Security for IT pros
For IT security and Forensics pros :
- VPN and zero-trust protocols
- Darkweb - Tor
- Network troubleshooting
- Penetration testing
- Network security
- Vulnerability assessment
- Password tools
- Intrusion Detection Systems (IDS)
Favorite proprietary, open source and freeware tools
VPN and Zero-trust protocols
Twingate enables organizations to rapidly implement a modern zero trust network that is more secure and maintainable than VPNs. Delivered as a cloud-based service, Twingate empowers IT teams to easily configure a software defined perimeter without changing infrastructure, and centrally manage user access to internal apps, whether they are on-prem or in the cloud.
Twingate is a secure remote access solution for an organization’s private applications, data, and environments, whether they are on-premise or in the cloud. Built to make the lives of DevOps teams, IT/infrastructure teams, and end users easier, it replaces outdated business VPNs which were not built to handle a world in which "work from anywhere" and cloud-based assets are increasingly the norm.
Twingate’s modern zero trust-based approach to securing remote access focuses on improving security, while not compromising on usability and maintainability. Twingate distinguishes itself from other solutions in the following ways:
- Software-only solution can be deployed alongside existing solutions in minutes, without requiring changes to existing infrastructure.
- Enables least privilege access at the application level without requiring networks to be re-architected.
- Centralized admin console, coupled with extensive logging capabilities, provides control and visibility over an enterprise’s entire network.
- Scales up to support more users and resources without burdening IT teams with network segmentation projects or buying new hardware.
- Client agents can be set up by users without IT support, are always on, and do not require user interaction once enabled.
- User internet connectivity is improved due to split tunneling, no backhauling, and an intelligent client agent that handles authorization and routing activities on device.
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it plans to be cross-platform and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful and easy-to-use multi-protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD and Solaris.
SoftEther VPN is not only an alternative VPN server to existing VPN products (OpenVPN, IPsec and MS-SSTP). SoftEther VPN has also original strong SSL-VPN protocol to penetrate any kinds of firewalls. Ultra-optimized SSL-VPN Protocol of SoftEther VPN has very fast throughput, low latency and firewall resistance.
The VPN server runs on Windows, Linux, FreeBSD, Solaris and Mac OS X.
The source-code of SoftEther VPN is available under GPL license in mid 2013.
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.
strongSwan is an Open Source IPsec-based VPN solution for Linux and other UNIX based operating systems implementing both the IKEv1 and IKEv2 key exchange protocols.
tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet.
In addition, tinc has the following features:
- Encryption, authentication and compression All traffic is optionally compressed using zlib or LZO, and LibreSSL or OpenSSL is used to encrypt the traffic and protect it from alteration with message authentication codes and sequence numbers.
- Automatic full mesh routing Regardless of how you set up the tinc daemons to connect to each other, VPN traffic is always (if possible) sent directly to the destination, without going through intermediate hops.
- NAT traversal As long as one node in the VPN allows incoming connections on a public IP address (even if it is a dynamic IP address), tinc will be able to do NAT traversal, allowing direct communication between peers.
- Easily expand your VPN When you want to add nodes to your VPN, all you have to do is add an extra configuration file, there is no need to start new daemons or create and configure new devices or network interfaces.
- Ability to bridge ethernet segments You can link multiple ethernet segments together to work like a single segment, allowing you to run applications and games that normally only work on a LAN over the Internet.
- Runs on many operating systems and supports IPv6 Currently Linux, FreeBSD, OpenBSD, NetBSD, OS X, Solaris, Windows 2000, XP, Vista and Windows 7 and 8 platforms are supported. See our section about supported platforms for more information about the state of the ports. tinc has also full support for IPv6, providing both the possibility of tunneling IPv6 traffic over its tunnels and of creating tunnels over existing IPv6 networks.
A secure socks5 proxy, designed to protect your Internet traffic.
Super Fast Bleeding edge techniques using Asynchronous I/O and Event-driven programming.
Flexible Encryption Secured with industry level encryption algorithm. Flexible to support custom algorithms.
Mobile Ready Optimized for mobile device and wireless network, without any keep-alive connections.
Cross Platform Avaliable on multiple platforms, including PC, MAC, Mobile (Android and iOS) and Routers (OpenWRT).
Open Source Totally free and open source. A worldwide community devoted to deliver bug-free code and long-term support.
Easy Deployment Easy deployment with pip, npm, aur, freshports and many other package manager systems.
The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries. It calls the underlying crypto libraries, so stunnel supports whatever cryptographic algorithms you compiled into your crypto package.
Dante is a product developed by Inferno Nettverk A/S. It consists of a SOCKS server and a SOCKS client, implementing RFC 1928 and related standards. It is a flexible product that can be used to provide convenient and secure network connectivity.
Inferno Nettverk A/S provides commercial services related to Dante, including 24/7 phone support, customized installations/tuning, development, porting and embedding. For more information about support, please see the Dante support page.
Once installed, Dante can in most cases be made transparent to clients, providing functionality somewhat similar to what could be described as a non-transparent Layer 4 router. For customers interested in controlling and monitoring access in or out of their network, the Dante SOCKS server can provide several benefits, including security and TCP/IP termination (no direct contact between hosts inside and outside of the customer network), resource control (bandwidth, sessions), and logging (host information, data transferred).
