1.
IT Vulnerability & ToolsWatch
Nabil OUCHN & Maximiliano SOLER
The present document describes the Best Tools and Utilities from 2011. Divided into categories,
carefully separated, based on the VulnerabilityDatabase.com Scoring Criteria.
228 Hamilton Avenue 3rd Floor
Palo Alto, CA 94301
contact (at) netpeas (dot) com

2.
Introduction
The world is changing, the security information too. For years we see that the protests are
made by people - face to face - using violence and the media to disseminate what happens
at that time.
LulzSec and others organized groups like Anonymous have threatened huge companies,
defending what they believed right. Changing the way of manifestation from political to
social issues.
Great personalities related to the technology and information security world have passed
away. These include publicly the following people: Steven Paul Jobs, Dennis Ritchie, John
McCarthy and Paul ‘CrashFR’ Pinto.
S Talent people that created and innovated. Leading theories and tools that we know today
e and are used as the basis of creation.
c From VulnerabilityDatabase.com we create this inform developed through ToolsWatch
u vision with the best tools and applications that we have focused during 2011.
r
i
t
 Nabil OUCHN  Maximiliano SOLER
y CTO & Co-Founder NETpeas SA. ToolsWatcher Leader
Twitter: @toolswatch Twitter: @maxisoler
&
- Page 2 of 14 -
A

3.
What is VulnerabilityDatabase.com?
VD is the first Collaborative Vulnerability & Tools Watch Service. It provides updates on
Threats & Security Tools.
The main features are the following:
 Huge Database of Tools.
 Latest Security News.
 Community Feature enabled.
 Ask a Hacker Forum.
 Free Registration.
- Page 3 of 14 -

4.
Content
Scoring Criteria ............................................................................................. 5
Open Source & Free Utilities ......................................................................... 6
Penetration Testing and Ethical Hacking .................................................. 6
Security Assessment .................................................................................. 6
Commercial Software .................................................................................... 7
Links and References .................................................................................... 8
2011 Security News in Brief ....................................................................... 12
What Happened ....................................................................................... 12
Cool Papers .............................................................................................. 12
The Great Loss ......................................................................................... 13
Top Hacks ................................................................................................. 13
Conferences ............................................................................................. 14
The worst and stupid Internet Strategy .................................................. 14
- Page 4 of 14 -

5.
Scoring Criteria
We have conducted this new survey on the basis on some criteria (as we did two years
before).
Since the last survey (2009), we decided to add these new criteria:
Community Support.
Documentation.
Popularity (Twitter followers).
Criteria Comment
Audience Each tool has its target audience.
Built-in, plug-in, functionalities, capabilities, use of APIs,
Features
interoperability with other systems.
Frequency of updates: adding new features, new plug-in,
Updates
updating vulnerability database, updating techniques.
Frequency of bugs fixing, generating new releases, nightly
Maintenance
builds, beta testing.
Tool has a community version with support and the
Community Support
appropriate documentation.
All documentation are easy to read and to understand and
Documentation at least written in English. Wiki, blogs and other
collaborative support are a must.
Support of charts, dashboard, exporting to multiple formats
Reporting
(HTML, XML, PDF).
The ability of the tool to map findings with Compliance,
standards and open standards or to score vulnerability /
Standards, Metrics & risks with metrics.
Open Standards
Standard and metrics could be : CVE, CVSS, CWE, CPE,
CCE, OVAL, SCAP, CAPEC, ISO 2700x, NIST, PCI DSS.
The popularity of the tool among the community.
Twitter followers
Popularity
Average of visits and download based on our statistics for the
year 2009.
- Page 5 of 14 -

6.
Open Source & Free Utilities
Penetration Testing and Ethical Hacking
Recommended
Winner Excellent
(Promising)
Ex æquo :
Ex æquo :
Foca
Information Gathering Maltego theHarvester
Google Hacking
WhatWeb
Diggity Project
Network Scanners & Ex æquo : OWASP Zed
Nmap
Discovery AutoScan Attack Proxy
Ex æquo :
Vulnerability Scanners Nessus OpenVAS VEGA
NeXpose
Application Scanners w3af Arachni Nikto
Metasploit
Exploitation Frameworks DB Exploit Website SAP Bizploit
Armitage
Wireless Hacking Kismet AirCrack suite AirCheck
Live CDS BackTrack 5 Matriux BackBox
Security Assessment
Recommended
Winner Excellent
(Promising)
Microsoft Web
Application
Windows Auditing OVAL Interpreter Sysinternals Tools
Configuration
Analyzer
Lynis
Unix Auditing
OpenSCAP
Security Onion
Network Monitoring SAMHAIN PacketFence
LiveDVD
- Page 6 of 14 -

