7/18/2015

18FreeSecurityToolsforSysAdmins

MENU

Like what you see? Subscribe to our blog feed and never miss a post.
Enter your email address*
Subscribe

18 Free Security Tools for SysAdmins

(3 votes, average: 5.00 out of 5)

9 comments

Here are 18 of the best free security tools for password recovery, password management, penetration testing,
vulnerability scanning, steganography and secure data wiping. This list is intended to supplementthe list
provided on 101 Free Admin Tools. Additionally, other tools that can also be used for security purposes (e.g.
file or disk level encryption) can be found on Top 20 Free Disk Tools for SysAdmins. Even if you may have
heard of some of these tools before, Im confident that youll find a gem or two amongst this list.

01 BackTrack
BackTrack is a free bootable Linux distribution that contains a plethora of open source tools that you can use for
network security and penetration testing. The tools are organized into different categories such as Information
Gathering, Vulnerability Assessment, Exploitation Tools, Privilege Escalation and Maintaining Access,
amongst others.

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

1/15

7/18/2015

18FreeSecurityToolsforSysAdmins

When you boot into BackTrack, you are taken to a Linux shell where you will need to enter startx to load the
GUI. When the BackTrack GUI has loaded, click the Install BackTrack shortcut on the desktop to initiate the
BackTrack installation. Once complete, reboot the machine and access the tools from Applications > BackTrack.

Kali Linux
Note: When BackTrack was taken over by a commercial entity, they remained committed to sustaining an
open source security and penetration testing distribution and re-built BackTrack from the ground up into what
is now known as Kali Linux. Kali Linux is another useful addition to your security toolkit and will eventually
render BackTrack redundant. Download it fromhereand try it out for yourself.

02 Cain & Abel

Cain & Abel allows you to recover passwords by sniffing the network, cracking encrypted passwords,
recording VoIP conversations, decoding scrambled passwords, and revealing password boxes, amongst others.
It also contains an Access Database password decoder, RDP password decoder, VNC password decoder and
Hash Calculator.

When you launch Cain & Abel, start by exploring the Decoders tab and the Cracker tab this is where you can
set Cain & Abel to decode and display passwords for various protocols or applications. You should also check
out the Sniffer tab this is where you can capture usernames and passwords as they travel across the network
between different hosts.

03 Password Safe
Password Safe allows you to create an encrypted database container for listing all your usernames and
passwords, which can only be accessed by means of a master password. The encrypted database container
file can be backed up and transferred between locations for convenience.

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

2/15

7/18/2015

18FreeSecurityToolsforSysAdmins

When you load Password Safe for the first time, youll first need to create a new Password Safe Database and
then enter a Safe Combination which will be used to encrypt the database. The Safe Combination will be used
every time you wish to gain access to the list of passwords. Once youve created the database, right click on a
blank area within the main window and choose Create Entry to create a new entry here, youll be able to
store a username, a password and any relevant notes.
Tip: Password Safe contains an in-built Password Generator which you can access from Manage > Generate
Password, or by using CTRL + P.

04 Eraser
Eraser allows you to completely remove data from your hard drive by overwriting each data block several
times using an erasure method of your choice.

To get started, open Eraser, right click anywhere on the blank section of the main window and click New
Task. You will be asked to select when the task should be run, the data you wish to remove and the erasure
method to be used (e.g. US Air Force 5020 (3 passes) or Gutmann (35 passes)).

05 Security Onion
Security Onion is a Linux distribution tailored for use as an IDS (Intrusion Detection System) and NSM (Network
Security Monitoring) toolkit. It contains tools like Snort, ELSA, Xplico, and NetworkMiner and the in-built setup
wizard makes it easy to use.

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

3/15

7/18/2015

18FreeSecurityToolsforSysAdmins

When you boot from the Security Onion ISO file, you are given the option to launch the live system or system
installer. If you choose to launch the live system you will be taken to an Ubuntu-based Linux interface with a
series of tools available for you to use. You will also have the ability to launch the Security Onion setup wizard.

