Threat Intelligence

6/5/2018
10:05 AM

10 Open Source Security Tools You Should Know

Open source tools can be the basis for solid security and intense learning. Here are 10 you should know about for your IT security toolkit.
2 of 11

Nessus: Visibility
In many ways, security starts with understanding the situation. For a couple of generations of IT security professionals, understanding their networks' vulnerabilities starts with Nessus from Tenable. According to sectools.org, Nessus is the most popular vulnerability scanner and third most popular security program currently in use.
Nessus comes in both free and commercial versions. The current version, Nessus 7.1.0, is a commercial program, though it is free for personal home use. Version 2, which was current as of 2005, is still open source and free.
Tenable has maintained Version 2, though in the best tradition of open source software, it has forked and developed in several different directions. Nessus knowledge remains a valuable career skill.
(Image: Tenable)

Nessus: Visibility

In many ways, security starts with understanding the situation. For a couple of generations of IT security professionals, understanding their networks' vulnerabilities starts with Nessus from Tenable. According to sectools.org, Nessus is the most popular vulnerability scanner and third most popular security program currently in use.

Nessus comes in both free and commercial versions. The current version, Nessus 7.1.0, is a commercial program, though it is free for personal home use. Version 2, which was current as of 2005, is still open source and free.

Tenable has maintained Version 2, though in the best tradition of open source software, it has forked and developed in several different directions. Nessus knowledge remains a valuable career skill.

(Image: Tenable)

2 of 11
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
lulzsec
50%
50%
lulzsec,
User Rank: Apprentice
6/21/2018 | 9:28:50 AM
Re: report on tools in .pdf format
nice OPSEC dude - hope soccer season is going well!

 

https://www.linkedin.com/in/marc-kolenko-cissp-ceh-ccsk-m-s-mgmt-8854971
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
6/20/2018 | 12:46:39 PM
Re: report on tools in .pdf format
Great security here - wow, posting a military email address.  YOU just opened up your email a bit.  Hope that was worth the risk.  Don't do THAT ever again. 
Jon M. Kelley
100%
0%
Jon M. Kelley,
User Rank: Strategist
6/12/2018 | 9:49:10 AM
Paragraph per screen - slowly for Users
Sorry, if I was on your network, I might go through all 11 of your screens. 

Unfortunately I live behind a protective system, and every new page link from DarkReading takes a minute or more to pop up.  The info provided be the multiply is seldom worth the frustration of waiting for it.
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
8 Security Tips for a Hassle-Free Summer Vacation
Steve Zurier, Freelance Writer,  6/23/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11446
PUBLISHED: 2018-06-25
The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tr...
CVE-2018-12062
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka t...
CVE-2018-12063
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPri...
CVE-2018-12067
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka t...
CVE-2018-12068
PUBLISHED: 2018-06-25
The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka ...