Friday, April 25, 2008

Windows XP tricks and hacks!

9:05 AM
A)Remove the Recycle Bin from the Desktop

If you don't use the Recycle Bin to store deleted files , you can get rid of its desktop icon all together.

Run Regedit and go to:

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/explorer/Desktop/NameSpace


Click on the "Recycle Bin" string in the right hand pane. Hit Del, click OK.


B)How to Rename the Recycle Bin

To change the name of the Recycle Bin desktop icon, open Regedit and go to:

HKEY_CLASSES_ROOT/CLSID/{645FF040-5081-101B-9F08-00AA002F954E}

and change the name "Recycle Bin" to whatever you want (don't type any quotes).



C)How to Convert FAT to NTFS file system

To convert a FAT partition to NTFS, perform the following steps.

Click Start, click Programs, and then click Command Prompt.

In Windows XP, click Start, click Run, type cmd and then click OK.

At the command prompt, type CONVERT [driveletter]: /FS:NTFS.

Convert.exe will attempt to convert the partition to NTFS.

NOTE: Although the chance of corruption or data loss during the conversion from FAT to NTFS is minimal, it is best to perform a full backup of the data on the drive that it is to be converted prior to executing the convert command. It is also recommended to verify the integrity of the backup before proceeding, as well as to run RDISK and update the emergency repair disk (ERD).



D)Hide 'User Accounts' from users

Go to Start/Run, and type:

GPEDIT.MSC

Open the path

User Config > Admin Templates > Control Panel

doubleclick "Hide specified Control Panel applets"

put a dot in 'enabled', then click 'Show"

click Add button,

type "nusrmgt.cpl" into the add box




E)Keyboard Shortcuts


When speed counts, the keyboard is still king. Almost all the actions and commands you can perform with a mouse you can perform faster using combinations of keys on your keyboard. These simple keyboard shortcuts can get you where you want to go faster than several clicks of a mouse. You'll work faster on spreadsheets and similar documents, too, because you won't lose your place switching back and forth between mouse and keys.

Here are some of the most useful keyboard shortcuts:

Copy. CTRL+C
Cut. CTRL+X
Paste. CTRL+V
Undo. CTRL+Z
Delete. DELETE

Delete selected item permanently without placing the item in the Recycle Bin. SHIFT+DELETE
Copy selected item. CTRL while dragging an item
Create shortcut to selected item. CTRL+SHIFT while dragging an item
Rename selected item. F2
Move the insertion point to the beginning of the next word. CTRL+RIGHT ARROW
Move the insertion point to the beginning of the previous word. CTRL+LEFT ARROW
Move the insertion point to the beginning of the next paragraph. CTRL+DOWN ARROW
Move the insertion point to the beginning of the previous paragraph. CTRL+UP ARROW
Highlight a block of text. CTRL+SHIFT with any of the arrow keys
Select more than one item in a window or on the desktop, or select text within a document. SHIFT with any of the arrow keys
Select all. CTRL+A
Search for a file or folder. F3
View properties for the selected item. ALT+ENTER
Close the active item, or quit the active program. ALT+F4
Opens the shortcut menu for the active window. ALT+SPACEBAR
Close the active document in programs that allow you to have multiple documents open simultaneously. CTRL+F4
Switch between open items. ALT+TAB
Cycle through items in the order they were opened. ALT+ESC
Cycle through screen elements in a window or on the desktop. F6
Display the Address bar list in My Computer or Windows Explorer. F4
Display the shortcut menu for the selected item. SHIFT+F10
Display the System menu for the active window. ALT+SPACEBAR
Display the Start menu. CTRL+ESC
Display the corresponding menu. ALT+Underlined letter in a menu name
Carry out the corresponding command. Underlined letter in a command name on an open menu
Activate the menu bar in the active program. F10
Open the next menu to the right, or open a submenu. RIGHT ARROW
Open the next menu to the left, or close a submenu. LEFT ARROW
Refresh the active window. F5
View the folder one level up in My Computer or Windows Explorer. BACKSPACE
Cancel the current task. ESC
SHIFT when you insert a CD into the CD-ROM drive Prevent the CD from automatically playing.


Use these keyboard shortcuts for dialog boxes:

Move forward through tabs. CTRL+TAB
Move backward through tabs. CTRL+SHIFT+TAB
Move forward through options. TAB
Move backward through options. SHIFT+TAB
Carry out the corresponding command or select the corresponding option. ALT+Underlined letter
Carry out the command for the active option or button. ENTER
Select or clear the check box if the active option is a check box. SPACEBAR
Select a button if the active option is a group of option buttons. Arrow keys
Display Help. F1
Display the items in the active list. F4
Open a folder one level up if a folder is selected in the Save As or Open dialog box. BACKSPACE

If you have a Microsoft Natural Keyboard, or any other compatible keyboard that includes the Windows logo key and the Application key , you can use these keyboard shortcuts:

Display or hide the Start menu.
Display the System Properties dialog box. +BREAK
Show the desktop. +D
Minimize all windows. +M
Restores minimized windows. +Shift+M
Open My Computer. +E
Search for a file or folder. +F
Search for computers. CTRL+ +F
Display Windows Help. +F1
Lock your computer if you are connected to a network domain, or switch users if you are not connected to a network domain. + L
Open the Run dialog box. +R
Display the shortcut menu for the selected item.
Open Utility Manager. +U


Helpful accessibility keyboard shortcuts:

Switch FilterKeys on and off. Right SHIFT for eight seconds
Switch High Contrast on and off. Left ALT +left SHIFT +PRINT SCREEN
Switch MouseKeys on and off. Left ALT +left SHIFT +NUM LOCK
Switch StickyKeys on and off. SHIFT five times
Switch ToggleKeys on and off. NUM LOCK for five seconds
Open Utility Manager. +U

Keyboard shortcuts you can use with Windows Explorer:

Display the bottom of the active window. END
Display the top of the active window. HOME
Display all subfolders under the selected folder. NUM LOCK+ASTERISK on numeric keypad (*)
Display the contents of the selected folder. NUM LOCK+PLUS SIGN on numeric keypad (+)
Collapse the selected folder. NUM LOCK+MINUS SIGN on numeric keypad (-)
Collapse current selection if it's expanded, or select parent folder. LEFT ARROW
Display current selection if it's collapsed, or select first subfolder. RIGHT ARROW





F)Speed up viewing shared files across a network

Windows 2000 & XP machines delay as long as 30 seconds when you try to view shared files across a network because Windows is using the extra time to search the remote computer for any Scheduled Tasks. Here's how to prevent this remote search for Scheduled Tasks:
Open up the Registry and go to :

HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Explorer/RemoteComputer/NameSpace

Under that branch, select the key :

{D6277990-4C6A-11CF-8D87-00AA0060F5BF}

and delete it.

If you like you may want to export the exact branch so that you can restore the key if necessary. This fix is so effective that it doesn't require a reboot and you can almost immediately determine yourself how much it speeds up your browsing processes.



G)Make Use Of Your Windows Key

The Windows logo key, located in the bottom row of most computer keyboards is a little-used treasure. Don't' ignore it. It is the shortcut anchor for the following commands:

Windows: Display the Start menu
Windows + D: Minimize or restore all windows
Windows + E: Display Windows Explorer
Windows + F: Display Search for files
Windows + Ctrl + F: Display Search for computer
Windows + F1: Display Help and Support Center
Windows + R: Display Run dialog box
Windows + break: Display System Properties dialog box
Windows + shift + M: Undo minimize all windows
Windows + L: Lock the workstation
Windows + U: Open Utility Manager
Windows + Q: Quick switching of users (Powertoys only)
Windows + Q: Hold Windows Key, then tap Q to scroll thru the different users on your PC



H)
Read More...

How to Lock/Hide Your Folder in Windows XP without Using Any Software?

2:34 AM
1. Maybe you want to try it out on an empty folder in case something goes wrong. So first create a folder in drive C , let say you name it as “my-secret-collection” ( LOL! ) without the quotes.
2. Next, open your command prompt ( Start > Run > type “cmd” in the Run box without the quotes )
3. Within the command prompt, type “attrib +s +h C:\my-secret-collection” ( again without the quotes )
4. This command will make your folder completely invisible and it can not be seen even in hidden files and folders. Try search for the folder, I am sure it returns no result. It’s cool right?
5. To make the folder visible again type “attrib -s -h C:\my-secret-collection”
6. And of course you can lock other folder too, by changing the location C:\my-secret-collection to address of your folder.
Read More...

