TyphonIII

TyphonIII

Category: Vulnerability Scanners
Website: http://www.nextgenss.com/typhon.htm
Manufacturer: NGS Software
Operating System: Windows

4
Security Threat Rating

Description:
A very full featured scanner. This scanner includes quite a few modules that other commercial solutions do not such as, SSL web checks, intelligent web checks, Overflow checks, Web spider checks for XSS or SQL injection attacks, POP3(with or without SSL) SMTP (with or without SSL), Port scanner, a browser, DNS, Finger, FTP, LDAP, SQL Server, NetBIOS, NFS, NT Checks, SNMP brute force attacks, SSH, Trojan/admin tools scanning, Telnet brute force attacks and X11 checks

Strengths:
Tons of modules, you can specify in the advanced section to NetBIOS, LDAP and other credentials for further network exploration.

Weaknesses:
Not scriptable or modifiable

Target:
Any server (web or otherwise) can be researched using this tool A hacker could use this to gather information or brute force passwords to gain further access to the server

Mitigation/Recommendation:
Strong passwords, good firewall, and a patched server

Price:
unknown, not on website

Penetration (4):
Medium-low Linked in "Hacking Exposed Web Applications" but is a pay tool and not open source

Simplicity (8):
Beginner

Damage Potential (1):
Minimal Data Gathering only