Mac OS

Apple Mac OS X

SPIKE Proxy

HTTP Hacking
Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and directory traversal detection.

chkrootkit

Locally checks for signs of a rootkit.
chkrootkit is a flexible, portable tool that can check for many signs of rootkit intrusion on Unix-based systems. Its features include detecting binary modification, utmp/wtmp/lastlog modifications, promiscuous interfaces, and malicious kernel modules.

Tor

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.
Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

OSSEC HIDS

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

KisMAC

KisMAC is an open-source and free sniffer/scanner application for Mac OS X. It has an advantage over MacStumbler / iStumbler / NetStumbler in that it uses monitor mode and passive scanning.
KisMAC supports several third party PCMCIA cards: Orinoco, PrismII, Cisco Aironet, Atheros and PrismGT. USB devices with Intersil Prism2, Ralink rt2570 and rt73, and Realtek rtl8187 chipsets are in progress towards full support as well. All of the internal AirPort hardware is supported for scanning.

Arpwatch

Keeps track of ethernet/IP address pairings and can detect certain monkey business
Arpwatch is the classic ARP man-in-the-middle attack detector from LBNL's Network Research Group. It syslogs activity and reports certain changes via email. Arpwatch uses LibPcap to listen for ARP packets on a local ethernet interface.

Ike-scan

ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. It is available for Linux, Unix, MacOS and Windows under the GPL license.

Angry IP Scanner

Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features.
It is widely used by network administrators and just curious users around the world, including large and small enterprises, banks, and government agencies.
It runs on Linux, Windows, and Mac OS X, possibly supporting other platforms as well.

Firewalk

Advanced traceroute
Firewalk employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. This classic tool was rewritten from scratch in October 2002.

LSoF

LiSt Open Files
This Unix-specific diagnostic and forensics tool lists information about any files that are open by processes currently running on the system. It can also list communications sockets open by each process. For a Windows equivalent, check out Process Explorer from Sysinternals.

Syndicate content