Ever heard of Titania's Nipper Studio (previously known as Nipper One)? It's a security audit tool which takes in configuration files such as your cisco running-configs or your sonicwall enchanced OS's configuration files and generates a very nice and comprehensive report on the device's current security posture. Especially when you don't have time going through files and files of configurations, Nipper Studio will do the audit job for you. Unfortunately, it's NOT open-source (was, but no longer) so you'll need to purchase it. For more information, visit: https://www.titania-security.com/nipperstudio
I was just evaluating the usefulness of the tool and I decided to want to move my eval license (or what's left of it) over to another computer, I couldn't. The license codes won't authenticate in the new machine. So I'll just looking around the directory in hope to 'transfer' my license over but couldn't find the license file. Guess what, it's in the registry and after some analysis, I managed to get it over. UNfortunately, I also discover a flaw in the licensing protection. This flaw allows you to repeatedly audit on devices with only 1 single working license. Hint: Work the registry ;) Such an awesome software yet with poor licensing protection - what a shame! =D
*Sorry guys, I will not be sharing the step-by-step cracking as you know, lawsuit, -$, jail-term, blah.
** If you happen to be Titania, and wish to find out more on the license exploitation, please contact me: email@example.com and I'll gladly work with you to resolve this. And of course, I'd expect you to at least buy me at least a cup of coffee. :)
Break to protect,