There's an old saying that goes something like this: "When he makes a mistake, the wise carpenter blames himself, but the unwise carpenter blames his tools." All issues of blame aside, it's impossible for any craftsperson to practice a craft without the right tools. To that end, I want to highlight some great collections of security tools here, and ask readers to submit their own favorites for further coverage and consideration as I update this compendium over time.
The table provides a list of several well-known and highly-regarded collections of information security tools. Some are profoundly Windows-oriented, others less so; all are worth at least an occasional visit to see what's new and interesting in their various and widely varied collections.
| Name/URL | Description |
|---|
| Anti-Hacker Toolkit |
Points to current versions of all tools mentioned in Mike Shema & Bradley Johnson's Osborne/McGraw-Hill eponymous book |
| CERIAS Hotlist |
Tools show up under "system security" and "network security" headings at Purdue's Center for Education and Research in Information Assurance and Security |
| CERT Coordination Center |
Hundreds of tools across numerous categories from the Computer Emergency Response Team at CMU |
| Hacking Exposed Tools |
The authors of this great series of books maintain pointers to all current versions of tools mentioned in their various publications |
| Insecure.org Top 75 |
Top security tools recommended at another leading portal (but not all are Windows-based) |
| Microsoft Security Tools |
Lots of Microsoft's own security tools |
| Security Focus Tools Archive |
13 pages of pointers to useful tools at a leading security portal site |
| Security Wizards Security Tools |
A choice list of security tools from a great infosec resource on many fronts |
| SourceForge Security Projects |
Over 1,000 open source security projects/programs/products are documented here, including many gems |
| WindowsSecurity tools |
Click the Software link in the left-hand menu at this great portal site to find pointers to security tools in 16 categories. |
Though there are hundreds more such sites out there, I decided to draw the line at 10, and ask for feedback and more input. Please e-mail me at tom@taliv.net with your nominations, suggestions, questions, or comments.
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.