Wednesday, April 23, 2008

The 101 most useful websites

10:58 AM
TECHNOLOGY

1 Google

www.google.com













Map

Haven’t found what you’re looking for? Use our website guide to find the right information

The powerhouse of the internet and the only place many people go for information. But if you thought Google was a still a mere search engine, look again. Click on ‘more’ at the top of the homepage to discover the work of ‘GoogleLabs’ - more than 50 free tools and web pages that could change your internet life.

GoogleDocs lets you create documents, spreadsheets and presentations, store them online, share them with others and access them from wherever there’s an internet connection.

Googlemail is probably the best email program - it has virtually limitless capacity and you don’t need to change your email address to use it. The Google calendar is a powerful searchable diary that you can allow others to access, so family members can make appointments together.

SketchUp could be just the tool you are looking for to design that conservatory extension and see what it will look like once the builders have gone. Add to that databases for searching academic journals and books in the public domain, the powerful GoogleMaps, with its engaging satellite imagery, a finance page with live stock quotes and an easy-to-use online messaging system, and you can see why some people say Google is taking over the world - and, with GoogleMoon and GoogleMars, the rest of the galaxy, too.

2 Anonymouse

www.anonymouse.org

Surf the web without disclosing who or where you are.

3 iLounge

www.ilounge.com

Hints, tips and troubleshooting for your iPod and associated software.

4 Only2Clicks

www.only2clicks.com

If you use just a few websites, this lets you create a home page that has links to them all. Simple, free and practical.

5 Zoho

www.zoho.com

A suite of free business programs. From word processing and presentation software to tools for taking notes in meetings, planning projects and creating databases.

6 Backpack

www.backpackit.com

To-do lists, notes, ideas and calendar. Excellent for juggling projects and much more versatile than a ring folder.

7 GetNetWise

www.getnetwise.org

All you need to know about keeping the net safe - protecting children, preventing spam, avoiding viruses and stopping others accessing your personal details.

8 DaFont

www.dafont.com

More than 7,500 free fonts (for Mac and PC), so you can at last stop using Copperplate for your party invitations.

9 Pando

www.pando.com

The superfast way to send large files over the web. Don’t attach that family video to an email, Pando it instead.

10 FlipClips

www.flipclips.com

Turn your home videos into animated flip books. Much more appealing than another DVD.

ENTERTAINMENT

11 Digital Spy

www.digitalspy.co.uk

Entertainment, media and showbiz news. Plus, a surprisingly good forum for technology-related problems - a great place to sort out your broadband.

12 BBC iPlayer

www.bbc.co.uk/iplayer

On-demand television and radio programmes from the BBC.

13 Whatsonwhen

www.whatsonwhen.com

Events, attractions, openings and exhibitions from around the world. Enter a location and dates and the site will show listings.















Up in lights: a guide to London’s Theatreland is online

14 London Theatre Guide

www.londontheatre.co.uk

What’s coming on and what’s making an exit in London’s theatre world. Especially good for seating plans, so you can see where the box office staff are putting you.

15 The Internet Movie Database

www.imdb.com

The world’s biggest (and still growing) reference for actors, directors, locations, plots…

16 Rotten Tomatoes

www.rottentomatoes.com

A round-up of what the critics thought of films on general release.

17 Screenonline

www.screenonline.org.uk

The British Film Institute’s definitive guide to the British film industry. Plots, features, statistics and news from the film world.

18 Good Reads

www.goodreads.com

Expand your reading. Catalogue your books online and others make recommendations based on what you seem to enjoy.

19 TV Guide

www.tvguide.co.uk

News, features and listings for Britain’s terrestrial and cable television. Customisable interface so your favourite channels are always at the top.

20 Football365

www.football365.com

The authentic (and often tangential) voice of the Britain’s ‘real’ football supporters.

21 CricInfo

www.cricinfo.com

Everything you want to know about the world of cricket.

22 Beijing Olympics

en.beijing2008.cn

The official Olympics site, with news, scheduling, features and a countdown to the games themselves.

23 Radio Locator

www.radio-locator.com

From shock jocks to orchestral baroque, thousands of internet radio stations to listen to on your computer.

24 Live Plasma

www.liveplasma.com

Expand your music and movie tastes. Enter the name of a song, band, movie, actor or director you like and Live Plasma will return some pretty intelligent recommendations for further investigation.

25 Blinkx

www.blinkx.com

A clever way of searching for video clips on the internet - from uploaded episodes of your favourite soap to comedy home-video moments.

26 Lulu

www.lulu.com

Self-publishing made smart again. Write, design and then print your own books - though you’ll still have to persuade others to buy them.

27 VideoJug

www.videojug.com

28 Wonder How To

www.wonderhowto.com

Two great sites full of short videos showing you how to do almost anything, from the incredibly useful (exercises for diabetes sufferers, tying a Windsor knot) to the revelatory (’learn different kinds of kisses’), via the wonderfully obscure (’make a moving jaw for your werewolf mask’).

29 Instructables

www.instructables.com

DIY projects from zombie make-up to LED balloons. Excellent selection of rainy-day projects for bored children (and adults) at home.

30 Flash games

www.k2xl.com

Addictive series of Flash games including the hypnotically soothing Boomshine.













Legend of Zelda: Phantom Hourglass

Stuck on Zelda? The Net can help

31 GameSpot

www.gamespot.com

News, reviews, hints and tips for virtually every console game on the market. Essential if you are still up at 2am trying to find a way into the castle on Zelda.

32 Anagrammer

www.anagrammer.com

Online anagram machine for Scrabble players and crossword enthusiasts. Also solves Sudoku.

ADVICE AND INFORMATION

33 Newsmap

marumushi.com/apps/newsmap

A wonderfully graphical - and customisable - display of news stories from around the world. Click on an item to see the full story.

34 The Eggcorn Database

eggcorns.lascribe.net

Continually updated guide to modern-day Malapropisms, misunderstandings and other manglings of language. From ‘high dungeon’ to ‘wreckless driving’, Eggcorn names the culprits and nudges them in the right direction.

35 Arts and Letters Daily

www.aldaily.com

World-class articles from intellectual and influential journals around the world. Browse the day’s selections. Like The Week for eggheads.

36 Ask Philosophers

www.askphilosophers.org

The academy comes to cyberspace. A panel of mainly American and British philosophy scholars answers questions sent in by the public. Search the database, from Abortion to War, or send in a question of your own.












Pilgrimage


Muslims on a pilgrimage to Mecca, but when is the Hajj?

37 When Is

www.when-is.com

Shows you the dates of Jewish, Christian, Buddhist, Muslim, Hindu and American holidays from now to 2010.

38 Rhyme Zone

www.rhymezone.com

For when the muse has gone, a rhyme and synonym generator to help you towards the perfect mot. You can also search for Shakespeare quotations, biblical references and other literary inspirations.

39 Nationmaster

www.nationmaster.com

Giant but easily searchable database of statistics, maps and profiles for every country in the world.

40 Digg

www.digg.com

The people’s approach to news and features, Digg brings together items from across the net, ranked according to how many people have felt them worth recommending. Sometimes a little techie-heavy, but excellent for discovering what the cyberworld is getting worked up about.

41 They Work For You

www.theyworkforyou.com

A powerful way of keeping tabs on MPs and peers: attendance records, voting patterns, recent statements and more.

42 Time Bank

www.timebank.org.uk

Volunteering opportunities for young people, sorted by region, interest, skills and need.

43 Wikipedia

www.wikipedia.org

Controversial, democractic and sometimes error-strewn encyclopaedia that has brought Darwinism to the world of knowledge. Make it your first port of call for looking something up. Just be sure to check somewhere else that what you find makes sense.

44 Wiktionary

www.wiktionary.org

Wikipedia’s online multilingual dictionary. Immensely powerful and far less controversial than its encyclopaedic forebear.

45 Motley Fool

www.fool.co.uk

The original - and still the best - personal finance site on the web (the American version is at www.fool.com). For savers, borrowers, stock spotters and day traders, sound, independent advice that cuts through the jargon.

46 Martindale’s ‘The Reference Desk’

www.martindalecenter.com

From the arts, business, science and technology, a dry but authoritative conglomeration of data from around the world.

47 PubMed

www.ncbi.nlm.nih.gov/PubMed

Free and authoritative database of more than 17 million medical research papers. Not always easy to understand if you are not a medic, but a far better place to look for information than the random sites that come up on Google.