06 Rapid7 MetaSploit Community Edition

Metasploit Community Edition allows you to simulate attacks on your network to uncover security issues.
Features include the ability to discover network assets, conduct basic penetration tests and exploit individual
vulnerabilities.
Tip: Rapid7s Nexpose Vulnerability Scanner (Community Edition) integrates with MetaSploit Community
Edition to offer increased functionality.
Note: MetaSploit also comes in a Framework edition which is the original open source platform for manual
exploitation and brute forcing via a command line interface.

When you launch the MetaSploit Community UI, youll first need to create an account and enter a product
licence key (which you can obtain for free when downloading the installation package). You can then get
going immediately by performing a network discovery from the Overview tab.

07 WinDump
WinDump is essentially TcpDump for Windows. TcpDump is a powerful network packet analyser for Linux that
can be used for network debugging and security monitoring. Using WinDump allows you to have the same
functionality as TcpDump in a Windows environment.

WinDump requires WinPcap 3.1 or above to be installed. Once youve installed this, simply execute
windump.exe from a command line to initiate the packet capture process. Unless you wish to perform a live
http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

4/15

7/18/2015

18FreeSecurityToolsforSysAdmins

analysis, dumping the results to a text file is recommended. To do this, type windump >> c:\folder\textfile.txt
in the command prompt, and replace the text file location with one of your choice.

08 Network Security Toolkit (NST)

Network Security Toolkit (NST) is a bootable live CD containing a wealth of open source network security tools
that can be used by security professionals for network security analysis, validation, testing and monitoring.

When you boot from the NST ISO file, you first choose whether you wish to launch the command-line version or
the GUI version. If you choose the command-line version, youll need to run the tools manually by issuing a
series of commands and parameters. If you choose the GUI version, a Linux type environment will load giving
you the option of installing the NST tools to disk or running them directly from the Activities menu.

09 OpenVAS
OpenVAS is an open source Vulnerability Assessment System that offers a selection of tools and services for
vulnerability scanning and vulnerability management. The security scanner feeds off an online database of
over 30,000 network vulnerability tests and is updated regularly.

When you launch the OpenVAS web UI you can launch a quick scan against an IP address or hostname or
create a new task manually from the Scan Management tab. When the scan is complete you can view the
results and download a report detailing the open ports, vulnerabilities found and the information log.
http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

5/15

7/18/2015

18FreeSecurityToolsforSysAdmins

10 OpenPuff
Steganography is all about hiding in plain sight. Essentially you are hiding data within data. OpenPuff is a
steganography tool with features that include multi-level encryption, pseudo random number generator
based data scrambling, whitening, and encoding which make for a strong steganography algrithm. OpenPuff
also includes the ability to add a decoy password to reveal decoy data (in case you were ever suspected of
receiving a steganography file and asked to reveal the data) as well as the ability to split the hidden data over
multiple files (carriers).

To initiate data hiding, launch OpenPuff and press the Hide button. Follow the four step process to enter a
password, add the secret data, add the carrier files, and choose the level of bit selection to be used. Optionally,
add decoy data and then click Hide Data! to begin.

11 Freeraser
Freeraser is a data shredder tool that permanently deletes data by overwriting the data blocks with random
data multiple times. Freeraser offers three options for data destruction a fast option which uses 1 round, a
forced option which uses 3 rounds and an ultimate option which uses 35 rounds of overwriting with random
data.

When Freeraser is open, a large recycle bin icon will appear on the desktop. To erase files, simply drag them to
the icon. A warning message will pop up stating that the data will be permanently destroyed if you continue.
You can also choose which files to remove by right clicking on the icon and selecting Select File to Destroy.

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

6/15

7/18/2015

18FreeSecurityToolsforSysAdmins

12 OpenStego
OpenStego is a basic easy-to-use steganography tool that takes any secret message file as input and embeds
it into a cover file to create a resulting image. You are given the option to compress and encrypt data and
control the algorithm used in the steganography process.
Note: OpenStego is built using Java so you will need to run it on a machine that has Java installed.

