1. Nmap
Nmap (“Network Mapper”) is a free open source utility for Network Xploration or Security Auditing.
It was designed 2 rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways 2 determine wat hosts are available on d network, wat services (application name & version) those hosts are offering, wat operating systems (& OS versions) they are running, wat type of packet filters/firewalls are in use, & dozens of other characteristics...... Nmap runs on most types of computers & both CONSOLE & GRAPHICAL versions are available. Nmap is
free & Open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works wid a client-server framework.
Nessus is d world’s most popular VULNERABILITY Scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus 2 audit business-critical enterprise devices & applications....
3. John The Ripper
John the Ripper is a fast PASSWORD CRACKER, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is 2 detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of d box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more wid contributed patches.
4. Cain and Abel
Cain & Abel is a Password Recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing d Network, cracking encrypted passwords using Dictionary, Brute-Force & Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords & analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs dat could not be fixed wid little effort.
5. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, & version specific problems on over 230 servers. Scan items & plugins are frequently updated & can be automatically updated.......
Nikto is a good CGI Scanner, there r some other tools dat go well wid Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
6. SuperScan
SuperScan is a Powerful TCP Port Scanner, Pinger, Resolver...... SuperScan-4 is an update of the highly popular Windows Port Scanning tool, SuperScan.
If you need an alternative for Nmap on Windows wid a decent interface, I suggest you check dis out...
7. Wireshark
Wireshark is a GTK+-based Network Protocol Analyzer, or Sniffer, Dat lets you capture & interactively browse d contents of network frames. The goal of d project is 2 create a commercial-quality analyzer for Unix & 2 give Wireshark features dat are missing from closed-source sniffers.....
Works great on both Linux & Windows (with a GUI), easy 2 use & can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
8. p0f
P0f v2 is a versatile Passive OS Fingerprinting Tool. P0f can identify the operating system on:
– machines dat connect 2 your box (SYN mode),
– machines you connect 2 (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe......
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
9. Eraser
Eraser is an Advanced Security Tool (for Windows), which allows you 2 completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns...... Works wid Windows 95, 98, ME, NT, 2000, XP & DOS. Eraser is Free software &S its source code is released under GNU General Public License.
An excellent tool for keeping your data really safe, if you’ve deleted it.....make sure it’s really gone.......
10. PuTTy
PuTTy is a free implementation of Telnet and SSH for Win32 and Unix platforms, along wid an xterm Terminal Emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having 2 use d crappy default MS command line clients.
11. Yersinia
Yersinia is a network tool designed 2 take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing & testing s deployed networks and systems. Currently, D following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
The best Layer-2 kit there is.
12. LCP
Main purpose of LCP program is user account passwords auditing & recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.......
A good free alternative to L0phtcrack.
13. Kismet
Kismet is an 802.11 layer2 wireless Network detector, Sniffer, & intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, & can sniff 802.11b, 802.11a, & 802.11g traffic.
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
14. NetStumbler
Yes a decent wireless tool for Windows....! Sadly not as powerful as it’s Linux counterparts, but it’s easy 2 use & has a nice interface, good for d basics of war-driving.
NetStumbler is a tool for Windows dat allows you 2 detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
Verify dat your network is set up d way you intended.
Find locations wid poor coverage in your WLAN.
Detect other networks dat may be causing interference on your network.
Detect unauthorized “rogue” access points in your workplace.
Help aim directional antennas for long-haul WLAN links.
Use it recreationally for WarDriving.
15. hping
hping is a command-line oriented TCP/IP packet assembler/analyzer to test your TCP/IP packet monkey skills.....The interface is inspired to the ping unix command, but hping isn’t only able 2 send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, D ability 2 send files between a covered channel, and many other features.
SOURCEs:- Internet & Some IT Security related Reference books
Nmap (“Network Mapper”) is a free open source utility for Network Xploration or Security Auditing.
It was designed 2 rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways 2 determine wat hosts are available on d network, wat services (application name & version) those hosts are offering, wat operating systems (& OS versions) they are running, wat type of packet filters/firewalls are in use, & dozens of other characteristics...... Nmap runs on most types of computers & both CONSOLE & GRAPHICAL versions are available. Nmap is
free & Open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
Code:
http://www.insecure.org/nmap/download.html
2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works wid a client-server framework.
