1. Nmap
Nmap is a free open source utility for network exploration or security auditing. Its design to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
Get Nmap Here
Nmap is a free open source utility for network exploration or security auditing. Its design to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
Get Nmap Here
2. Nessus Remote Security Scanner
Nessus
is the world’s most popular vulnerability scanner used in over 75,000
organizations world-wide. Many of the world’s largest organizations are
realizing significant cost savings by using Nessus to audit
business-critical enterprise devices and applications.
Get Nessus Here3. John the Ripper
John
the Ripper is a fast password cracker, currently available for many
flavors of Unix (11 are officially supported, not counting different
architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is
to detect weak Unix passwords. Besides several crypt(3) password hash
types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
Click here to get JTR
4. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
Get Nikto HereNikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
5. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.
If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.
Get SuperScan Here
6. p0f
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
– machines that connect to your box (SYN mode),
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
Get p0f Here
– machines that connect to your box (SYN mode),
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
Get p0f Here
7. Wireshark (Formely Ethereal)
Wireshark
is a GTK+-based network protocol analyzer, or sniffer, that lets you
capture and interactively browse the contents of network frames. The
goal of the project is to create a commercial-quality analyzer for Unix
and to give Wireshark features that are missing from closed-source
sniffers.
Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
Get Wireshark Here
Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
Get Wireshark Here
8. Yersinia
Yersinia
is a network tool designed to take advantage of some weakeness in
different Layer 2 protocols. It pretends to be a solid framework for
analyzing and testing the deployed networks and systems. Currently, the
following network protocols are implemented: Spanning Tree Protocol
(STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP),
Dynamic Host Configuration Protocol (DHCP), Hot Standby Router
Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN
Trunking Protocol (VTP).
The best Layer 2 kit there is.
Get Yersinia HereThe best Layer 2 kit there is.
9. Eraser
Eraser
is an advanced security tool, which allows you to completely remove
sensitive data from your hard drive by overwriting it several times
with carefully selected patterns. Works with Windows 95, 98, ME, NT,
2000, XP and DOS. Eraser is Free software and its source code is
released under GNU General Public License.
An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.
Get Eraser Here.An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.
10. PuTTY
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator.
A must have for any h4x0r wanting to telnet or SSH from Windows
without having to use the crappy default MS command line clients.
Get PuTTY Here.11. LCP
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.
A good free alternative to L0phtcrack.
Get LCP HereA good free alternative to L0phtcrack.
12. Cain and Abel
My personal favorite for password cracking of any kind.
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
Get Cain and Abel Here
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
Get Cain and Abel Here
13. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
Get Kismet Here
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
Get Kismet Here
14. NetStumbler
NetStumbler
is a tool for Windows that allows you to detect Wireless Local Area
Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
- Verify that your network is set up the way you intended.
- Find locations with poor coverage in your WLAN.
- Detect other networks that may be causing interference on your network.
- Detect unauthorized “rogue” access points in your workplace.
- Help aim directional antennas for long-haul WLAN links.
- Use it recreationally for WarDriving.
15. hping
hping
is a command-line oriented TCP/IP packet assembler/analyzer. The
interface is inspired to the ping unix command, but hping isn’t only
able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP
protocols, has a traceroute mode, the ability to send files between a
covered channel, and many other features.
Get hping Here
0 comments:
Post a Comment