Redspin, Inc. | Security Assessment Tools



	Tools Main
	Firewall CAT
	fTrace
	Crackulator

Free Security Assessment Tools

We put these security audit tools here to help our clients keep their systems robust and illustrate any issues they may have. We sell security audits, so we're not going to give away everything — but we'll still be a good neighbor and lend them out for a little while.


Assessment Type:	Firewall Auditing
Platform:	Web-based
Link:	More Info
The Redspin Firewall CAT is a web-based tool that performs two key functions not available in any other firewall audit tool. On the back-end, it detects ACL errors by mimicking the firewall's thought process and analyzing the rules the same way that the firewall does. Then, on the front-end, it creates an easy-to-comprehend picture of everything that the firewall allows and denies. With this visual representation an IT administrator can easily see the net result of the ACLs without manually analyzing the entire configuration file. More Info About Firewall CAT


Assessment Type:	Secure Program Development
Platform:	Linux
Link:	More Info
Download:	Download fTrace
fTrace is a security assessment tool for identifying security vulnerabilities in Linux binaries. It dynamically traces a non-stripped binary until it exits and prints to stderr all the local function calls which the program calls and reports possible arguments and return values of each function. It was programmed with intentional compatibility with such tools as strace(1) and ltrace(1) but is oriented toward secure program development. More Info About fTrace


Assessment Type:	Password Auditing
Platform:	Web-based
Link:	More Info
The Crackulator is a password policy auditor. It computes the amount of time it would take to crack a password given its complexity requirements and compares it to the password age policy. If it is possible to crack a password before the password is required to be changed, then the password policy needs to be revised. More Info About Crackulator