The Dante SOCKS server interoperates with many popular network applications which already have SOCKS support built in to them, such as most web-browsers, instant messaging programs, Bloomberg terminals, and many others.
Developed by Inferno Nettverk A/S, Dante is released under a BSD/CMU-type license and comes with complete source code.
Dante is used daily by Fortune 100 companies and large international organizations, both as a standard (forward) proxy server and as a reverse proxy server.
Darkweb - Tor
Tor is free portable software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.
Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.
The Tor Browser lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.
Torifier lets you tunnel software applications through Tor without the need to reconfigure them. An application is not required to have native proxy support in order to work with Torifier. Torifier is a Tor bundle, meaning the program will install the Tor software and will manage it for you.
Reliable and free network scanner to analyse LAN. The program shows all network devices, gives you access to shared folders, provides remote control of computers (via RDP and Radmin), and can even remotely switch computers off. It is easy to use and runs as a portable edition. It should be the first choice for every network admin.
Wifi Analyzer is a handy tool which helps you to select a better channel for your wireless router. It turns you android phone into a handy Wi-Fi analyzer!
App Permissions (from Google Play)
Version 3.8.5 can access: -modify or delete the contents of your USB storage -test access to protected storage -view Wi-Fi connections -connect and disconnect from Wi-Fi -prevent device from sleeping -full network access -view network connections -install shortcuts
Angry IP scanner is a very fast IP address and port scanner.
It can scan IP addresses in any range as well as any their ports. It is cross-platform and lightweight. Not requiring any installations, it can be freely copied and used anywhere.
Angry IP scanner simply pings each IP address to check if it’s alive, then optionally it is resolving its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be extended with plugins.
It also has additional features, like NetBIOS information (computer name, workgroup name, and currently logged in Windows user), favorite IP address ranges, web server detection, customizable openers, etc.
Scanning results can be saved to CSV, TXT, XML or IP-Port list files. With help of plugins, Angry IP Scanner can gather any information about scanned IPs. Anybody who can write Java code is able to write plugins and extend functionality of Angry IP Scanner.
In order to increase scanning speed, it uses multithreaded approach: a separate scanning thread is created for each scanned IP address. The full source code is available, see the download page.
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark has a rich feature set which includes the following:
-Deep inspection of hundreds of protocols, with more being added all the time -Live capture and offline analysis -Standard three-pane packet browser -Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others -Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility -The most powerful display filters in the industry -Rich VoIP analysis -Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others -Capture files compressed with gzip can be decompressed on the fly -Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform) -Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2 -Coloring rules can be applied to the packet list for quick, intuitive analysis -Output can be exported to XML, PostScript®, CSV, or plain text
Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.
In fact, Aircrack-ng is a set of tools for auditing wireless networks.
NetCut is a Tool helping Discover who is on your wireless/Wire network instantly. (IP/Device name/MAC address), Iphone/Xbox/Wii/PS3andriod/andriod Netcut Works in office LAN, school LAN/ISP LAN or or even Iphone/Xbox/Wii/PS3andriod/andriod network NetCut can Find/export all MAC address in your network in seconds NetCut can Turn off & on network on any device , computer/phone/xbox/wii/Router/switcher in your LAN. And netCut can Protect user from ARP SPOOF attacks More over netCut can Change MAC address on any adapter. Least but not last, With Netcut you can Clone MAC address from any device of your network to your own adapter.
Netcut defender is a free tool offered by arcai.com to keep your network’s (including WI-FI) internet speed super fast. protect your PC from ARP spoofing attack. typically arp spoofing from netCut(which is another 10 years age product of same company from arcai.com)
100% guaranteed internet connection speed stay fast.
Protect all your network connections including WI-FI in one place.
No setup configuration required. zero network knowledge required. install / run and forget about it. oh, maybe one thing will remind you, “how in the world my WI-FI/network could run so fast”.
With this free little tool, now you can safely browse at free WI-FI internet at McDonalds or star bucks
It also come with a internet speed testing check . a Mac address Brand checker
NetCut Defender can do
Easy to use, automatically protect all network of your PC away from Netcut cut off. or any other ARP spoofing.
Fast, Ensure Internet Gateway address spoof proof.
Safe, worry free. 24×7 running automatically.
No need configuration. no network knowledge required. no need to know any thing about your network. just run and enjoy the safe network.
The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.
Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose - for free. This helps prioritize remediation and eliminate false positives, providing true security risk intelligence. IT professionals can demonstrate the impact of vulnerabilities to IT operations to obtain buy-in for remediation.
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing, originally forked from Backtrack Linux by the Offensive Security team.
Kali Linux is preinstalled with numerous penetration-testing programs, including Nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs). Users may run Kali Linux from a hard disk, live CD, or live USB. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.
Kali Linux is distributed in 32- and 64-bit images for use on hosts based on the x86 instruction set, as well as an image for the ARM architecture for use on the Raspberry Pi computer and on Samsung's ARM Chromebook.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
Intrusion Detection Systems (IDS)
Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.