security assessment tools

Tcpdump for Linux system security tools 1. Install the built-in tcpdump tool. Yum install tcpdump-y 2. Monitor host data packets [Root @ CentOS179min ~] # Tcpdump-I eth0 -- monitor the eth0 Nic of the Local Machine [Root @ centos179min ~] # Tcpdump host 192.168.1.250 and \ (192.168.1.20.or 192.168.1.252 \) -- intercepts packets from multiple IP addresses [Root @ centos179min ~] # Tcpdump-I eth0 dst host 192

This is a set of scripts that can help analysts analyze the security of the app and develop it in the Perl language. Because it's just a few scripts, it may not be as smart to use, no GUI interface, no "elegant" analysis results. So basically, it's a script like "aapt-enhanced". With the added ability to analyze Android and analyze iphone apps, there are some useful words. Project address [Googlecode] https://code.google.com/p/smartphonesdumbapps/If y

Although various versions of Linux distribution come with a lot of open source free software, there are still a lot of useful tools not defaulted. These are included in their installation CDs, especially some tool kits that can enhance Linux network security. Most of them are open source free software. Here we will briefly introduce several tools to enhance Linux

private static final String Site_wide_secret = "My-secret-key"; private static final passwordencoder encoder = new standardpasswordencoder ( /c0> Site_wide_secret); Public static string Encrypt (string rawpassword) { return encoder.encode (Rawpassword); } Public static boolean match (string Rawpassword, string password) { return encoder.matches (rawpassword, password); } Public static void main (string[] args) { System.out.println (Enc

Query" Class (numberaddqueryactivity);Enternumberaddqueryactivity Click event Handling code:1 Public void enternumberaddqueryactivity (view view) {2 New Intent (This, numberaddqueryactivity. Class); 3 startactivity (intent); 4 }View Code6, in The "Number Attribution Query" Class (Numberaddqueryactivity) instantiates the related component in the layout file and finds it through the Findviewbyid () method, creating a new click event ( numberaddquery, query number attribution

So what are some of the tools available to combat SQL injection attacks in addition to being aware of web development? Today, Microsoft and HP's security departments have launched three tools, respectively: Microsoft SQL injection Attack source scanner: Microsoft source Code Analyzer for SQL injection (MSCASI). This tool is used for Web site developers. is a st

Source: 51 CTOFirst, no program can ensure permanent security of your network or server. Security is a continuous process of continuous improvement, evaluation, and improvement. Fortunately, there are many good tools in linux to help you in this process. In this article, I will recommend five of my favorite security

latter is more flexible than the former. 3. afxmessagebox does not control the message box title. It is often used for internal data output or warning during program debugging. MessageBox is more formal and often used in the application version to be submitted, you can control the title content without using an executable file name with unknown meanings as the title. Vi. SummaryThrough the preparation of this immune program, it has played a very good role. Although this immune program is of li

SxidCheck the suid, sgid, and files without the master in the system.SkeyOne-time password ToolLogrotateLog loop ToolLogcheckLog Management ToolsSwatchLog management tools, more real-time than logcheckSsh (openssh)Secure Connection AuthenticationOpensslEncrypted data transmission and authenticationPortsentryAnti-scan tool to monitor udp and tcp portsTripwireProvides system integrity checkGnupgEncrypt a single file and create a digital signatureHostsen

regular expressions9. Knock subdomain Scan: Enumerate subdomains on the target domain through a dictionary10, Subbrute: Extensible TCP/UDP Intermediate Agent, support the immediate modification of non-standard protocol11. Pytbull: Flexible ids/ips test framework (with more than 300 test cases)12, Spoodle: Large quantum Domain name +poodle vulnerability Scanner13. Smbmap: The Samba shared drive in the enumeration domainDo you think these libraries are enough? Is there a lot of other useful libra

The best Linux security tool-general Linux technology-Linux technology and application information. See the following for details. As a Linux administrator, it is very important to defend against viruses, spyware, and rootkit. The following lists 10 Linux security tools. Nmap Security groupsRead the installat

This software is primarily used as a security setting for the server, as well as for personal machines to increase security settings and prevent script viruses from being used. The server's settings are mainly used to prevent the current popular script Trojan, thereby improving the security of the server. The implementation of the software is to uninstall Trojans

Article Title: Configure an open-source security tool (I) for the Solaris server ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. With the rapid development of the Internet, the network is everywhere, but it may be attacked by all parties at any time. It is necessary for network administrators to know who is acce

(in)-DLL injection and uninstallation, and then use this software to view and uninstall it: Figure 4 View and uninstall the DLL After practical tests, the program is feasible, which is also a powerful tool against malicious programs. VIII. Summary Two articles are discussed to complete a simple process manager. Although simple, it can also play a great role in many cases. Through the discussion in these articles, I believe that everyone has a certain understanding of the preparation of

Fiddler plug-in, used to detect the existence of XSS vulnerability, in the Web page provided to the user input of the filter 9.exploit-me (Windows, Linux, Mac OS X)This is the Firefox plug-in, by Xss-me,sql Inject Me and Access-me These 3 components, when browsing the web will start detection, can detect XSS vulnerability, SQL injection vulnerability.10.WebScarab (Windows, Linux, Mac OS X)This is actually a proxy software, there are many features, you can detect XSS cross-site scripting vulnera

Powerful cryptographic tools in Spring Security 3.1 passwordencoderBlog Category: Security Spring SpringsecurityOK, this encryption mechanism is very complex, or to see better understanding:New Passwordencoder inheritance relationship in 3.1.0 versionAfter the Spring-security 3.1.0 release, the passwor

all the tools are preinstalled in a Linux system. Among them, the typical operating system. Is the Kali Linux used in this book.The system is mainly used for penetrant testing.It comes preloaded with a number of penetration testing software, including the Nmapport scanner, Wireshark (Packet Analyzer), and John the Ripper (password hack). and Aircrack-ng (a set of software for penetration testing of wireless LANs). Users can perform Kali Linux with ha

2ban.pid-xroot 1558 0.0 0.1 103248 868 pts/0 s+ 06:37 0:00 grep fail2banNext you can see that there are fail2ban processes that we test.[[Email protected]129-slave fail2ban-0.8. -]#SSH 192.168.182.129The authenticity of host'192.168.182.129 (192.168.182.129)'Can't be established.RSA Key fingerprint is in: -: the: 7b:a0: to: About: AF: -: the: 0e:ed: the: AD:CF: the. Is you sure want to continue connecting (yes/no)?Yeswarning:permanently added'192.168.182.129'(RSA) to the list of known hosts. [E

1, we open 360 security guards in the computer after the entry we then click on the "main" and then find the interface of "more options" to see my tools 2, as shown below is not the default so many Ah, this is a small series of 360 security guards installed tools 3. I'm cleaning up the unused

Second, the war on the love of Cats ★ War Dialing Machine The principle of war dialers is simple, first of all, it uses ascending or random way to dial a series of phone numbers, once found hidden modem can dial into the system, and can crack easy to guess password. War dialer for PCs with no password and remote control software. This is often the case with the connection between a company's staff's computer and its corporate system. There are a lot of hackers who like to start from the staff'