There are many tools available that can test the security configuration of a system, verify proper functioning of security controls, reveal security vulnerabilities, provide evidence of system tampering or compromise, and more. Links to some of the more popular tools in several areas are listed below.
Note 1: Our security team was not involved with development of any of these tools and does not support them in any way. Links are merely compiled here for convenience.
Note 2: The assessment tools are intended for system owners and operators to use on the systems they own and manage. Assessing the security of someone else's system is generally viewed as a hostile, if not illegal, act. Don't do it!
Note 3: If you think one of your UW Medicine systems as been compromised, you are required by policy SEC-10 to report the incident to the IT Services Help Desk immediately and you should not undertake any investigation or remediation activities.
These tools probe hosts from the inside or the outside to determine what network ports are open, what services are bound to each port, and more.
These tools can run against a remote host or on a local host to determine vulnerabilities related to unpatched software and services or unsafe configurations.
These tools capture network traffic off the wire and do protocol decoding. They are useful for investigating network connectivity issues, firewall problems, VPN problems, and verifying encryption of sensitive traffic.
These tools can help you work with log files of various sorts and extract information of interest.
These tools can help you evaluate the strength of passwords on your systems and identify accounts with passwords that do not comply with your system password policy.
These tools can be run on a system to compare a configuration against a standard and get a score.