48 About.com

www.about.com

The internet’s version of that clever uncle who always seems to know the answer to your questions. There are few subjects the site doesn’t tackle, though the coverage can be superficial. A good starting point for idle research.

49 NHS Direct

www.nhsdirect.nhs.uk

Online information and advice about health and illness, run by Britain’s National Health Service. The site includes a useful self-diagnosis tool that can reassure you that your hangover is not in fact meningitis.

50 Legal Services Shop

www.freelawyer.co.uk

General legal advice relating to housing, family law, employment, motoring, consumer issues and personal injury, plus wills, conveyancing and divorce. Good starting point to see where you stand. Will also, for a fixed fee, answer questions and put you in touch with a solicitor.

51 How Stuff Works

www.howstuffworks.com

Engaging encyclopaedia of the modern (and not so modern) world, with good illustrations and clear text. Can suffer sometimes from an ‘it’s amazing!’ tone of voice..

52 XE

www.xe.com

Currency converter covering every world currency. Azerbaijan new manats to Cayman Island dollars? Just a click away.

53 Advice Guide

www.adviceguide.org.uk

Find where you stand legally with the Citizens Advice Bureau’s online information resource.

54 Need2Know

www.need2know.co.uk













Jogging

Need to know? Find out how to stay fit online

Advice and information for young people, including health and fitness, drugs, problems with bullying, how to study and applying for jobs.

55 Royal Horticultural Society

www.rhs.org.uk

Advice and suggestions from the world’s leading gardening organisation. A good ‘how-to’ section and seasonal tips for the time of year.

56 Babelfish

babelfish.altavista.com

Automatic translation to and from most European languages and Chinese. The results are sometimes a little strange, but you will usually get your message across.

57 eHow

www.ehow.com

How to do just about everything, from getting stains off curtains to buying a second-hand car.

58 Eat the Seasons

www.eattheseasons.co.uk

Updated weekly, information, tips and recipe ideas on British seasonal food.

59 Age Concern

www.ageconcern.org.uk

Website of Britain’s leading charity for the elderly, packed with advice about maintaining an active life.

60 Weather.com

www.weather.com

The queen of weather sites, with more information than you would possibly imagine you might need, from pollen counts to surf forecasts.

61 Uncyclopedia

uncyclopedia.org

Spoof Wikipedia-style encyclopaedia where nothing is true, but a good deal is very funny indeed. Idle away an afternoon or, even better, hone your comedy skills by making a contribution yourself.

62 Kiva

www.kiva.org

An easy way to lend small sums (from $25) to business projects in the developing world. Kiva keeps track of your investment, updates you on progress and repays your loan as the business grows.

63 Embarrassing problems

www.embarrassingproblems.co.uk

From bad breath and piles to cold sores and beyond, Dr Margaret Stearn dispenses invaluable advice.

HOUSE AND HOME

64 Noise Mapping England

www.noisemapping.org

Click on an area of the map to find out how noisy a street, or even a section of the street, is - handy for light sleepers planning a move. At the moment only London is mapped, but the rest of England will follow.












For sale signs


Banner ads: find out how much properties on your street have sold for

65 Prime Location

www.primelocation.com

One of the best sites for finding property. It is UK-based but has a good international presence.

66 Rated People

www.ratedpeople.com

User reviews on local tradesmen. You describe the job you need done and how quickly and suppliers contact you with quotes - with previous customers rating them.

67 Zoopla

www.zoopla.co.uk

Possibly the most dangerous site on this list, Zoopla gives sale prices of recently sold homes and - the tricky bit - estimates the value of the rest. We dare you not to look.

68 Money Saving Expert

www.moneysavingexpert.com

Subtitled ‘Consumer Revenge’, this is where you find the discounts, tricks and tips to save money. The weekly email is essential reading for canny consumers. It caters only for Britain, but every country should have one.

69 MetaEfficient

www.metaefficient.com

Practical guide to making your home more environmentally friendly, from low-flow showerheads to 12V lighting. US-based, but many of the products are available elsewhere.

70 Design My Room

www.DesignMyRoom.com

For budding Laurence Llewellyn-Bowens everywhere, it provides the ability to redecorate your home in cyberspace. Choose colours, furniture, accessories and finishes and then publish the results online.

71 Up My Street

www.upmystreet.com

Neighbourhood information based on postcode: schools, shopping and, juciest of all, how much the house down the road sold for recently.

72 Home For Exchange

www.homeforexchange.com

One of many sites where you can swap homes with someone else for a period. This is less cluttered than some of the others and has a good geographical spread.

73 SimplySwitch

www.simplyswitch.com

The fast way to compare utility suppliers and other services, from broadband to home insurance. Enter your postcode and the site comes back with the best deals.

74 101 Cookbooks

www.101cookbooks.com

Enchanting recipe and foodie blog from a Californian cook who believes in good food. Subscribe to the email alert service and transform your cooking repertoire.

SOCIAL

75 Facebook

www.facebook.com

The most grown-up (just) of the social-networking sites that are fast taking over the world. Excellent for staying in touch with far-flung friends, though pretty good too for re-establishing contact with those you hoped you had lost.













Pub

Good old days: who needs the pub when you can socialise online?

76 Wordpress

www.wordpress.com

The quickest and easiest way to create a blog of your own.

77 Ringsurf

www.ringsurf.com

Like an online Mothers’ Union meeting (though sometimes a little more risqué), Ringsurf is a chatroom where people exchange ideas about anything from politics to relationships. The quality is not always high, but users have been known to discover new (real-life) friends with interests they thought no one would share. A tribute to the information-sharing capability of the net.

78 bubbl.us

www.bubbl.us

Organise your thoughts by creating mindmaps online and sharing them with others.

79 Technorati

www.technorati.com

An intelligent, intuitive and inspiring way to read entries from some of the millions of blogs that dot the internet. You can browse by subject or area of interest, read the postings that are catching the world’s attention and bookmark blogs that catch your attention. And if you want to join in…

80 Flickr

www.flickr.com

The website you graduate to once you’ve discovered how to put your holiday snaps on the net. Here, everyone’s photos are linked by using tags, such as ‘Spain’, ‘beach’ or ‘happy’, which sets you off on an exploration of others’ uploads.

81 BabyCentre

www.babycentre.co.uk

There are plenty of great parenting forums out there - Netmums, Mumsnet - but this is still the best source of considered, authoritative, often soothing advice on everything from colic to tax credits.

82 Friction TV

www.friction.tv

YouTube for debaters. Upload a short video about an issue close to your heart and others reply in kind or by text.

SHOPPING

83 GiftGen

www.giftgen.co.uk

Gift ideas for when you can’t think what to buy someone. You enter their age, sex and interests and how much you want to pay and it scours the net for ideas.

84 eBay

www.ebay.co.uk












High street


Shopping on the high street, but better deals may be online

Online shopping for (nearly) everything you might want to buy. The original auction formula is still going strong, but plenty more features have been added since it began. Take a look at non-UK sites, such as ebay.fr and ebay.de, too, for bargains others may have missed. The layout is the same even if you don’t speak the language.

85 Who What Wear Daily

www.whowhatweardaily.com

Fashion tips, advice and suggestions. Includes Ask a Stylist for those tricky co-ordination problems and a What Was She Wearing? inquiry service to help you track down your favourite celebrity’s fashion choice.

86 Gumtree

www.gumtree.com

Unabashedly straightforward classified ads site, for everything from new homes to online romance.

87 AbeBooks

www.abebooks.co.uk

The Amazon of the second-hand book world. More than 13,500 booksellers selling 110 million books. If it’s not here, it’s not worth looking for.

88 Kelkoo

www.kelkoo.co.uk

There are plenty of price-comparison sites on the web, but this one seems to get it right more often than most. Type in what you want to buy and Kelkoo will come back with the cheapest prices it can find.

89 Endgadget

www.engadget.com

A (digital) finger on the pulse of the technology world. All the newest developments, discoveries, gadgets and toys - before they hit the shops.

90 Cork’d

www.corkd.com

Discover more about wine by reviewing what you’ve enjoyed and receiving tips and suggestions from others.

91 I Love Jeans

www.ilovejeans.com

Find the right jeans for your fit before you even leave home. A cheeky but revealing ‘body type’ guide takes you straight to the brand you should be trying. Search by style, body type or brand. Women only.

TRAVEL

92 Sky Scanner

www.skyscanner.net













Jumbo jet

Take flight: book your getaway from your own PC

Monitors prices and destinations for all the low-cost airlines so you just type in where you want to go and when to find the best deal.