The first thing you need to do is select the steganography algorithm to be used and the secret message file
you wish to be hidden. You then select the cover file (the image to be used to conceal the secret message file
within it) and the output filename. Once you are done, click OK to start the obfuscation process.

13 Retina Network Community

Retina Network Community is a free vulnerability scanner for up to 256 IPs that offers powerful vulnerability
assessment across operating systems, applications, devices and virtual environments within your network using
a comprehensive vulnerability database that is updated regularly.

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

7/15

7/18/2015

18FreeSecurityToolsforSysAdmins

When you launch Retina Community, start by setting up your Audit from the Audit section at the top here,
you can choose what credentials to use, which targets to scan, which ports to detect, which audit types to run,
and what information to obtain from each target. Once youve done this hit the Scan button to initiate the
scan and view the results at the bottom of the window.

14 OWASP Mantra
OWASP Mantra is a browser based security framework which includes a selection of integrated and online
tools that can be used for penetration testing and web application testing. There is everything from online
network and information gathering utilities to an integrated SSH client.

When you launch the OWASP Mantra browser you are presented with a Welcome page with a splash screen
similar to the Windows 8 interface. From here you can browse to the Hackery or Gallery pages to discover
the available online tools. On the left hand side of the browser is a selection of icons which launch the
integrated tools.

15 KeePass
KeePass is a light-weight user-friendly password manager that allows you to store username and password
combinations in a highly-encrypted database. Access to the database is secured using a master password or
key file.

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

8/15

7/18/2015

18FreeSecurityToolsforSysAdmins

When you first launch KeePass youll need to enter a Master Key which is used to prevent access to the
password database. You can then start to create groups for categorization and password entries for each
group. KeePass also has a search facility in the top menu bar for quick access to a certain password or to help
you find a password entry if you cant remember it this saves you navigating through each group.

16 Nmap
Nmap allows you to perform network discovery and security auditing, including tasks such as network
inventory, managing service upgrade schedules, and monitoring host or service uptime.
Note: The Nmap package comes with Zenmap (a front-end GUI for Nmap), a flexible data transfer, redirection,
and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response
analysis tool (Nping).

Home
Zenmap can be used to control Nmap from a GUI rather than a command-line. Upon launching Zenmap, enter
the target to be scanned and choose a scan profile before clicking Scan. Results will be displayed
in us
the
About

Nmap Output tab with a further breakdown available in the Ports/Hosts, Topology, Host Details, and Scans
tabs.
Blogroll

17 PuTTY
Categories
PuTTY is a lightweight application that allows someone sitting at a Windows machine to remotely connect to a
Linux server using the SSH, Telnet and Rlogin network protocols. The PuTTY family of tools also consists of
GFI Patch Central
PSCP (an SCP client for secure command-line file copy), PSFTP (an SFTP client), PuTTYtel (a Telnet-only client),
Plink (a command-line interface to the PuTTY back ends), Pageant (an SSH authentication agent) and
PuTTYgen (an RSA and DSA key generation utility).

Microsoft Exchange

Note: On the server side, you will likely have an SSH implementation such as OpenSSH
Security 101
(http://www.openssh.org/) which encrypts all traffic transmitted across the network and is useful for
securing protocols like telnet, rlogin and ftp (which transmit data over the network in plain text).
SMB Zone
Surveys
Tech Zone
http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

9/15

7/18/2015

18FreeSecurityToolsforSysAdmins

Team GFI
Top posts
Bloggers
Contact

Once you enter the connection details and click Open, a command prompt type window will appear asking
you to login to the specified server. Once you do this, you can issue commands directly to that server.

18 RANDOM.ORG Random Password Generator

The Random Password Generator from random.org does just that it generates random passwords for you
based on a set of criteria you provide. Unlike some websites, the generated passwords are delivered to you
over an SSL connection for added security (last thing you want is a rogue on your network capturing packets
and discovering all your newly generated passwords!).

Simply navigate tohttp://www.random.org/passwords/ and enter the required criteria to get started. If you
want more criteria to be considered when generating a password, try using the Random String Generator at
https://www.random.org/strings/.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first
to get them!

