Top tools for Security Analysis

0 votes
Hello.

Which are the most used tools by Security Analyst to analyse the network security?
Dec 17, 2018 in Career Counselling by Karan
• 420 points
10 views

2 answers to this question.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.
0 votes
  • Shodan
  • Maltego
  • Burp Suite
  • ZAP
  • SQLMap
  • Highlighter
answered Dec 17, 2018 by Mihir
0 votes

Hi Karan, here are some security analysis tools that are used for network security:

  • SQLMap – It detects SQL injection vulnerability in a website database. It can be used on a wide range of databases and supports 6 kinds of SQL injection techniques: time-based blind, boolean-based blind, error-based, UNION query, stacked queries and out-of-band. It can directly connect to the database without using an SQL injection and has great database fingerprinting and enumeration features. Download from here: http://sqlmap.org/
  • W3af – It is a web application audit and attack framework that is effective against over 200 vulnerabilities. It has a GUI with expert tools which can be used to send HTTP request and cluster HTTP responses. If a website is protected, it can use authentication modules to scan them. Output can be logged into a console, a file or sent via email. Download from here: http://w3af.org/
  • Vega – It is a vulnerability scanning and testing tool written in Java. It works with OS X, Linux and Windows platforms. It is GUI enabled and includes an automated scanner and an intercepting proxy. It can detect web application vulnerabilities like SQL injection, header injection, cross site scripting etc. It can be extended through a javascript API. Download it from here: https://subgraph.com/vega/
  • ZED Attack Proxy (ZAP) – It was developed by AWASP and is available for Windows, Unix/Linux and Macintosh platforms. It has high ease of use. It can be used as a scanner or to intercept a proxy to manually test a webpage. Its key features are traditional and AJAX spiders, Fuzzer, Web socket support and a REST based API. Download it from here: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
  • Google Nogotofail – It is a network traffic security testing tool. It checks application for known TLS/SSL vulnerabilities and mis-configurations. It scans SSL/TLS encrypted connections and checks whether they are vulnerable to man-in-the-middle (MiTM) attacks. It can be set up as a router, VPN server or proxy server. Download it from here: https://github.com/google/nogotofail
  •  BeEF (Browser Exploitation Framework) – It detects application weakness using browser vulnerabilities. It uses client-side attack vectors to verify security of an application. It can issue browser commands like redirection, changing URLs, generating dialogue boxes etc. Download from here: http://beefproject.com/
  •  Wapiti – It performs a blackbox scan and injects payloads to check if a script is vulnerable. It supports both GET and POSTHTTP attack methods. It detects vulnerabilities like file Disclosure, file inclusion, cross Site Scripting (XSS), weak .htaccess configuration etc. Download from here: http://wapiti.sourceforge.net/
  • Iron Wasp – It is a GUI based powerful scanning tool which can check over 25 kinds of web vulnerabilities. It can detect false positives and false negatives. It is built on Python and Ruby and generates HTML and RTF reports. Download it from here: https://ironwasp.org/
answered Apr 4 by Darshan

Related Questions In Career Counselling

0 votes
1 answer
0 votes
3 answers

Which are the tools used for Data Modeling?

hey. Tools used for data mining listed below: Archi A ...READ MORE

answered Apr 5 in Career Counselling by sumit
48 views
0 votes
2 answers

Essential skills for Security Analyst

The skills essential for a Security Analyst ...READ MORE

answered Apr 5 in Career Counselling by Lilly
10 views
0 votes
2 answers

What tools does a Cyber Security Engineer use?

The Security tools used by Security Engineers ...READ MORE

answered Apr 8 in Career Counselling by Yugesh
13 views
0 votes
2 answers

Salary for Security Administrator

For freshers, if you have good certifications and skills, then ...READ MORE

answered Apr 9 in Career Counselling by Sunny
17 views
0 votes
2 answers

What skills do Security Administrator need?

A Security Admin must have excellent knowledge ...READ MORE

answered Apr 9 in Career Counselling by Sandeep
11 views
0 votes
3 answers

What does a Security Administrator do?

A Security Admin is a person who ...READ MORE

answered Apr 9 in Career Counselling by Sandy
15 views
0 votes
2 answers

Security Administrator Tools

The Top free tools being used by ...READ MORE

answered Apr 9 in Career Counselling by Sharan
14 views
0 votes
2 answers

Which are some good tools for Database Management?

There are a whole lot of Database ...READ MORE

answered Jan 24 in Career Counselling by Krutika
26 views
0 votes
2 answers

Which are the languages and tools used for Blockchain Development?

Blockchain is a Technology and has two ...READ MORE

answered Feb 8 in Career Counselling by Kishan
32 views

© 2018 Brain4ce Education Solutions Pvt. Ltd. All rights Reserved.
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.