93 The Man in Seat 61

www.seat61.com

Routes, tickets, tips and advice - the only guide you need to travelling by train from Britain to Europe and the rest of the world.

94 Walk It

www.walkit.com

Online pedestrian routefinder for London, Birmingham, Newcastle and Edinburgh that shows you the best route to walk from A to B. Includes calorie counter, CO2 savings and points of interest on the way. Other cities coming soon.

95 Transport for London Journey Planner

journeyplanner.tfl.gov.uk

Indispensable and almost always spot-on guide to negotiating the capital’s public transport system. You enter your starting point and destination and it gives you the best bus, tube, cycle and even boat routes to get you across town.

96 ViaMichelin

www.viamichelin.com

A hi-tech hark-back to the days of leisurely motoring. ViaMichelin gives you maps, routes and directions throughout Britain and continental Europe with added panache. The maps have a pleasant printed quality about them and, naturally enough, your route is accompanied by gastronomic highlights to be found along the way. There’s also information about destinations.

97 Carbon Neutral

www.carbonneutral.com

Information on your carbon footprint and how to cut it down. Includes an online calculator to measure your effect on the world.

98 Expedia

www.expedia.com

Excellent all-round travel site. Use it for good prices on flights and holidays, but click on ‘Destinations’ for some well-researched and up-to-date travel guides.

99 SeatGuru

www.seatguru.com

Aircraft seating plans, showing you the prime seats, possible annoyances and seats you should avoid.

100 Airline Meals

www.airlinemeals.net

A consumer guide to what you can expect to eat on board. There are news and features from the airline catering world, but the best part is a gallery of photos of on-board meals sent in by passengers and listed by airline.

101 World Hum

www.worldhum.com

Travel writing with a twist. Click on the destination you have in mind and be prepared to be inspired. The site also offers tavelogues, news, books reviews, blogs and slideshows.
Read More...

The Top 10 Ways to get screwed by the "C" programming language

10:57 AM
To get on this list, a bug has to be able to cause at least half a day of futile head scratching, and has to be aggravated by the poor design of the "C" language. In the interests of equal time, and to see how the world has progressed in the 20-odd years since "C" escaped from its spawning ground, see my Top 10 Ways to be Screwed by the Java programming language, and for more general ways to waste a lot of time due to bad software, try my Adventures in Hell page.

A better language would allow fallible programmers to be more productive. Infallible programmers, of the type unix' and "C" designers anticipated, need read no further. In fairness, I have to admit that the writers of compilers have improved on the situation in recent years, by detecting and warning about potentially bad code in many cases.

1. Non-terminated comment, "accidentally" terminated by some subsequent comment, with the code in between swallowed.

a=b; /* this is a bug
c=d; /* c=d will never happen */

2. Accidental assignment/Accidental Booleans

if(a=b) c; /* a always equals b, but c will be executed if b!=0 */

Depending on your viewpoint, the bug in the language is that the assignment operator is too easy to confuse with the equality operator; or maybe the bug is that C doesn't much care what constitutes a boolean expression: (a=b) is not a boolean expression! (but C doesn't care).

Closely related to this lack of rigor in booleans, consider this construction:

if( 0 < a < 5) c; /* this "boolean" is always true! */

Always true because (0
Or consider this:

if( a =! b) c; /* this is compiled as (a = !b), an assignment, rather than (a != b) or (a == !b) */

3. Unhygienic macros

#define assign(a,b) a=(char)b
assign(x,y>>8)

becomes
x=(char)y>>8 /* probably not what you want */
4. Mismatched header files

Suppose foo.h contains:

struct foo { BOOL a};

file F1.c contains
#define BOOL char
#include "foo.h"

file F2.c contains
#define BOOL int
#include "foo.h"

now, F1. and F2 disagree about the fundamental attributes of structure "foo". If they talk to each other, You Lose!
5. Phantom returned values

Suppose you write this

int foo (a)
{ if (a) return(1); } /* buggy, because sometimes no value is returned */

Generally speaking, C compilers, and C runtimes either can't or don't tell you there is anything wrong. What actually happens depends on the particular C compiler and what trash happened to be left lying around wherever the caller is going to look for the returned value. Depending on how unlucky you are, the program may even appear to work for a while.

Now, imagine the havoc that can ensue if "foo" was thought to return a pointer!

6. Unpredictable struct construction

Consider this bit packing struct:

struct eeh_type
{
uint16 size: 10; /* 10 bits */
uint16 code: 6; /* 6 bits */
};

Depending on which C compiler, and which "endian" flavor of machine you are on, this might actually be implemented as

<10-bits><6-bits>

or as

<6-bits><10-bits>

Also, again depending on the C compiler, machine architecture, and various mysterious preference settings,
the items might be aligned to the nearest 8, 16, 32, or 64 bits.

So what matters? If you are trying to match bits with a real world file,
everything!


Need another way to lose big? How about this:

Rect foo = {0,1,2,3}; // assign numbers to the first four slots

You may think you know what those four slots are, but there's at least an
even chance you'll have to discover the hard way if the structure ever
changes.

7. Indefinite order of evaluation (contributed by Xavier @ triple-i.com)

foo(pointer->member, pointer = &buffer[0]);

Works with gcc (and other compilers I used until I tried acc) and does not with acc. The reason is that gcc evaluates function arguments from left to right, while acc evaluates arguments from right to left.

K&R and ANSI/ISO C specifications do not define the order of evaluation for function arguments. It can be left-to-right, right-to-left or anything else and is "unspecified". Thus any code which relies on this order of evaluation is doomed to be non portable, even across compilers on the same platform.

This isn't an entirely non controversial point of view. Read the supplementary dialog on the subject.

8. Easily changed block scope (Suggested by Marcel van der Peijl )

if( ... )
foo();
else
bar();

which, when adding debugging statements, becomes

if( ... )
foo(); /* the importance of this semicolon can't be overstated */
else
printf( "Calling bar()" ); /* oops! the else stops here */
bar(); /* oops! bar is always executed */

There is a large class of similar errors, involving misplaced semicolons and brackets.
9. Permissive compilation (suggested by James M. Stern)

I once modified some code that called a function via a macro:

CALLIT(functionName,(arg1,arg2,arg3));

CALLIT did more than just call the function. I didn't want to do the extra stuff so I removed the macro invocation, yielding:

functionName,(arg1,arg2,arg3);

Oops. This does not call the function. It's a comma expression that:
1. Evaluates and then discards the address of functionName
2. Evaluates the parenthesized comma expression (arg1,arg2,arg3)
C's motto: who cares what it means? I just compile it! My own favorite in this vein is this:

switch (a) {
int var = 1; /* This initialization typically does not happen. */
/* The compiler doesn't complain, but it sure screws things up! */
case A: ...
case B: ...
}

Still not convinced? Try this one (suggested by Mark Scarbrough ):

#define DEVICE_COUNT 4
uint8 *szDevNames[DEVICE_COUNT] = {
"SelectSet 5000",
"SelectSet 7000"}; /* table has two entries of junk */

10. Unsafe returned values (suggested by Bill Davis )

char *f() {
char result[80];
sprintf(result,"anything will do");
return(result); /* Oops! result is allocated on the stack. */
}

int g()
{
char *p;
p = f();
printf("f() returns: %s\n",p);
}
The "wonderful" thing about this bug is that it sometimes seems to be a correct program; As long as nothing has reused the particular piece of stack occupied by result.

11. Undefined order of side effects. (suggested by michaelg@owl.WPI.EDU and others)

Even within a single expression, even with only strictly manifest side effects, C doesn't define the order of the side effects. Therefore, depending on your compiler, I/++I might be either 0 or 1. Try this:

#include

int foo(int n) {printf("Foo got %d\n", n); return(0);}

int bar(int n) {printf("Bar got %d\n", n); return(0);}

int main(int argc, char *argv[])
{
int m = 0;
int (*(fun_array[3]))();

int i = 1;
int ii = i/++i;

printf("\ni/++i = %d, ",ii);

fun_array[1] = foo; fun_array[2] = bar;

(fun_array[++m])(++m);
}

Prints either i/++i = 1 or i/++i=0;

Prints either "Foo got 2", or "Bar got 2"
12. Uninitialized local variables

Actually, this bug is so well known, it didn't even make the list! That doesn't make it less deadly when it strikes. Consider the simplest case:

void foo(a)
{ int b;
if(b) {/* bug! b is not initialized! */ }
}

and in truth, modern compilers will usually flag an error as blatant as the above. However, you just have to be a little more clever to outsmart the compiler. Consider:

void foo(int a)
{ BYTE *B;
if(a) B=Malloc(a);
if(B) { /* BUG! B may or may not be initialized */ *b=a; }
}

13. Cluttered compile time environment

The compile-time environment of a typical compilation is cluttered with hundreds (or thousands!) of things that you typically have little or no awareness of. These things sometimes have dangerously common names, leading to accidents that can be virtually impossible to spot.