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

10/15

7/18/2015

18FreeSecurityToolsforSysAdmins

About the Author: Andrew Tabona

Andrew has over 10 years experience in Quality Assurance, Incident Management, and Pre- and Post-Sales
Technical Support roles, as well as recent specialization in Digital Forensics and E-Discovery. He has
contributed to several blogs and worked on various technical writing projects for multiple organizations, as
well as being invited to be a regular guest lecturer and speaker at a top UK university.

More Posts from Andrew

Suggest a Topic

9 Comments

Russ McRee October 3, 2013 at 7:45 am

Why list BackTrack as #1 when its last release was more than a year ago and its been replaced with Kali, per Offensive
Security: http://www.kali.org/news/kali-linux-whats-new/?

Andrew Zammit Tabona October 3, 2013 at 5:39 pm

Hi Russ,
The list is in no particular order. I just randomly organized the tools so there would be a good distribution of different
categories as you scrolled through the list.
Good shout on pointing out Kali! The reason I mention BackTrack is because it is tried and trusted in the industry and, to
http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

11/15

7/18/2015

18FreeSecurityToolsforSysAdmins

this day, still used by many security professionals. Nevertheless, we have updated the article to mention Kali Linux.
Many thanks again!
Regards,
Andrew.

Russ McRee October 4, 2013 at 8:37 pm

Nice, thanks for updating.
Great tool list compilations btw, the network tools group is really solid toohttp://www.gfi.com/blog/the-top-20free-network-monitoring-and-analysis-tools-for-sys-admins/

Aram October 5, 2013 at 5:49 am

please advise a tool similar to eraser for Linux.

Andrew Zammit Tabona October 7, 2013 at 7:30 pm

Russ McRee Thanks for the feedback! Glad you like the lists.
Aram If youre looking for secure file/folder deletion tools in Linux, I would suggest having a look at srm, wipe or
shred.

Cesar October 8, 2013 at 8:40 pm

Hi, Please advise a tool for encryption specific directories or files on Windows?

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

12/15

7/18/2015

18FreeSecurityToolsforSysAdmins

Andrew Zammit Tabona October 9, 2013 at 9:16 am

Cesar I recommend you have a look at my article here: http://www.gfi.com/blog/the-top-20-free-file-managementtools-for-sys-admins/

Aditya January 6, 2014 at 4:57 am

Hi andrew
I wanna knw dat wht opinion do u suggest for OS developed by
anonymous

Andrew Zammit Tabona January 17, 2014 at 8:59 pm

Aditya If you are referring to the Anonymous-OS Linux distro based on Ubuntu that was released in March 2012, my
opinion is that you should stay clear of it as there was strong suspicion that it was riddled with trojans. The Anonymous
Group themselves have even reported that it was a fake and not actually released by them.
Comments are closed.

Whenareyouplanningonmovingto
Exchange2016?
AtLaunch
36monthsafterlaunch
612monthsafterlaunch
Longerthan12monthsafterlaunch
Never

Vote
http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

13/15

7/18/2015

18FreeSecurityToolsforSysAdmins

ViewResults Polldaddy.com

FIND US ON FACEBOOK

GFISoftware
51,570likes

LikePage

Share

Bethefirstofyourfriendstolikethis

FOLLOW US ON TWITTER

GFI Software @GFISoftware

1h
#SysAdmins: Here are 5 free rescue discs to
add to your toolkit ow.ly/PKsyb
Show Summary

GFI Software @GFISoftware

2h
Is @Cringely right regarding what is
causing the US computer industry to be in
the dire straits?Read our commentary
ow.ly/PKrKr
Show Summary

GFI Software @GFISoftware

5h
#Windows10 is coming July 29: Here are 10

2015 GFI Software

Privacy policy |

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

Copyright

Terms of use

Contact

14/15

7/18/2015

http://www.gfi.com/blog/18freesecuritytoolsforsysadmins/

18FreeSecurityToolsforSysAdmins

15/15