Penetration Testing mailing list archives

Subject: 2006 Tool Survey Released - SecTools.Org

From: "Michael Painter" <tvhawaii () shaka com>
Date: Wed, 21 Jun 2006 13:07:02 -1000

Posted with Fyodor's permission:
~~~~~~~~~~~~~~~~~~~~~~~~
Hello Everyone,

I am pleased to release the results of the 2006 top security tools
survey.  I found them quite interesting in 2000 and 2003, so I'm glad
that 3,243 of you answered this year.  I learned about many neat
projects while tabulating and writing them up.  It is also interesting
to see the rise of exploitation frameworks.  Metasploit, Impact, and
Canvas all made the list for the first time.  Wireless tools such as
Kismet and Aircrack (new) had a good showing, while many vulnerability
scanners dropped significantly in rank (ISS Scanner: -47;
Whisker/libwhisker: -60; Sara: -46; SAINT: -67; N-Stealth: -72).
Nessus kicked their butts, retaining the #1 spot despite closing their
source code as of the Nessus 3 release.  But they better not get
complacent, because Nikto, Languard, and Retina aren't all that far
behind.  44 tools are new to the list, including Paros Proxy, Scapy,
the BackTrack LiveCD, Webscarab, p0f, and Ike-scan.

I maybe went a little overboard in creating a whole site for the 2006
list.  It expands the list to 100 tools, includes category-specific
pages (sniffers, crackers, etc.), better ranking information, more
detailed descriptions, logo eye candy, and more.  You can find it at:

http://SecTools.Org

I hope you find this new site useful!
-Fyodor


_______________________________________________
Sent through the nmap-hackers mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-hackers


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?Why not go with the #1 solution - Cenzic, the only one to win the Analyst'sChoice Award from eWeek. As attacks through web applications continue to rise,you need to proactively protect your applications from hackers. Cenzic has themost comprehensive solutions to meet your application security penetrationtesting and vulnerability management needs. You have an option to go with amanaged service (Cenzic ClickToSecure) or an enterprise software(Cenzic Hailstorm). Download FREE whitepaper on how a managed service canhelp you: http://www.cenzic.com/news_events/wpappsec.phpAnd, now for a limited time we can do a FREE audit for you to confirm yourresults from other product. Contact us at request () cenzic com for details.

------------------------------------------------------------------------------

Current thread:

RE: Unix auditing tools - Windows based. MARTIN Benoni (Jun 08)
- <Possible follow-ups>
- RE: Unix auditing tools - Windows based. Michael Gargiullo (Jun 08)
  - Re: Unix auditing tools - Windows based. Morning Wood (Jun 09)
- Re: Unix auditing tools - Windows based. Michael Werwein (Jun 08)
- RE: Unix auditing tools - Windows based. Damien Dinh (Jun 09)
  - SV: Unix auditing tools - Windows based. Niklas Blomquist (Jun 09)
- RE: Unix auditing tools - Windows based. Michael Gargiullo (Jun 20)
  - Subject: 2006 Tool Survey Released - SecTools.Org Michael Painter (Jun 21)
- RE: Unix auditing tools - Windows based. Nick Besant (Jun 22)
  - RE: Unix auditing tools - Windows based. Robert Stull (Jun 23)