#include
#define BUFFSIZE 2048
long foo[BUFSIZ]; //note spelling of BUFSIZ != BUFFSIZE

This compiles without error, but will fail in predictably awful and mysterious ways, because BUFSIZ is a symbol defined by stdio.h. A typo/braino like this can be virtually impossible to find if the distance between the the #define and the error is greater than in this trivial example.

14. Under constrained fundamental types

I've been seriously burned because different compilers, or even different options of the same compiler, define the fundamental type int as either 16 or 32 bits.. In the same vein, name any other language in which boolean might be defined or undefined, or might be defined by a compiler option, a runtime pragma (yes! we have booleans!), or just about any way the user decided would work ok.
15. Utterly unsafe arrays

This is so obvious it didn't even make the list for the first 5 years, but C's arrays and associated memory management are completely, utterly unsafe, and even obvious cases of error are not detected.

int thisIsNuts[4]; int i;
for ( i = 0; i < 10; ++i )
{
thisIsNuts[ i ] = 0; /* Isn't it great ? I can use elements 1-10 of a 4 element array, and no one cares */
}

Of course, there are infinitely many ways to do things like this in C.

16. Octal numbers (suggested by Paul C. Anagnostopoulos)

In C, numbers beginning with a zero are evaluated in base 8. If there are no 8's or 9's in the numbers, then there will be no complaints from the compiler, only screams from the programmer when he finally discovers the nature of the problem.

int numbers[] = { 001, // line up numbers for typographical clarity, lose big time
010, // 8 not 10
014 }; // 12, not 14

Not convinced ? Try atoi('000010');
17. Signed Characters/Unsigned bytes.
C was forced into a consistency trap by including unsigned as a modifier for all integer types. On one hand, the fact that types char and byte are signed causes all kinds of problems - It is never intuitive that 128 is a negative number, and so very easy to forget. On the other hand, any arithmetic using low precision integers must be done very carefully, and C makes it much too easy to ignore this.

char s = 127;
unsigned char u = 127;
s++; /* the result is a negative number! Effectively overflow occurs, but no trap */
if (s if(s>127) { /* this can never be true */ }
if(u<0) { /* this can never be true*/ }

18. Fabulously awful "standard libraries" (suggested by Pietro Gagliardi)
The default libraries in C are leftovers from the stone age of computing, when anything that worked was acceptable. They are full of time bombs waiting to explode at runtime, For an example, look no further than the "standard i/o library", which, amazingly, is still standard.

{ int a=1,b=2;
char buf[10];
scanf("%d %d",a,b); // don't you mean &a,&b? Prepare to blow!
sprintf(buf,"this is the result: %d %d"); // putting at least 20 characters in a 10 character buffer
// and fetching a couple random vars from the stack.
}
Read More...

Special ALT Characters

10:36 AM
To obtain an ALT Character:

1. Make certain that the
2. Num Lock key has been pressed to activate the numeric key section of the keyboard. Depress the 3. Alt key.
4. While the Alt key is depressed, type the proper sequence of numbers (on the numeric keypad) of the ALT code from the table above. Release the
Alt key, and the character will appear.





To obtain an ALT Character:

1. Make certain that the
2. Num Lock key has been pressed to activate the numeric key section of the keyboard. Depress the
3. Alt key.
4. While the Alt key is depressed, type the proper sequence of numbers (on the numeric keypad) of the ALT code from the table above. Release the
Alt key, and the character will appear.
Read More...

Thursday, April 17, 2008

Top 100 Network Security Tools

11:15 PM
#1 Nessus : Premier UNIX vulnerability assessment tool

Nessus is the best free network vulnerability scanner available, and the best to run on UNIX at any price. It is constantly updated, with more than 11,000 plugins for the free (but registration and EULA-acceptance required) feed. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. Nessus 3 is now closed source, but is still free-of-cost unless you want the very newest plugins.


#2 Wireshark : Sniffing the glue that holds the Internet together

Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).


#3 Snort : Everyone's favorite open source IDS

This lightweight network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

Open source Snort works fine for many individuals, small businesses, and departments. Parent company SourceFire offers a complimentary product line with more enterprise-level features and real-time rule updates. They offer a free (with registration) 5-day-delayed rules feed, and you can also find many great free rules at Bleeding Edge Snort.


#4 Netcat : The network Swiss army knife

This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections. The original Netcat was released by Hobbit in 1995, but it hasn't been maintained despite its immense popularity. It can sometimes even be hard to find nc110.tgz. The flexibility and usefulness of this tool have prompted people to write numerous other Netcat implementations - often with modern features not found in the original. One of the most interesting is Socat, which extends Netcat to support many other socket types, SSL encryption, SOCKS proxies, and more. It even made this list on its own merits. There is also Chris Gibson's Ncat, which offers even more features while remaining portable and compact. Other takes on Netcat include OpenBSD's nc, Cryptcat, Netcat6, PNetcat, SBD, and so-called GNU Netcat.


#5 Metasploit Framework : Hack the Planet

Metasploit took the security world by storm when it was released in 2004. No other new tool even broke into the top 15 of this list, yet Metasploit comes in at #5, ahead of many well-loved tools that have been developed for more than a decade. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their online exploit building demo. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. Similar professional exploitation tools, such as Core Impact and Canvas already existed for wealthy users on all sides of the ethical spectrum. Metasploit simply brought this capability to the masses.


#6 Hping2 : A network probing utility like ping on steroids

This handy little utility assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. This tool is particularly useful when trying to traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities. This often allows you to map out firewall rulesets. It is also great for learning more about TCP/IP and experimenting with IP protocols.


#7 Kismet : A powerful wireless sniffer

Kismet is an console (ncurses) based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing (as opposed to more active tools such as NetStumbler), and can even decloak hidden (non-beaconing) networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/TCPDump compatible format, and even plot detected networks and estimated ranges on downloaded maps. As you might expect, this tool is commonly used for wardriving. Oh, and also warwalking, warflying, and warskating, ...


#8 Tcpdump : The classic sniffer for network monitoring and data acquisition

Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with fewer security holes. It also requires fewer system resources. While it doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. TCPDump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap among many other tools.


#9 Cain and Abel : The top password recovery tool for Windows

UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented.


#10 John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here


#11 Ettercap : In case you still thought switched LANs provide much extra security

Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.


#12 Nikto : A more comprehensive web scanner

Nikto is an open source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired). It uses Whisker/libwhisker for much of its underlying functionality. It is a great tool, but the value is limited by its infrequent updates. The newest and most critical vulnerabilities are often not detected.


#13 Ping/telnet/dig/traceroute/whois/netstat : The basics

While there are many whiz-bang high-tech tools out there to assist in security auditing, don't forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that Windows omits whois and uses the name tracert). They can be very handy in a pinch, although for more advanced usage you may be better off with Hping2 and Netcat.


#14 OpenSSH / PuTTY / SSH : A secure way to access remote computers

SSH (Secure Shell) is the now ubiquitous program for logging into or executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network, replacing the hideously insecure telnet/rlogin/rsh alternatives. Most UNIX users run the open source OpenSSH server and client. Windows users often prefer the free PuTTY client, which is also available for many mobile devices. Other Windows users prefer the nice terminal-based port of OpenSSH that comes with Cygwin. Dozens of other free and proprietary clients exist.


#15 THC Hydra : A Fast network authentication cracker which support many different services

When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC.


#16 Paros proxy : A web application vulnerability assessment proxy

A Java based web proxy for assessing web application vulnerability. It supports editing/viewing HTTP/HTTPS messages on-the-fly to change items such as cookies and form fields. It includes a web traffic recorder, web spider, hash calculator, and a scanner for testing common web application attacks such as SQL injection and cross-site scripting.


