Difference between revisions of "Online tools"
|  (→Anti-Malware:   updated link) |  (→Intrusion prevention:   added Sandboxie) | ||
| Line 56: | Line 56: | ||
| * GeSWall : http://www.gentlesecurity.com | * GeSWall : http://www.gentlesecurity.com | ||
| + | * Sandboxie : http://www.sandboxie.com | ||
| ===Rootkit removal=== | ===Rootkit removal=== | ||
Revision as of 15:08, 29 December 2012
Useful freeware and other online tools.
A more detailed list of freeware may be found at: gizmo's freeware such as this article, Probably the Best Free Security List in the World
Free online single file scanning
- http://virustotal.com (max file size 32 MB, 42 different antiviruses)
- http://virscan.org (max file size 20 MB, 37 different antiviruses)
- http://vscan.novirusthanks.org (max file size 20 MB, 24 different antiviruses)
- http://www.urlvoid.com/ (max file size 20 MB, 24 different antiviruses)
- http://scanner.virus.org (max file size 5 MB, 23 different antiviruses)
- http://virusscan.jotti.org (max file size 10 MB, 20 different antiviruses)
- http://viruschief.com (10 different antiviruses)
- http://filterbit.com (9 different antiviruses)
Free online folder/computer scanning
- a-squared : http://www.emsisoft.com/en/software/ax/?scan=1
- BitDefender : http://www.bitdefender.com/scanner/online/free.html
- Computer Associates : http://cainternetsecurity.net/entscanner/
- ESET (NOD32) : http://www.eset.com/onlinescan/
- F-Secure: http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/online-scanner/index.html (IE only)
- TrendMicro : http://housecall.trendmicro.com
- Panda : http://www.pandasecurity.com/activescan/index/
Anti-Virus / Anti-Malware products free and fully functional
Anti-virus
- avast! : http://www.avast.com/
- AntiVir : http://www.avira.com/ 
 alternate: http://free-av.com/
 AntiVir Free update problem
- AVG : http://www.avg.com/
- Comodo : http://www.comodo.com/
- ClamWin : http://www.clamwin.com/
- ClamAV : http://www.clamav.net/
- Microsoft Security Essentials : https://www.microsoft.com/Security_essentials/
- Panda Cloud : http://www.cloudantivirus.com/
- Malwarebytes : http://www.malwarebytes.org/
Anti-Malware
- Ad-Aware : http://www.lavasoft.com
- a-squared : https://www.emsisoft.com
- MalwareBytes : http://www.malwarebytes.org
- Spybot Search and Destroy : https://www.safer-networking.org
Anti-spyware products
- SpywareBlaster : https://www.javacoolsoftware.com
- Spyware Terminator : https://www.spywareterminator.com
- SUPERAntiSpyware : https://www.superantispyware.com
- Windows Defender : https://www.microsoft.com/windows/products/winfamily/defender/default.mspx
- Spybot Search and Destroy : https://www.safer-networking.org
Intrusion prevention
- GeSWall : http://www.gentlesecurity.com
- Sandboxie : http://www.sandboxie.com
Rootkit removal
- TDSSKiller : http://support.kaspersky.com/faq/?qid=208283363
Windows start-up manager
- WinPatrol : http://winpatrol.com
- Security Task Manager : http://www.neuber.com/taskmanager/
- Autoruns for Windows : http://technet.microsoft.com/en-us/sysinternals/bb963902
Windows system scanner
- HijackThis (HJT) : http://free.antivirus.com/hijackthis/ 
 (used in conjunction with Malware support forums for troubleshooting system failures)
MX tools
Check if your IP or domain is blacklisted as a source for Spam
- http://viewdns.info/spamdblookup/ : Check if your servers IP is blocked against a number of common spam databases.
- http://www.mxtoolbox.com/ : Check each MX record (IP Address) against 147 DNS based blacklists.
