Difference between revisions of "Tools (Hacking)"
Jump to navigation
Jump to search
Line 2: | Line 2: | ||
This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ... | This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ... | ||
===General (uncategorized)=== | |||
* nmap | * nmap | ||
* nessus | * nessus | ||
* metasploit | * metasploit | ||
* hping3 | * hping3 | ||
* netcat | * netcat | ||
* wireshark (ethereal) | * wireshark (ethereal) | ||
* putty | * putty | ||
Line 36: | Line 22: | ||
* p0f | * p0f | ||
* nbtscan (http://www.inetcat.net/software/nbtscan.html) | * nbtscan (http://www.inetcat.net/software/nbtscan.html) | ||
===Enumeration/Passwords=== | |||
* user2sid/sid2user | |||
* enum | |||
* fgdump | |||
* pwdump | |||
* cain&able | |||
* rcrack (+tables) | |||
* john | |||
* hydra | |||
** libssh2 0.11 (http://0xbadc0de.be/libssh/libssh-0.11.tgz) | |||
* pshtoolkit (pass-the-hash toolkit) | |||
* samba (w/ hash passing) | |||
** Slackware source: http://slackware.mirrors.tds.net/pub/slackware/slackware-12.1/source/n/samba/ | |||
** Patch: http://www.foofus.net/jmk/passhash.html | |||
===Web=== | |||
* DirBuster (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project) | |||
* nikto.pl | |||
* paros | |||
==Stuff to investigate== | ==Stuff to investigate== |
Revision as of 15:05, 20 August 2008
Useful tools
This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ...
General (uncategorized)
- nmap
- nessus
- metasploit
- hping3
- netcat
- wireshark (ethereal)
- putty
- pstools
- regmon/filemon/procmon (from sysinternals)
- unix-privesc-check
- amap
- xprobe2
- ettercap
- BiLE.pl
- LfT
- Wireshark SSL cracker (http://www.lucianobello.com.ar/exploiting_DSA-1571/)
- gsecdump (http://www.truesec.com/PublicStore/catalog/categoryinfo.aspx?cid=223)
- p0f
- nbtscan (http://www.inetcat.net/software/nbtscan.html)
Enumeration/Passwords
- user2sid/sid2user
- enum
- fgdump
- pwdump
- cain&able
- rcrack (+tables)
- john
- hydra
- libssh2 0.11 (http://0xbadc0de.be/libssh/libssh-0.11.tgz)
- pshtoolkit (pass-the-hash toolkit)
- samba (w/ hash passing)
Web
- DirBuster (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)
- nikto.pl
- paros
Stuff to investigate
- SMBProxy (http://www.cqure.net/wp/11/)
Useful Non-metasploit Exploits
- vmsplice (http://www.milw0rm.com/exploits/5093)
Firefox Addons
I don't actually use all these on a regular basis, but I found some on another site.
- Add N Edit Cookies
- Firebug
- Foxy Proxy
- Hackbar
- Header Monitor
- Noscript
- Poster
- Server Spy
- SQL Inject Me
- SSL Blacklist
- Tamper Data
- User Agent Switcher
This is cool enough that I had to link it from somewhere
- Security Bookmarklets (http://ha.ckers.org/bookmarklets.html)
Wireless tools
TODO: learn to hack wireless. :)
Stuff I wrote
- See My Projects