#17 Dsniff : A suite of powerful network auditing and penetration-testing tools

This popular and well-engineered suite by Dug Song includes many tools. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected ssh and https sessions by exploiting weak bindings in ad-hoc PKI. A separately maintained partial Windows port is available here. Overall, this is a great toolset. It handles pretty much all of your password sniffing needs.


#18 NetStumbler : Free Windows 802.11 Sniffer

Netstumbler is the best known Windows tool for finding open wireless access points ("wardriving"). They also distribute a WinCE version for PDAs and such named Ministumbler. The tool is currently free but Windows-only and no source code is provided. It uses a more active approach to finding WAPs than passive sniffers such as Kismet or KisMAC.


#19 THC Amap : An application fingerprinting scanner

Amap is a great tool for determining what application is listening on a given port. Their database isn't as large as what Nmap uses for its version detection feature, but it is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap even knows how to parse Nmap output files. This is yet another valuable tool from the great guys at THC.


#20 GFI LANguard : A commercial network security scanner for Windows

GFI LANguard scans IP networks to detect what machines are running. Then it tries to discern the host OS and what applications are running. I also tries to collect Windows machine's service pack level, missing security patches, wireless access points, USB devices, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. Scan results are saved to an HTML report, which can be customized/queried. It also includes a patch manager which detects and installs missing patches. A free trial version is available, though it only works for up to 30 days.


#21 Aircrack : The fastest available WEP/WPA cracking tool

Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).


#22 Superscan : A Windows-only port scanner, pinger, and resolver

SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois.


#23 Netfilter : The current Linux kernel packet filter/firewall

Netfilter is a powerful packet filter implemented in the standard Linux kernel. The userspace iptables tool is used for configuration. It now supports packet filtering (stateless or stateful), all kinds of network address and port translation (NAT/NAPT), and multiple API layers for 3rd party extensions. It includes many different modules for handling unruly protocols such as FTP. For other UNIX platforms, see Openbsd PF (OpenBSD specific), or IP Filter. Many personal firewalls are available for Windows (Tiny,Zone Alarm, Norton, Kerio, ...), though none made this list. Microsoft included a very basic firewall in Windows XP SP2, and will nag you incessantly until you install it.


#24 Sysinternals : An extensive collection of powerful windows utilities


Sysinternals provides many small windows utilities that are quite useful for low-level windows hacking. Some are free of cost and/or include source code, while others are proprietary. Survey respondents were most enamored with:

* ProcessExplorer for keeping an eye on the files and directories open by any process (like LSoF on UNIX).
* PsTools for managing (executing, suspending, killing, detailing) local and remote processes.
* Autoruns for discovering what executables are set to run during system boot up or login.
* RootkitRevealer for detecting registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
* TCPView, for viewing TCP and UDP traffic endpoints used by each process (like Netstat on UNIX).

Update: Microsoft acquired Sysinternals in July 2006, promising that â€Å“Customers will be able to continue building on Sysinternals' advanced utilities, technical information and source code”. Less than four months later, Microsoft removed most of that source code. Future product direction is uncertain.


#25 Retina : Commercial vulnerability assessment scanner by eEye

Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research.


#26 Perl / Python / Ruby : Portable, general-purpose scripting languages

While many canned security tools are available on this site for handling common tasks, scripting languages allow you to write your own (or modify existing ones) when you need something more custom. Quick, portable scripts can test, exploit, or even fix systems. Archives like CPAN are filled with modules such as Net::RawIP and protocol implementations to make your tasks even easier.


#27 L0phtcrack : Windows password auditing and recovery application

L0phtCrack, also known as LC5, attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows NT/2000 workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, but you can still find the LC5 installer floating around. The free trial only lasts 15 days, and Symantec won't sell you a key, so you'll either have to cease using it or find a key generator. Since it is no longer maintained, you are probably better off trying Cain and Abel, John the Ripper, or Ophcrack instead.


#28 Scapy : Interactive packet manipulation tool

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make.


#29Sam Spade : Freeware Windows network query tool
Sam Spade provides a consistent GUI and implementation for many handy network query tasks. It was designed with tracking down spammers in mind, but can be useful for many other network exploration, administration, and security tasks. It includes tools such as ping, nslookup, whois, dig, traceroute, finger, raw HTTP web browser, DNS zone transfer, SMTP relay check, website search, and more. Non-Windows users can enjoy online versions of many of their tools.


#30 GnuPG / PGP : Secure your files and communication w/advanced encryption

PGP is the famous encryption program by Phil Zimmerman which helps secure your data from eavesdroppers and other risks. GnuPG is a very well-regarded open source implementation of the PGP standard (the actual executable is named gpg). While GnuPG is always free, PGP costs money for some uses.


#31 Airsnort : 802.11 WEP Encryption Cracking Tool

AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack.


#32 BackTrack : An Innovative Penetration Testing live Linux distribution

This excellent bootable live-CD Linux distribution comes from the merger of Whax and Auditor. It boasts a huge variety of Security and Forensics tools and provides a rich development environment. User modularity is emphasized so the distribution can be easily customized by the user to include personal scripts, additional tools, customized kernels, etc.


#33 P0f : A versatile passive OS fingerprinting tool

P0f is able to identify the operating system of a target host simply by examining captured packets even when the device in question is behind an overzealous packet firewall. P0f does not generate ANY additional network traffic, direct or indirect. No name lookups, no mysterious probes, no ARIN queries, nothing. In the hands of advanced users, P0f can detect firewall presence, NAT use, existence of load balancers, and more!


#34 Google : Everyone's Favorite Search Engine

While it is far more than a security tool, Google's massive database is a good mind for security researchers and penetration testers. You can use it to dig up information about a target company by using directives such as “site:target-domain.com” and find employee names, sensitive information that they wrongly thought was hidden, vulnerable software installations, and more. Similarly, when a bug is found in yet another popular webapp, Google can often provide a list of vulnerable servers worldwide within seconds. The master of Google hacking is Johny Long. Check out his Google Hacking Database or his excellent book: Google Hacking for Penetration Testers.


#35 WebScarab : A framework for analyzing applications that communicate using the HTTP and HTTPS protocols

In its simplest form, WebScarab records the conversations (requests and responses) that it observes, and allows the operator to review them in various ways. WebScarab is designed to be a tool for anyone who needs to expose the workings of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that the application has been designed or implemented.


#36 Ntop : A network traffic usage monitor

Ntop shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode, it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.


#37 Tripwire : The grand-daddy of file integrity checkers

A file and directory integrity checker. Tripwire is a tool that aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner. An open source Linux version is freely available at Tripwire.Org. UNIX users may also want to consider AIDE, which has been designed to be a free Tripwire replacement. Or you may wish to investigate Radmind, RKHunter, or chkrootkit. Windows users may like RootkitRevealer from Sysinternals.


#38 Ngrep : Convenient packet matching & display

ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.


#39 Nbtscan : Gathers NetBIOS info from Windows networks

NBTscan is a program for scanning IP networks for NetBIOS name information. It sends a NetBIOS status query to each address in supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address.


#40 WebInspect : A Powerful Web Application Scanner

SPI Dynamics' WebInspect application security assessment tool helps identify known and unknown vulnerabilities within the Web application layer. WebInspect can also help check that a Web server is configured properly, and attempts common web attacks such as parameter injection, cross-site scripting, directory traversal, and more.


#41 OpenSSL : The premier SSL/TLS encryption library

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.


#42 Xprobe2 : Active OS fingerprinting tool

XProbe is a tool for determining the operating system of a remote host. They do this using some of the same techniques as Nmap as well as some of their own ideas. Xprobe has always emphasized the ICMP protocol in its fingerprinting approach.


#43 EtherApe : EtherApe is a graphical network monitor for Unix modeled after etherman

Featuring link layer, IP and TCP modes, EtherApe displays network activity graphically with a color coded protocols display. Hosts and links change in size with traffic. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network.


#44 Core Impact : An automated, comprehensive penetration testing product

Core Impact isn't cheap (be prepared to spend tens of thousands of dollars), but it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. If you can't afford Impact, take a look at the cheaper Canvas or the excellent and free Metasploit Framework. Your best bet is to use all three.


#45 IDA Pro : A Windows or Linux disassembler and debugger

Disassembly is a big part of security research. It will help you dissect that Microsoft patch to discover the silently fixed bugs they don't tell you about, or more closely examine a server binary to determine why your exploit isn't working. Many disassemblers are available, but IDA Pro has become the de-facto standard for the analysis of hostile code and vulnerability research. This interactive, programmable, extensible, multi-processor disassembler now supports Linux (console mode) as well as Windows.


