The 10 best security tools of 2015 according to ToolsWatch

As in recent years ToolsWatch , a website to keep the arsenal of security and hacking tools updated, has published the top 10 of the most voted tools by its readers:






1. OWASP ZAP



OWASP ZAP (Zed Attack Proxy Project) is one of the best known tools for intrusion testing in web applications. ZAP offers automatic scanners that are easy to use, in order to verify if our web applications are safe. It also has a complete set of tools that will allow us to modify the intrusion tests and allow discovering vulnerabilities in a "manual" way. ToolsWatch readers have voted OWASP ZAP as the best security tool of the year 2015. You can visit the official website of OWASP ZAP where you will find tutorials of use.


2. Lynis



This open source tool allows to perform security audits, allows to evaluate the security measures applied to systems based on Unix and also on Linux. This application runs on the host itself where we want to evaluate security, so the security analysis is much broader than typical vulnerability scanners.



3. Haka



Haka is not a security tool, it is an open source language oriented to security that allows us to describe protocols and apply security policies while capturing traffic in real time, adapting to the circumstances.



4. Faraday


It is an integrated intrusion testing environment and is designed specifically for the distribution, indexing and analysis of data generated during the security audit process. This tool is capable of creating real-time graphs of captured traffic for analysis and also for further study.



5. BeEF


This well-known framework is responsible for the exploitation of web browsers, The Browser Exploitation Framework is able to control all victims by executing different types of payloads, it also allows to capture a large amount of valuable information such as the operating system used, the web browser, the IP address and also the cookies.



6. Burp Suite


This tool is also widely known in the world of security, is responsible for performing different security tests in web applications. It is in charge from the initial process, going through the analysis of the different attacks that can be carried out, and ending with the exploitation of the vulnerabilities found.





7. PeStudio



It is an application that performs an initial malware evaluation of any executable file, this tool allows you to analyze it without running the file, so we will not have any risk when analyzing a malicious file .





8. Nmap

The Swiss Army knife of network scanners, open source, free and widely used for the discovery of equipment, identification of services, versions of operating systems, open ports and even vulnerabilities in discovered services.





9. IDA


It is an interactive disassembler to perform reverse engineering , is programmed in C ++ and is compatible with major operating systems such as Microsoft Windows, Mac OS X and Linux.


10. OWASP Offensive (Web) Testing Framework


Finally, the security tool included in this TOP 10 is OWASP Offensive (Web) Testing Framework, a framework that is specifically responsible for gathering the best tools and making intrusion tests very efficient, automating the most repetitive tasks. This tool is written in python.




Results of 2014: 


  • 01 - Unhide (NEW)
  • 02 - OWASP ZAP - Zed Attack Proxy Project (-1?)
  • 03 - Lynis (+3?)
  • 04 - BeEF - The Browser Exploitation Framework (-2?)
  • 05 - OWASP Xenotix XSS Exploit Framework (0?)
  • 06 - PeStudio (-2?)
  • 07 - OWASP Offensive (Web) Testing Framework (NEW)
  • 08 - Brakeman (NEW)
  • 09 - WPScan (0?)
  • 10 - Nmap (NEW)


Results of 2013:



  • 01 - OWASP Zed Attack Proxy (ZAP)
  • 02 - BeEF (The Browser Exploitation Framework)
  • 03 - Burp Suite
  • 04 - PeStudio
  • 05 - OWASP Xenotix XSS Exploit Framework
  • 06 - Lynis
  • 07 - Recon-ng
  • 08 - Suricata
  • 09 - WPScan
  • 10 - O-Saft (OWASP SSL Advanced Forensic Tool)
Share To:

Hackerbrother

Post A Comment:

0 comments so far,add yours