DNS
dig for Windows 7, Vista, XP, 2000 : http://members.shaw.ca/nicholas.fong/dig/
- (dig is a powerful tool to investigate [digging into] the DNS system)
Spam
Spam / PHISH aggregation
- AbuseButler : http://spamvertised.abusebutler.com
- joewein.de LLC : http://www.joewein.net
- PhishTank : http://www.phishtank.com
- Project Honey Pot : https://www.projecthoneypot.org
- SORBS (Spam and Open-Relay Blocking System) : http://www.us.sorbs.net
- Spacequad : http://www.spacequad.com
- SpamCop : http://www.spamcop.net
- Stop Forum Spam : http://www.stopforumspam.com
- SURBL : http://www.surbl.org
- uriBL : http://www.uribl.com
Email headers
- Email Headers
- How to View them and Include them in Reporting a Spam or Scam
- * http://spamlinks.net/track-trace-headers.htm
- * http://www.consumerfraudreporting.org/email_headers.php
 
- Copy and paste the headers to reveal their source:
- Decoding the spam; head to eternity - an article courtesy of MysteryFCM aka: hpHosts
Reporting Spam
- Spamtrackers article : http://www.spamtrackers.eu/wiki/index.php/Reporting_Spam
- Sign up for a Spamcop account and report the spam : http://spamcop.net/
- Join others who are fighting spam at IBR : http://inboxrevenge.com/
Spam Facts
- The 10 Worst Spam Support ISPs : http://www.spamhaus.org/statistics/networks.lasso
- The 10 Worst Spammers : http://www.spamhaus.org/statistics/spammers.lasso
- The 10 Worst Spam Countries : http://www.spamhaus.org/statistics/countries.lasso
Anti-spam portal
- Spam Links : http://spamlinks.net/
- the anti-spam portal: everything you didn't want to have to know about spam. Whether you are entirely new to the struggle against spam, or are a seasoned professional system administrator, we direct you to the best resources available to counter spam.
 
Historical
- Blacklist of Internet Advertisers : web.archive.org
- this is the Blacklist of Internet Advertisers. It is intended to curb inappropriate advertising on usenet newsgroups and via junk e-mail. It works by describing offenders and their offensive behavior, expecting that people who read it will punish the offenders in one way or another.
 
Associated forum topic
Reputation tools
These tools can help evaluate the reputation of websites. Some are based on user reports, corporate/organization reports or automated tools (links checkers, anti-viruses, sandboxes...)
- ATMA IP Deny list - Peerguardian format : http://www.atma.es
- AVG LinkScanner : http://linkscanner.explabs.com/linkscanner/avg
- Browser Defender : http://www.browserdefender.com
- Google Safe Browsing : http://www.google.com/safebrowsing/diagnostic?site=example.com (replace "example.com" with the IP or domain name)
- hpHosts : http://hosts-file.net
- MalwareDomainList : http://www.malwaredomainlist.com/mdl.php
- MalwarePatrol : http://www.malwarepatrol.net/lists.shtml
- MalwareUrl : http://www.malwareurl.com
- McAfee SiteAdvisor : https://www.siteadvisor.com
- McAfee TrustedSource : https://www.trustedsource.org/en/tools
- No Virus, Thanks : http://scanner.novirusthanks.org (File Scanning)
- Norton SafeWeb : https://safeweb.norton.com
- Phish Tank : http://www.phishtank.com
- Sitevet : http://sitevet.com/
- Unmask Parasites : http://unmaskparasites.com
- URL Void : http://www.urlvoid.com
- Web Security Guard : http://www.websecurityguard.com
- Lenny Zeltser's : Blocklists of Suspected Malicious IPs and URLs
Network tools
- http://viewdns.info/ : ViewDNS.info - a large collection of free DNS/network related tools. DNS propagation, Chinese Firewall, Whois, DNS report + more.
- http://www.aguse.jp/ : whois, DNS, thumbnail, blacklist check, more.
- http://centralops.net/co/ : Free online network utilities
- http://clez.net/net/ : Free complete network tools for online research.
- http://whois.domaintools.com/ : Whois lookup and Domain name search.
- http://www.who.is/ : whois, DNS, more.
- http://ping.eu : online ping/whois/traceroute/port check/reverse lookup/...