#46 SolarWinds : A plethora of network discovery/monitoring/attack tools

SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more.


#47 Pwdump : A window password recovery tool

Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file.


#48 LSoF : LiSt Open Files

This Unix-specific diagnostic and forensics tool lists information about any files that are open by processes currently running on the system. It can also list communications sockets open by each process. For a Windows equivalent, check out Process Explorer from Sysinternals.


#49 RainbowCrack : An Innovative Password Hash Cracker

The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished.


#50 Firewalk : Advanced traceroute

Firewalk employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. This classic tool was rewritten from scratch in October 2002. Note that much or all of this functionality can also be performed by the Hping2 --traceroute option.


#51 Angry IP Scanner : A fast windows IP scanner and port scanner

Angry IP Scanner can perform basic host discovery and port scans on Windows. Its binary file size is very small compared to other scanners and other pieces of information about the target hosts can be extended with a few plugins.


#52 RKHunter : An Unix Rootkit Detector

RKHunter is scanning tool that checks for signs of various pieces of nasty software on your system like rootkits, backdoors and local exploits. It runs many tests, including MD5 hash comparisons, default filenames used by rootkits, wrong file permissions for binaries, and suspicious strings in LKM and KLD modules.


#53 Ike-scan : VPN detector/scanner

Ike-scan exploits transport characteristics in the Internet Key Exchange (IKE) service, the mechanism used by VPNs to establish a connection between a server and a remote client. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network. Most hosts running IKE will respond, identifying their presence. The tool then remains silent and monitors retransmission packets. These retransmission responses are recorded, displayed and matched against a known set of VPN product fingerprints. Ike-scan can VPNs from manufacturers including Checkpoint, Cisco, Microsoft, Nortel, and Watchguard.


#54 Arpwatch : Keeps track of ethernet/IP address pairings and can detect certain monkey business

Arpwatch is the classic ARP man-in-the-middle attack detector from LBNL's Network Research Group. It syslogs activity and reports certain changes via email. Arpwatch uses LibPcap to listen for ARP packets on a local ethernet interface.


#55 KisMAC : A A GUI passive wireless stumbler for Mac OS X

This popular stumbler for Mac OS X offers many of the features of its namesake Kismet, though the codebase is entirely different. Unlike console-based Kismet, KisMAC offers a pretty GUI and was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import and logging, and even some decryption and deauthentication attacks.


#56 OSSEC HIDS : An Open Source Host-based Intrusion Detection System

OSSEC HIDS performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. In addition to its IDS functionality, it is commonly used as a SEM/SIM solution. Because of its powerful log analysis engine, ISPs, universities and data centers are running OSSEC HIDS to monitor and analyze their firewalls, IDSs, web servers and authentication logs.


#57 Openbsd PF : The OpenBSD Packet Filter

Like Netfilter and IP Filter on other platforms, OpenBSD users love PF, their firewall tool. It handles network address translation, normalizing TCP/IP traffic, providing bandwidth control, and packet prioritization. It also offers some eccentric features, such as passive OS detection. Coming from the same guys who created OpenBSD, you can trust that it has been well audited and coded to avoid the sort of security holes we have seen in other packet filters.


#58 Nemesis : Packet injection simplified

The Nemesis Project is designed to be a commandline-based, portable human IP stack for UNIX/Linux (and now Windows!). The suite is broken down by protocol, and should allow for useful scripting of injected packet streams from simple shell scripts. If you enjoy Nemesis, you might also want to look at Hping2 as they complement each other well.


#59 Tor : An anonymous Internet communication system

Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, irc, ssh, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. For a free cross-platform GUI, users recommend Vidalia


#60 Knoppix : A general-purpose bootable live system on CD or DVD

Knoppix consists of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, rescue system, or as many nmap survey takers attest, a portable security tool. For a security-specific Linux distribution see BackTrack.


#61 ISS Internet Scanner : Application-level vulnerability assessment

Internet Scanner started off in '92 as a tiny open source scanner by Christopher Klaus. Now he has grown ISS into a billion-dollar company with a myriad of security products.


#62 Fport : Foundstone's enhanced netstat

Fport reports all open TCP/IP and UDP ports on the machine you run it on and shows what application opened each port. So it can be used to quickly identify unknown open ports and their associated applications. It only runs on Windows, but many UNIX systems now provided this information via netstat (try 'netstat -pan' on Linux). Here is a PDF-Format SANS article on using Fport and analyzing the results.


#63 chkrootkit : Locally checks for signs of a rootkit

chkrootkit is a flexible, portable tool that can check for many signs of rootkit intrusion on Unix-based systems. Its features include detecting binary modification, utmp/wtmp/lastlog modifications, promiscuous interfaces, and malicious kernel modules.


#64 SPIKE Proxy : HTTP Hacking

Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and directory traversal detection.


#65 OpenBSD : The Proactively Secure Operating System

OpenBSD is one of the only operating systems to treat security as their very highest priority. Even higher than usability in some cases. But their enviable security record speaks for itself. They also focus on stability and fight to obtain documentation for the hardware they wish to support. Perhaps their greatest achievement was creating OpenSSH. OpenBSD users also love [pf], their firewall tool.


#66 Yersinia : A multi-protocol low-level attack tool

Yersinia is a low-level protocol attack tool useful for penetration testing. It is capable of many diverse attacks over multiple protocols, such as becoming the root role in the Spanning Tree (Spanning Tree Protocol), creating virtual CDP (Cisco Discovery Protocol) neighbors, becoming the active router in a HSRP (Hot Standby Router Protocol) scenario, faking DHCP replies, and other low-level attacks.


#67 Nagios : An open source host, service and network monitoring program

Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services (smtp, pop3, http, nntp, ping, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method).


#68 Fragroute/Fragrouter : A network intrusion detection evasion toolkit

Fragrouter is a one-way fragmenting router - IP packets get sent from the attacker to the Fragrouter, which transforms them into a fragmented data stream to forward to the victim. Many network IDS are unable or simply don't bother to reconstruct a coherent view of the network data (via IP fragmentation and TCP stream reassembly), as discussed in this classic paper. Fragrouter helps an attacker launch IP-based attacks while avoiding detection. It is part of the NIDSbench suite of tools by Dug Song. Fragroute is a similar tool which is also by Dug Song.


#69 X-scan : A general scanner for scanning network vulnerabilities

A multi-threaded, plug-in-supported vulnerability scanner. X-Scan includes many features, including full NASL support, detecting service types, remote OS type/version detection, weak user/password pairs, and more. You may be able to find newer versions available here if you can deal with most of the page being written in Chinese.


#70 Whisker/libwhisker : Rain.Forest.Puppy's CGI vulnerability scanner and library

Libwhisker is a Perl module geared geared towards HTTP testing. It provides functions for testing HTTP servers for many known security holes, particularly the presence of dangerous CGIs. Whisker is a scanner that used libwhisker but is now deprecated in favor of Nikto which also uses libwhisker.


#71 Socat : A relay for bidirectional data transfer

A utility similar to the venerable Netcat that works over a number of protocols and through a files, pipes, devices (terminal or modem, etc.), sockets (Unix, IP4, IP6 - raw, UDP, TCP), a client for SOCKS4, proxy CONNECT, or SSL, etc. It provides forking, logging, and dumping, different modes for interprocess communication, and many more options. It can be used, for example, as a TCP relay (one-shot or daemon), as a daemon-based socksifier, as a shell interface to Unix sockets, as an IP6 relay, for redirecting TCP-oriented programs to a serial line, or to establish a relatively secure environment (su and chroot) for running client or server shell scripts with network connections.


#72 Sara : Security Auditor's Research Assistant

SARA is a vulnerability assessment tool that was derived from the infamous SATAN scanner. They try to release updates twice a month and try to leverage other software created by the open source community (such as Nmap and Samba).


#73 QualysGuard : A web-based vulnerability scanner

Delivered as a service over the Web, QualysGuard eliminates the burden of deploying, maintaining, and updating vulnerability management software or implementing ad-hoc security applications. Clients securely access QualysGuard through an easy-to-use Web interface. QualysGuard features 5,000+ unique vulnerability checks, an Inference-based scanning engine, and automated daily updates to the QualysGuard vulnerability KnowledgeBase.


#74 ClamAV : A GPL anti-virus toolkit for UNIX

ClamAV is a powerful AntiVirus scanner focused towards integration with mail servers for attachment scanning. It provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via the Internet. Clam AntiVirus is based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date.


