tools
Catalog of Tools
This list is by no means comprehensive, nor is it in any particular order. Please feel free to contribute suggestions or comments on the mailing list.
- OpenVAS
- Nmap
- RFI and other tools
- wireshark/ethereal/tcpdump/snoop
- WireShark
- Man page for snoop
- Every reasonable OS has tcpdump as part of the system. However, there’s a nice effort that was started to collect various patches that have been floating around for LBL’s tcpdump and libpcap programs, and to continue the work needed on both projects.
tcpdump - Ethereal is deprecated, but in case you’re running an older system, here it is:
ethereal
- dsniff/sniffit You can get sniffit as a package from Debian, FreeBSD, and others.
- Medusa Parallel Network Login Auditor (a network login brute forcer). medusa
- firewalk: This package has not been maintained in some time, but is interesting from a learning perspective, and may or may not be useful in your environment. Packetfactory (its home) disappears from the net, now and then, so if you’re interested, get a local copy.
- Metasploit: Need I say more?
- hping – a command-line oriented TCP/IP packet assembler/analyzer.
- dig/host Dig and Host commands are present on nearly every Unix and Unix-like operating system. While nslookup is deprecated on most, you may also find it useful, if debug is set.
- telnet Telnet is a fine security tool, especially when used together with raw protocol commands. For example, telnet host 80 and then use “GET /” for http, or type telnet host 25, and then use EHLO hostname.domain and other SMTP commands.
- nikto: an Open Source (GPL) web server scanner which performs comprehensive tests against web servers
- burp proxy suite: an interactive HTTP/S proxy server for attacking and testing web applications.
- paros proxy: security tool for web application vulnerability assessment.
- OllyDbg is a debugger that emphasizes binary code analysis(32-bit only), which is useful when source code is not available.
http://en.wikipedia.org/wiki/OllyDbg - IDA Pro: Disassembler and debugger. a multi-processor disassembler and debugger hosted on the Windows and Linux Platform. http://www.hex-rays.com/idapro/
- webscarab: Part of the OWASP project, webscarab is another proxy for HTTP/HTTPS protocol snooping.
- netcat: The original Netcat was released by Hobbit in 1995, but it hasn’t been maintained despite its immense popularity. It can sometimes even be hard to find. There’s a GNU version, which is a rewrite of the original. BSD machines usually have it as part of the default install.
http://en.wikipedia.org/wiki/Netcat - kismet: an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
- ettercap: a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.
- Fierce DNS Scanner: Fierce uses your DNS server for the initial SOA query and then uses the target’s DNS
- aircrack: Aircrack-ng is a network detector, packet sniffer, WEP-cracker and analysis tool for 802.11 wireless LANs.
- airtools: aka bsd-airtools, this package contains multiple wireless tools, including dstumbler, a netstumbler-like application that runs on BSD machines. /usr/ports/net-mgmt/bsd-airtools/
- Firebug: Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page.
- ssldump: A packet trace utility specifically for SSL/TLS traffic and with the appropriate key info you should be able to decrypt traffic on the fly. It’s not a cracker, but a protocol analyzer.
- nstat: Comes with the IpRoute package, and is a useful utility for pretty-printing network statistics.
- TIPAS: Twitter Instant Password and Storage is a mechanism for generating completely random passwords of various strengths. By storing these passwords as part of a Twitter feed, you avoid having to remeber these long random passwords.
- BackTrack: A LiveCD with many of the tools listed above (and more…).
Random useful links
- Nessus: Tenable Network Security
- Immunity: CANVAS, and the world’s best mailing list (DailyDave)
- Insecure.Org Nmap Free Security Scanner, Tools & Hacking resources, Network Security Tools/Software (Free Download) including Nmap Open Source Network Security Scanner; Redhat Linux,Microsoft Windows,FreeBSD,UNIX Hacking.
- P7ZIPCommand line encrypted zip that has the ability to do AES (like Winzip 10+)
- FreeTDS.org A set of libraries for Unix and Linux that allows your programs to natively talk to Microsoft SQL Server and Sybase databases.
- DB2 Database for Linux, UNIX, and Windows
- http://www.iana.org/assignments/port-numbers
- Reed Arvin The world’s best, when it comes to mainframes.
- Reed Arvin # Published Advisories
- Reed Arvin # Security Tools
- Welcome to US-CERT
- milw0rm – exploits: vulnerabilities : videos : papers : shellcode (0day exploits database)
- Sguil – Open Source Network Security Monitoring
- http://www.trouble.org/titan/TITAN_Solaris2.html
- BASE Basic Analysis and Security Engine. BASE is a front end for the snort IDS system. It is based on the ACID code
- ntop – network top
- BotHunter Free Internet Distribution Page: A Malware Infection Discovery System
- Jack’s Nortel PBX Security Overview – PBX Info :: Your Free PBX, PABX and Telephone Information Resource.
- LAMPSecurity.org: A good resource for those of us who use LAMP in our day to day work.