Tuesday, 20 August 2013

Tools Update (20th Aug)

My very irregular update on new and updated Information Security tools that I have come across or use. The tools are mainly those for PenTesting although other tools are sometimes included. As a bit of background into how I find these tools, I keep a close watch on twitter and other websites to find updates or new releases, I also search for pen testing and security projects on Sourceforge. Some of the best sites I have found for details of new tools and releases are http://www.toolswatch.org/ & http://tools.hackerjournals.com 

This update is a scanning tool special, just two tools I am mentioning.

NMap 6.40


Nmap is a free and open source utility for network exploration or security auditing. The new release version 6.40 includes the following:
  • 14 new NSE scripts
  • hundreds of new OS and service detection signatures
  • a new --lua-exec feature for scripting Ncat
  • initial support for NSE and version scanning through a chain of proxies
  • improved target specification
  • many performance enhancements and bug fixes
Change log


Download

ZMAP


ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical limit of gigabit Ethernet. A new tool created by a team of researchers from the University of Michigan, Dept Computer Science and Engineering.

Download


Importantly the researchers offer the following guidelines

University of Michigan suggestions for researchers conducting Internet-wide scans as guidelines for good Internet citizenship.
  • Coordinate closely with local network administrators to reduce risks and handle inquiries
  • Verify that scans will not overwhelm the local network or upstream provider
  • Signal the benign nature of the scans in web pages and DNS entries of the source addresses
  • Clearly explain the purpose and scope of the scans in all communications
  • Provide a simple means of opting out and honor requests promptly
  • Conduct scans no larger or more frequent than is necessary for research objectives
  • Spread scan traffic over time or source addresses when feasible

It should go without saying that scan researchers should refrain from exploiting vulnerabilities or accessing protected resources, and should comply with any special legal requirements in their jurisdictions.