#75 cheops / cheops-ng : Gives a simple interface to many network utilities, maps local or remote networks and identifies OS of machines

Cheops provides the functionality of many network utilities through a comfortable, powerful GUI. It has host/network discovery functionality as well as OS detection of hosts. Cheops-ng has the ability to probe hosts to see what services they are running. On some services, cheops-ng is actually able to see what program is running for a service and the version number of that program. The original Cheops program is currently not being developed or maintained so users are advised to use cheops-ng.


#76 Burpsuite : An integrated platform for attacking web applications

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyze, attack and exploit web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another.


#77 Brutus : A network brute-force authentication cracker

This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC Hydra.


#78 Unicornscan : Not your mother's port scanner

Unicornscan is an attempt at a User-land Distributed TCP/IP stack for information gathering and correlation. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network. Some of its features include asynchronous stateless TCP scanning with all variations of TCP flags, asynchronous stateless TCP banner grabbing, and active/passive remote OS, application, and component identification by analyzing responses. Like Scanrand, it isn't for the faint of heart.


#79 Stunnel : A general-purpose SSL cryptographic wrapper

The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries.


#80 Honeyd : Your own personal honeynet

Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Honeyd enables a single host to claim multiple addresses on a LAN for network simulation. It is possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. It is also possible to proxy services to another machine rather than simulating them. It has many library dependencies, which can make compiling/installing Honeyd difficult.


#81 Fping : A parallel ping scanning program

fping is a ping(1) like program which uses the Internet Control Message Protocol (ICMP) echo request to determine if a host is up. fping is different from ping in that you can specify any number of hosts on the command line, or specify a file containing the lists of hosts to ping. Instead of trying one host until it timeouts or replies, fping will send out a ping packet and move on to the next host in a round-robin fashion. If a host replies, it is noted and removed from the list of hosts to check. If a host does not respond within a certain time limit and/or retry limit it will be considered unreachable.


#82 BASE : The Basic Analysis and Security Engine

BASE is a PHP-based analysis engine to search and process a database of security events generated by various IDSs, firewalls, and network monitoring tools. Its features include a query-builder and search interface for finding alerts matching different patterns, a packet viewer/decoder, and charts and statistics based on time, sensor, signature, protocol, IP address, etc.


#83 Argus : A generic IP network transaction auditing tool

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information.


#84 Wikto : Web Server Assessment Tool

Wikto is a tool that checks for flaws in webservers. It provides much the same functionality as Nikto but adds various interesting pieces of functionality, such as a Back-End miner and close Google integration. Wikto is written for the MS .NET environment and registration is required to download the binary and/or source code.


#85 Sguil : The Analyst Console for Network Security Monitoring

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides realtime events from Snort/barnyard. It also includes other components which facilitate the practice of Network Security Monitoring and event driven analysis of IDS alerts.


#86 Scanrand : An unusually fast stateless network service and topology discovery system

Scanrand is a stateless host-discovery and port-scanner similar in design to Unicornscan. It trades off reliability for amazingly fast speeds and uses cryptographic techniques to prevent attackers from manipulating scan results. This utility is a part of a software package called Paketto Keiretsu which was written by Dan Kaminsky.


#87 IP Filter : Portable UNIX Packet Filter

IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services. It can either be used as a loadable kernel module or incorporated into your UNIX kernel; use as a loadable kernel module where possible is highly recommended. Scripts are provided to install and patch system files, as required. IP Filter is distributed with FreeBSD, NetBSD, and Solaris. OpenBSD users should see Openbsd PF and Linux users Netfilter.


#88 Canvas : A Comprehensive Exploitation Framework

Canvas is a commercial vulnerability exploitation tool from Dave Aitel's ImmunitySec. It includes more than 150 exploits and is less expensive than Core Impact, though it still costs thousands of dollars. You can also buy the optional VisualSploit Plugin for drag and drop GUI exploit creation. Zero-day exploits can occasionally be found within Canvas.


#89 VMware : Multi-platform Virtualization Software

VMware virtualization software lets you run one operating system within another. This is quite useful for security researchers who commonly need to test code, exploits, etc on multiple platforms. It only runs on Windows and Linux as the host OS, but pretty much any x86 OS will run inside the virtualized environment. It is also useful for setting up sandboxes. You can browse from within a VMware window so the even if you are infected with malware, it cannot reach your host OS. And recovering the guest OS is as simple as loading a "snapshot" from prior to the infection. VMware player (executes, but can't create OS images) and VMWare Server (partitions a physical server machine into multiple virtual machines) were recently released for free. Another interesting virtualization system (Linux focused) is Xen.


#90 Tcptraceroute : A traceroute implementation using TCP packets

The problem is that with the widespread use of firewalls on the modern Internet, many of the packets that the conventional traceroute(8) sends out (ICMP echo or UDP) end up being filtered, making it impossible to completely trace the path to the destination. However, in many cases, these firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections on. By sending out TCP SYN packets instead of UDP or ICMP ECHO packets, tcptraceroute is able to bypass the most common firewall filters.


#91 SAINT : Security Administrator's Integrated Network Tool

SAINT is another commercial vulnerability assessment tool (like Nessus, ISS Internet Scanner, or Retina). It runs on UNIX and used to be free and open source, but is now a commercial product.


#92 OpenVPN : A full-featured SSL VPN solution

OpenVPN is an open-source SSL VPN package which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN uses OpenSSL as its primary cryptographic library.


#93 OllyDbg : An assembly level Windows debugger

OllyDbg is a 32-bit assembler level analyzing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg features an intuitive user interface, advanced code analysis capable of recognizing procedures, loops, API calls, switches, tables, constants and strings, an ability to attach to a running program, and good multi-thread support. OllyDbg is free to download and use but no source code is provided.


#94 Helix : A Linux Distribution with Computer Forensics in Mind

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized Linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics. Helix has been designed very carefully to NOT touch the host computer in any way and it is forensically sound. Helix will not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.


#95 Bastille : Security hardening script for Linux, Mac OS X, and HP-UX

The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. Bastille can also assess a system's current state of hardening, granularly reporting on each of the security settings with which it works. Bastille currently supports the Red Hat (Fedora Core, Enterprise, and Numbered/Classic), SUSE, Debian, Gentoo, and Mandrake distributions, along with HP-UX and Mac OS X. Bastille's focuses on letting the system's user/administrator choose exactly how to harden the operating system. In its default hardening mode, it interactively asks the user questions, explains the topics of those questions, and builds a policy based on the user's answers. It then applies the policy to the system. In its assessment mode, it builds a report intended to teach the user about available security settings as well as inform the user as to which settings have been tightened.


#96 Acunetix Web Vulnerability Scanner : Commercial Web Vulnerability Scanner

Acunetix WVS automatically checks your web applications for vulnerabilities such as SQL Injection, cross site scripting, and weak password strength on authentication pages. Acunetix WVS boasts a comfortable GUI and an ability to create professional website security audit reports.


#97 TrueCrypt : Open-Source Disk Encryption Software for Windows and Linux

TrueCrypt is an excellent open source disk encryption system. Users can encrypt entire filesystems, which are then on-the-fly encrypted/decrypted as needed without user intervention beyond entering their passphrase intially. A clever hidden volume feature allows you to hide a 2nd layer of particularly sensitive content with plausible deniability about whether it exists. Then if you are forced to give up your passphrase, you give them the first-level secret. Even with that, attackers cannot prove that a second level key even exists.


#98 Watchfire AppScan : Commercial Web Vulnerability Scanner

AppScan provides security testing throughout the application development lifecycle, easing unit testing and security assurance early in the development phase. Appscan scans for many common vulnerabilities, such as cross site scripting, HTTP response splitting, parameter tampering, hidden field manipulation, backdoors/debug options, buffer overflows and more.


#99 N-Stealth : Web server scanner

N-Stealth is a commercial web server security scanner. It is generally updated more frequently than free web scanners such as Whisker/libwhisker and Nikto, but do take their web site with a grain of salt. The claims of "30,000 vulnerabilities and exploits" and "Dozens of vulnerability checks are added every day" are highly questionable. Also note that essentially all general VA tools such as Nessus, ISS Internet Scanner, Retina, SAINT, and Sara include web scanning components. They may not all be as up-to-date or flexible though. N-Stealth is Windows only and no source code is provided.


#100 MBSA : Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Apparently MBSA on average scans over 3 million computers each week.
Read More...