Slashdot Mirror


Ask Slashdot: Do-It-Yourself Security Auditing Tools?

An anonymous reader writes "I'm a 'prosumer' website builder, have a few sites that are mainly hobbies, but I would like to know that they're at least fairly robust. I'm thinking of the equivalent of a 'dental clinic' — where someone interested in the white hat security field might be willing to take on an audit for the experience and to build a resume. Or, tools such as websites that let you put in a password and see how long it takes to crack it. Or sites where you can put in a URL and it gets poked and prodded by a number of different cracker tools and a 'score' is given. Ideally with suggestions on how to improve. Does anything like that exist? I'm not talking FBI/CIA level security, but just common-sense basics. I've tried to use techniques that improve security, but I don't know how well they work. And I've realized that in the ever growing, fast changing field of computers I'm not going to ever get the knowledge I need to do this myself. I know there are software suites that allow you to sniff and test things on your own, but I'm afraid it's overwhelmingly foreign to me and I just feel like I can't reliably do this myself. Any ideas?"

1 of 116 comments (clear)

  1. You could try PWNPI by randomErr · · Score: 3, Interesting

    This is a nifty suite of programs made for a lot of what you want that runs on a Raspberry Pi. If you don;t want to get a Pi you can look at the list of software and download then into your favorite Linux distro. Most (if not all) of these are open source.

    http://pwnpi.sourceforge.net/

    --
    You say things that offend me and I can deal with it. Can you?