Free open source security tools for finding and fixing Windows flaws

IT pros searching for ways to find Windows flaws should look no further. This list of must-have free open source security tools provides numerous options for staying a step ahead.

There's no shortage of free and open source security tools to help you stay on top of desktop security and fix

Windows flaws.

You're no doubt being pressured from every possible angle (business partners, customers, industry bodies, the government, etc.) to keep your Windows systems secure, yet you continue to struggle to get the money needed to buy the best services for keeping enterprise systems in check. I see this scenario time and again.

What can you do about it? Well, you can drown your sorrows, or you can move ahead with some well-known freebie alternatives that can not only help you get by, but also move forward with Windows security testing. Here are some free open source security tools you should know about for finding and addressing Windows flaws:

Password crackers

John the Ripper -- A password-cracking tool for Windows LANManager (and other programs) that has provided the foundation for most other password crackers.

Brutus -- A Web, FTP, Telnet, etc. password cracker that's old and often unstable, but it still works in many situations.

Cain & Abel -- A password cracker and network analyzer that's great for showing how weak passwords, Voice over Internet Protocol conversations and other content travel in clear text.

Ophcrack -- Live boot disk for cracking Windows passwords using Rainbow Tables; great for demonstrating why you need full-disk encryption.

THC-Hydra -- Password cracker similar to Brutus that's great for cracking weak passwords running on Windows desktop services.

Port and vulnerability scanners

Microsoft Baseline Security Analyzer -- Good overall scanner for uncovering the very basic Windows flaws.

Nexpose Community -- Commercial-powered vulnerability scanner for up to 32 hosts without the commercial price tag.

OpenVAS -- Open source branch of the now-commercialized Nessus tool that everyone used to clamor over.

SuperScan -- Graphical user interface-based port scanner that helps when looking for live hosts and open ports.

Web and SQL Server security tools

Sqlninja -- Perl-based SQL Server hacking tool for exploiting all sorts of SQL Server flaws on overlooked systems that you forgot you had running on Windows desktops.

SQLPing -- SQL Server discovery tool with built-in password cracking.

Open source security tools for Wi-Fi

Aircrack-ng -- Oldie but goodie WEP and WPA-PSK cracking program.

Hashcat -- Graphics processing unit-based cracking tool for Wi-Fi Protected Access (WPA) and WPA Version 2.

Reaver -- Wi-Fi Protected Setup (WPS) attack tool for exploiting the new side-channel flaw in WPA.

Miscellaneous open source security tools

BackTrack Linux -- All-in-one toolkit with niche Linux-based tools for poking and prodding around on the network.

Metasploit -- Exploit framework that allows you to exploit vulnerabilities you uncover with vulnerability scanners to show tangible evidence of what can happen.

Social Engineer Toolkit -- Tools for human hacking to bring out the worst in your users.

Sysinternals -- Toolset that allows you to get to the innards of Windows unlike any others.

Windows XP Mode and VirtualBox -- Virtual machine environments where you can load and run testing tools without gumming up your main Windows systems.

Wireshark -- Tried and true network analyzer that's an excellent security tool (download PDF) no Windows admin should be without.

The bottom line on open source security tools

Keep in mind that this is not a comprehensive list, but rather a grouping of free and open source security tools that can be used for testing Windows flaws. Most of these tools are being kept up to date by their authors and/or the community -- an often-overlooked, yet important, characteristic of security testing tools. Also, some are more enterprise-ready than others, so your mileage will no doubt vary.

Finding Windows flaws will still take time when using free and open source security tools, but that doesn't mean they're not worth using. If these tools don't offer quite enough, there are cheap commercial security testing tools for Windows environments from companies such as TamoSoft, Northwest Performance Software and Elcomsof Proactive Software.

Any amount of security testing and controls is much better than the alternative. Finding Windows flaws is critical, but so is your analysis of the results. Experience goes a long way here, regardless of how you uncover the flaws. This list of free and open source security tools is just a starting point for putting you ahead of the curve.

ABOUT THE AUTHOR:
Kevin Beaver
is an information security consultant, expert witness, author and professional speaker at Atlanta-based Principle Logic LLC. With over 23 years of experience in the industry, he specializes in performing independent security assessments revolving around minimizing information risks. Beaver has authored/co-authored 10 books on information security, including The Practical Guide to HIPAA Privacy and Security Compliance and Hacking For Dummies. In addition, he's the creator of the Security On Wheels information security audio books and blog, providing security learning for IT professionals on the go. You can reach him through his website www.principlelogic.com, on LinkedIn or follow him on Twitter at @kevinbeaver.

This was first published in March 2012

Dig deeper on Endpoint security management tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close