|
Written by lirva32
|
|
Friday, 22 January 2010 |
|
|
|
Last Updated ( Friday, 22 January 2010 )
|
|
|
Written by lirva32
|
|
Tuesday, 19 January 2010 |
EVIDENCE Collector
 Evidence Collector is a free forensics program used to manage other utilities to collect useful information you may need to investigate on some IT Incidents. Features :
- * System information : Get owner, IP, MAC address before going through forensics.
- * Shares and policies applied on shares : very handy to detect if someone gets into computer from opened shares.
- * Started and stopped services : Some services could be a wide opened doors to get unauthorized accesses.
- * Installed softwares : Unwanted softwares could be installed without your knowledge. See what inside your computer
- * Installed Hotfixes : Enumerating installed hotfixes. Note that a missed critical patch is a potential exploitable vulnerability.
- * Enumerated Processes : List whole processes starting on system.
- * Events logs : Application, system and security events logs are collected.
Events logs keep traces of what happened to system. - * TCP / UDP mapping endpoints : See what hidden behind TCP / UDP ports. Generally,
most of remote administration tools and trojans don't hide their activities. - * Process handles tracking: See what processes did when started. From accessing Registry keys to writing into files. Useful to see if evil activities are not disguised behind some processes.
- * List start-up programs : When rebooting computers, many evil programs stick into registry keys in order to be reloaded again.
- * Suspected modules : Scanning modules to see if they are rootkitted.
- * USB history : Reveals if any USB key has been plugged into system.
- * Users policies : Collecting users and their policy. You can easily identify any unknown user.
- * And more...
|
|
Last Updated ( Thursday, 21 January 2010 )
|
|
Read more...
|
|
|
SSA : Security System Analyzer |
|
Written by lirva32
|
|
Tuesday, 19 January 2010 |
SSA : Security System Analyzer
Based on OVAL framework, Open Vulnerability and Assessment Language
By Security-database.com
 SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
Features : - . OVAL-compatible product
- . Fully support of open security standards and initiatives (CVE, OVAL, CCE, CPE, CWE, CAPEC, CVSS, CRF)
- . Perform a deep inventory audit on installed softwares and applications
- . Scan and map vulnerabilities using non-intrusive techniques based on schemas
- . Detect and identify missed patches and hotfixes
- . Define a patch management deployment strategy using CVSS scores
|
|
Last Updated ( Thursday, 21 January 2010 )
|
|
Read more...
|
|
|
<< Start < Prev 1 2 3 4 5 Next > End >>
|
| Results 25 - 27 of 27 |
