nessus reporting tool, its purpose is to allow you to quickly and easily browse and view your scan jobs without the need to run up a nessus session. Some features include; 

    • Simply export scan jobs into XML format and copy to the XML folder
    • View by Risk
    • View by Severity
    • Executive summary as well as detailed reports
    • Ports and services report
    • Vulnerability categoy report
    • Export scan jobs to Excel (very useful with autofilter enabled).

    You need another tool to your web application testing arsenal? Netsparker announced a free edition of their well known commercial product, check it out. It has its limitations but worth checking out.

    You can term this as poor man's DLP. It has some basic DLP like search features, which are useful for organizations who are starting out and wants to know what are the sensitive information that are out there. It is a free and open source, agent-based, centrally-managed, massively distributable tool, it can simultaneously identify sensitive data at rest on hundreds or thousands of Microsoft Windows systems. 

    OWASP Code Crawler
    Are you looking for a simple code auditing tool that you want to show to the developers how vulnerable their code is? Here is a nice tool developed by the OWASP project. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code.

    MANDIANT Web Historian helps users review the list of websites (URLs) that are stored in the history files of the most commonly used browsers, including: Internet Explorer, Firefox and Chrome.

    • Collects web history, cookie history, file download history, and form history
    • Export data sets to XML, HTML or CSV
    • View page thumbnails and indexed content
    • Visualization using bar graphs, pie charts and timelines
    • Shows a quick “report card” of artifacts for various websites