Premium Content

Access "Security audit tools: Vendors every auditor should use"

Caroline Fennelly, Contributor Published: 03 Mar 2003

Here's a representative list1: Google A real hacker thinks outside the box and learns to use tools in a way they may not have been intended. While the Google search engine is not, strictly speaking, an auditing tool, it's great for gathering information about a site. For example, trying entering "@my company.com" (where "mycompany" is your domain). Sometimes, this can yield some good data, such as a system administrator posting technical details about his site, which conveniently contains his account name. Google is like the Unix "grep" command on steroids. Utility Tools These are single-purpose tools that may either be native to the operating system or freely available. Utility tools require a manual approach, though they are often included in customized scripts--or even commercial products. Pros: Utility tools are freely available and are tightly focused for a specific task, making them more efficient. Cons: It requires skill to use them. For a large audit, manual testing is time-consuming and may produce inconsistent results, depending on the skill of the... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free