Nessus is d world’s most popular VULNERABILITY Scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus 2 audit business-critical enterprise devices & applications....
Code:
http://www.nessus.org/download/
3. John The Ripper
John the Ripper is a fast PASSWORD CRACKER, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is 2 detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of d box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more wid contributed patches.
Code:
http://www.openwall.com/john/
4. Cain and Abel
Cain & Abel is a Password Recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing d Network, cracking encrypted passwords using Dictionary, Brute-Force & Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords & analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs dat could not be fixed wid little effort.
Code:
http://www.oxid.it/cain.html
5. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, & version specific problems on over 230 servers. Scan items & plugins are frequently updated & can be automatically updated.......
Nikto is a good CGI Scanner, there r some other tools dat go well wid Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
Code:
http://www.cirt.net/code/nikto.shtml
6. SuperScan
SuperScan is a Powerful TCP Port Scanner, Pinger, Resolver...... SuperScan-4 is an update of the highly popular Windows Port Scanning tool, SuperScan.
If you need an alternative for Nmap on Windows wid a decent interface, I suggest you check dis out...
Code:
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/superscan4.htm
7. Wireshark
Wireshark is a GTK+-based Network Protocol Analyzer, or Sniffer, Dat lets you capture & interactively browse d contents of network frames. The goal of d project is 2 create a commercial-quality analyzer for Unix & 2 give Wireshark features dat are missing from closed-source sniffers.....
Works great on both Linux & Windows (with a GUI), easy 2 use & can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
Code:
http://www.wireshark.org/
8. p0f
P0f v2 is a versatile Passive OS Fingerprinting Tool. P0f can identify the operating system on:
– machines dat connect 2 your box (SYN mode),
– machines you connect 2 (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe......
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
Code:
http://lcamtuf.coredump.cx/p0f/p0f.shtml
9. Eraser
Eraser is an Advanced Security Tool (for Windows), which allows you 2 completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns...... Works wid Windows 95, 98, ME, NT, 2000, XP & DOS. Eraser is Free software &S its source code is released under GNU General Public License.
An excellent tool for keeping your data really safe, if you’ve deleted it.....make sure it’s really gone.......
Code:
http://www.heidi.ie/eraser/download.php
10. PuTTy
PuTTy is a free implementation of Telnet and SSH for Win32 and Unix platforms, along wid an xterm Terminal Emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having 2 use d crappy default MS command line clients.
Code:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
11. Yersinia
Yersinia is a network tool designed 2 take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing & testing s deployed networks and systems. Currently, D following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
The best Layer-2 kit there is.
Code:
http://yersinia.sourceforge.net/
12. LCP
Main purpose of LCP program is user account passwords auditing & recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.......
A good free alternative to L0phtcrack.
Code:
http://www.lcpsoft.com/english/download.htm
13. Kismet
Kismet is an 802.11 layer2 wireless Network detector, Sniffer, & intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, & can sniff 802.11b, 802.11a, & 802.11g traffic.
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
Code:
http://www.kismetwireless.net/download.shtml
14. NetStumbler
Yes a decent wireless tool for Windows....! Sadly not as powerful as it’s Linux counterparts, but it’s easy 2 use & has a nice interface, good for d basics of war-driving.
NetStumbler is a tool for Windows dat allows you 2 detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
Verify dat your network is set up d way you intended.
Find locations wid poor coverage in your WLAN.
Detect other networks dat may be causing interference on your network.
Detect unauthorized “rogue” access points in your workplace.
Help aim directional antennas for long-haul WLAN links.
Use it recreationally for WarDriving.
Code:
http://www.stumbler.net/
15. hping
hping is a command-line oriented TCP/IP packet assembler/analyzer to test your TCP/IP packet monkey skills.....The interface is inspired to the ping unix command, but hping isn’t only able 2 send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, D ability 2 send files between a covered channel, and many other features.
Code:
http://www.hping.org/
SOURCEs:- Internet & Some IT Security related Reference books