7.
Suricata
BurpSuite WhatWeb
Application Assessment WebSecurify
W3AF WebSecurify
Wireless Auditing Kismet inSSIder Wifite
DFF (Digital
Mobius Forensic
Forensics NetworkMiner Forensics
Toolkit
Framework)
Datamining / Logs
Dradis Graylog2 Log2timeline
Management
IT Management SpiceWorks OpenDLP Splunk
PHP Vulnerability
Code Analysis Agnitio Graudit
Hunter
Ex æquo :
Password Analysis Cain & Abel John the Ripper Patator
THC-Hydra
Havij Pangolin
Database Auditing The Mole
SQL Map
VoIP / Telephony Auditing UCSniff Viper VAST Mausezahn
Commercial Software
Recommended
Winner Excellent
(Promising)
Ex æquo :
Tenable Nessus Ex æquo : COREvidence™
Vulnerability Management
ProFeed WebSaint / Marketplace
NeXpose Entreprise
Ex æquo :
Application Security COREvidence™
Acunetix / SandCat Pro
Assessment Marketplace
Netsparker
- Page 7 of 14 -

8.
Ex æquo :
Patch Management GFI Languard NSS / Lumension EndPoint
Shavlik Technologies
Ex æquo :
Penetration Testing and
CoreImpact / SaintExploit Immunity CANVAS
Exploitation
Metasploit Pro
Links and References
URL
Maltego http://www.paterva.com/web5/client/download.php
Foca http://www.informatica64.com/foca.aspx
Google Hacking Diggity
http://www.stachliu.com/resources/tools
Project
theHarvester https://code.google.com/p/theharvester
WhatWeb http://www.morningstarsecurity.com/research/whatweb
Nmap http://nmap.org
AutoScan http://autoscan-network.com
OWASP Zed Attack Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Nessus http://www.nessus.org
NeXpose http://community.rapid7.com
OpenVAS http://www.openvas.org
VEGA http://subgraph.com/products.html
WA3F http://w3af.sourceforge.net
- Page 8 of 14 -

9.
Arachni http://arachni.segfault.gr
Nikto http://cirt.net/nikto2
Metasploit http://www.metasploit.org
Exploit DB http://www.exploit-db.com
SAP Bizploit http://www.onapsis.com/research-free-solutions.php
Kismet http://www.kismetwireless.net
AirCrack-NG Suite http://www.aircrack-ng.org
AiroScript-NG http://airoscript.aircrack-ng.org
Backtrack 5 http://www.backtrack-linux.org
Matriux http://www.matriux.com
BackBox http://www.backbox.org
Oval Interpreter http://oval.mitre.org
Microsoft Web Application
http://www.microsoft.com/download/en/details.aspx?id=573
Configuration Analyzer
Nessus Local Plug-ins http://www.nessus.org/plugins/index.php?view=all
Sysinternals Tools http://technet.microsoft.com/sysinternals
Lynis http://www.rootkit.nl
OpenSCAP http://www.open-scap.org
SAMHAIN http://www.la-samhna.de/samhain
Suricata http://www.openinfosecfoundation.org
PacketFence http://www.packetfence.org
Security Onion LiveDVD http://securityonion.blogspot.com
BurpSuite http://portswigger.net
Websecurify http://www.websecurify.com
Inssider http://www.metageek.net/products/inssider
Wifite https://code.google.com/p/wifite
DEFT http://www.deftlinux.net
Mobius Forensics Toolkit http://freshmeat.net/projects/mobiusft
- Page 9 of 14 -

