- MacAnalysis - A really nice shareware security analysis tool that seems to be coming along nicely (IMO worth the $50 fee). It has a plug-in architecture where you can update its database automatically (a must for analysis sofware) and a really nice OS X interface. A little lite on the doc, but seems to be coming along.
- Nessus - This one requires a little explanation. Nessus is the open source security analysis software IMO. I would not attempt this one unless you are comfortable with the UNIX command line :). Regrettably the old version did not seem to compile on OSX even with XFree and GTK+. However with a little work, I was able to get the latest image from CVS to compile. In order to attempt it, you will need to have a X server (I suggest using fink to get the XFree rootless server), the GTK+ libraries (again, I would use Fink, makes it trivial to do), the OpenSSL libraries (it claims to be able to compile without these - it does - but I wasted most of the part of a day to try and get it to work without these and I couldn't ... save yourself the trouble). Once you have all these pieces, it compiles and works like a charm :) I would also suggest for piece of mind (and eyes) using OroborosX - this software interfaces the XFree windows and the Aqua windows so well that you sometimes forget you're using X software :).
[Editor's note: Although these programs can most likely be used for bad purposes, they are also important in determining whether your own network is secure or not. As such, I think it's in the general interest to make people aware of these tools. After all, if the Bad Guys know about these programs, wouldn't you like to know what vulnerabilities these progarms find on your own systems in order to close the holes?]

