11 security audit essentials
Following the well-defined hacker cycle, let’s kickoff our IT security audit tools list with reconnaissance tools. In this category, Maltego is a great tool for information gathering. Maltego offers personal reconnaissance as well as infrastructural reconnaissance. The personal reconnaissance component of Maltego enables garnering of personal details such as email address, name or phone number, using search engines. With the infrastructural reconnaissance features one can garner information related to sub-domains and servers of a network. To achieve this, Maltego uses an approach known as transformation. Various transformations give varied results depending on the interaction with the search engine. There are two versions of Maltego -- a commercial version and a community edition. Registration is mandatory for using this IT security audit tool.
You can download this tool here.