10.
DFF (Digital Forensics
http://www.digital-forensic.org
Framework)
Dradis http://dradisframework.org
Graylog2 http://graylog2.org
Log2timeline http://log2timeline.net/files
Spiceworks Community http://www.spiceworks.com
OpenDLP https://code.google.com/p/opendlp
Splunk http://www.splunk.com
Paglo IT http://paglo.com
Graudit http://www.justanotherhacker.com
Agnitio http://www.securityninja.co.uk
PHP Vulnerability Hunter https://code.google.com/p/php-vulnerability-hunter
Cain & Abel http://www.oxid.it
OphCrack http://ophcrack.sourceforge.net
John the Ripper http://www.openwall.com/john
Patator https://code.google.com/p/patator
Havij http://itsecteam.com/en
Pangolin http://www.nosec.org
SQL Map http://sqlmap.sourceforge.net
The Mole http://themole.sourceforge.net
UCSniff http://ucsniff.sourceforge.net
Viper VAST http://vipervast.sourceforge.net
Mausezahn http://www.perihel.at/sec/mz
- Page 10 of 14 -

11.
- Page 11 of 14 -

12.
2011 Security News in Brief
What Happened
Editor
EMC Acquires NetWitness http://www.vulnerabilitydatabase.com/2011/04/emc-acquires-
Corporation netwitness-corporation/
http://www.vulnerabilitydatabase.com/2011/03/mcafee-acquires-
McAfee Acquires Sentrigo
sentrigo-to-enhance-database-security-portfolio/
http://www.vulnerabilitydatabase.com/2011/03/google-acquires-
Google Acquires Zynamics
zynamics/
SalesForge Acquired http://www.vulnerabilitydatabase.com/2011/01/dimdim-has-been-
Dimdim acquired-by-salesforce-com/
http://www.vulnerabilitydatabase.com/2010/12/citrix-acquired-
Citrix Acquired NetViewer
netviewer/
Hackers break SSL http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/
encryption
GnackTrack project retired https://www.phillips321.co.uk/gnacktrack/
Ettercap New Version (Back http://www.vulnerabilitydatabase.com/2011/12/ettercap-v0-7-4-
from 5 years) lazarus-back-from-5-years/
http://www.vulnerabilitydatabase.com/2011/11/owasp-academy-
OWASP Academy Portal
portal/
Cool Papers
 Results of a Security Assessment of the IPv6
 2011 CWE/SANS Top 25 Most Dangerous Software Errors v1.0
 Whitepaper on SCADA Security Vulnerabilities
 Common Weakness Risk Analysis Framework (CWRAF)
- Page 12 of 14 -

13.
 CybOX v0.6.2 – Cyber Observable eXpression (MITRE)
 Browser Security Comparison: A Quantitative Approach
 Onapsis SAP Security In-Depth
The Great Loss
Steven Paul Jobs (February 24, 1955 – October 5, 2011)
He was co-founder, chairman, and chief executive officer of Apple Inc.
Dennis Ritchie (September 9, 1941 - October 12, 2011)
He created the C programming language and, with long-time colleague Ken
Thompson, the Unix operating system.
John McCarthy (September 4, 1927 – October 24, 2011)
The father of "artificial intelligence" (AI), invented the Lisp programming language
and was highly influential in the early development of AI.
Paolo Pinto (CrashFR)
Founder of HZV & Sysdreams.
Top Hacks
Sony investigating another hack
Dropbox Lied to Users About Data Security, Complaint to FTC Alleges
OpenSSH 3.5p1 Remote Root Exploit for FreeBSD
Fraudulent Digital Certificates Could Allow Spoofing
Kernel.org Linux repository rooted in hack attack
Attack Code for SCADA Vulnerabilities Released Online
Researchers Uncover The Email That Led To The RSA Hack
- Page 13 of 14 -

14.
Conferences
BlackHat USA 2011
NETpeas SA and ToolsWatch have been present sponsoring Black Hat USA 2011 and
organizing the Black Hat Arsenal Tools. This is an area for independent researchers and
the open source community that will allow you to showcase their work.
The worst and stupid Internet Strategy
Stop Online Piracy Act (SOPA)
PROTECT IP Act (PIPA)
Anti-Counterfeiting Trade Agreement (ACTA)
www.vulnerabilitydatabase.com
Contact Us
228 Hamilton Avenue 3rd Floor
Palo Alto, CA 94301
contact (at) netpeas (dot) com
Phone: +1 650 798-5109
Fax : +1 650 798-5001
- Page 14 of 14 -