- http://www.geoiptool.com/ : Free online geolocation (from server name or IP)
- http://ipinfodb.com/ : Free online geolocation (from server name or IP)
- http://www.robtex.com/ : Swiss army knife internet tool. Check: RBL, DNS, IP, C-net, whois, Route, AS info, and more.
- http://www.intodns.com/ : checks the health and configuration and provides DNS report and mail servers report.
- http://network-tools.com/ : various: ping, whois, DNS, etc.
- http://untiny.me/ : Get real url from shortened URLs like tinyurl.com (and other) without actually following the link
- http://www.just-traceroute.com/ : Traceroute from 4 different locations.
- http://www.herdict.org/web/ : Herdict Web aggregates reports of inaccessible sites
Pharmacy verification
- http://www.nabp.net : The National Association of Boards of Pharmacy
- http://www.ciparx.ca : The Canadian International Pharmacy Association
- http://www.legitscript.com : LegitScript (USA and Canada)
SSL Certification testing
- https://www.digicert.com/help : Check SSL Certificate for proper installation.
- https://www.sslshopper.com/ssl-checker.html : Check SSL Certificate, also has a widget to add to your website or blog. (Bookmarklet)
- https://www.ssllabs.com/: detailed report about the SSL configuration of a web site. (Add to FlagFox) (Bookmarklet)
Parental control
See main article: Parental Controls
List of Noteworthy Internet Explorer addons
See main article: Internet Explorer
List of Noteworthy Firefox addons
See main article: Firefox
Check for obsolete software
Scans for outdated software that is vulnerable to exploit codes, etc.
| Name | Type | |
|---|---|---|
| F-Secure Health Check | Online scan | Requires Java | 
| Secunia Online Software Inspector | Online scan | Requires Java | 
| FileHippo.com Update Checker | Download | Installation is not required | 
| Mozilla plug-in check | Online scan | Plug-ins only | 
Miscellaneous
- Anubis : http://anubis.iseclab.org/ (reports the behavior of a Windows executable and activities in Internet Explorer)
- AutoShun (snort list) : http://www.autoshun.org/
- ATMA Deny list : http://atma.es/
- DShield : http://www.dshield.org/
- Better Business Bureau (USA and Canada company verification) : https://www.bbb.org
- Blacklist Alert (LHSBL / RHSBL queries for nuts): http://www.blacklistalert.org./
- BoardReader domain link check : http://boardreader.com/domain/mywot.com
- File.net : http://www.file.net/ (Collaborative file identification)
- JSUNPACK A Generic JavaScript Unpacker : http://jsunpack.jeek.org/dec/go
- Malicious code detection (PDF/Javascript/Flash): http://wepawet.iseclab.org/
- Newly Registered Domain Names : http://domain-daily.com/
- NetworkMiner (Network Forensic Analysis Tool (NFAT) for Windows) : http://networkminer.sourceforge.net/
- Norman Sandbox : http://www.norman.com/microsites/nsic/Submit/en (reports the behaviour of a Windows executable run inside a virtual machine).
- PC Flank Security Tests : http://www.pcflank.com/index.htm (scans for possible exploits you are leaving behind you)
- Pop-up Test : http://www.popuptest.com/ (tests your pop-up blocker)
- Redirect Detective : http://redirectdetective.com/ (URL redirection checker. Detects HTTP redirects, HTTP Refreshes, Meta Refreshes and JS redirects)
- Sandboxie : http://www.sandboxie.com/ (reports the behaviour of a Windows executable run inside a sandbox)
- Site Dossier : http://sitedossier.com/
- Snort network intrusion prevention and detection system (IDS/IPS) : http://www.snort.org/
- Spamavert.com : http://spamavert.com/ (obtain spam from this small inbox)
- SystemLookup : http://www.systemlookup.com/ (search engine for CLSIDs, services and etc. listing them as either legitimate or malicious)
- Tor : http://www.torproject.org/ (surf with more privacy)
- VB100% : http://www.virusbtn.com/vb100/index (keep updated on which antiviruses are passing the latest malware tests)
- Web Sniffer : http://web-sniffer.net/ (View HTTP Request and Response Header)
- WhereGoes? : http://wheregoes.com/ (track the redirection path of URLs)
