Difference between revisions of "Tools (Hacking)"
Jump to navigation
Jump to search
Line 4: | Line 4: | ||
===General (uncategorized)=== | ===General (uncategorized)=== | ||
* [http://www.insecure.org nmap] | * [http://www.insecure.org nmap] | ||
* nessus | * [http://www.nessus.org nessus] | ||
* metasploit | * [http://www.metasploit.com metasploit] | ||
* hping3 | * [http://www.hping.org/ hping3] | ||
* netcat | * [http://netcat.sourceforge.net/ netcat] | ||
* wireshark (ethereal) | * [http://www.wireshark.com wireshark] (ethereal) | ||
* putty | * [http://www.chiark.greenend.org.uk/~sgtatham/putty/ putty] | ||
* pstools | * [http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx pstools] | ||
* regmon/filemon/procmon (from sysinternals) | * [http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx regmon]/[http://www.google.ca/search?q=filemon&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a filemon]/[http://www.google.ca/search?q=procmon&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a procmon] (from sysinternals) | ||
* unix-privesc-check | * [http://pentestmonkey.net/tools/unix-privesc-check/ unix-privesc-check] | ||
* amap | * [http://freeworld.thc.org/thc-amap/ amap] | ||
* xprobe2 | * [http://xprobe.sourceforge.net/ xprobe2] | ||
* ettercap | * [http://ettercap.sourceforge.net/ ettercap] | ||
* BiLE.pl | * [http://www.vulnerabilityassessment.co.uk/bile.htm BiLE.pl] | ||
* LfT | * [http://www.askapache.com/tools/lft-traceroute-tool.html LfT] | ||
* | * [http://www.lucianobello.com.ar/exploiting_DSA-1571/ Wireshark SSL cracker] | ||
* | * [http://www.truesec.com/PublicStore/catalog/categoryinfo.aspx?cid=223 gsecdump] | ||
* p0f | * [http://lcamtuf.coredump.cx/p0f.shtml p0f] | ||
* | * [http://www.inetcat.net/software/nbtscan.html nbtscan] | ||
===Enumeration/Passwords=== | ===Enumeration/Passwords=== |
Revision as of 15:15, 10 September 2008
Useful tools
This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ...
General (uncategorized)
- nmap
- nessus
- metasploit
- hping3
- netcat
- wireshark (ethereal)
- putty
- pstools
- regmon/filemon/procmon (from sysinternals)
- unix-privesc-check
- amap
- xprobe2
- ettercap
- BiLE.pl
- LfT
- Wireshark SSL cracker
- gsecdump
- p0f
- nbtscan
Enumeration/Passwords
- user2sid/sid2user
- enum
- fgdump
- pwdump
- cain&able
- rcrack (+tables)
- john
- hydra
- libssh2 0.11 (http://0xbadc0de.be/libssh/libssh-0.11.tgz)
- pshtoolkit (pass-the-hash toolkit)
- samba (w/ hash passing)
Web
- DirBuster (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)
- nikto.pl
- paros
Stuff to investigate
- SMBProxy (http://www.cqure.net/wp/11/)
Useful Non-metasploit Exploits
- vmsplice (http://www.milw0rm.com/exploits/5093)
Firefox Addons
I don't actually use all these on a regular basis, but I found some on another site.
- Add N Edit Cookies
- Firebug
- Foxy Proxy
- Hackbar
- Header Monitor
- Noscript
- Poster
- Server Spy
- SQL Inject Me
- SSL Blacklist
- Tamper Data
- User Agent Switcher
- Web Developer
This is cool enough that I had to link it from somewhere
- Security Bookmarklets (http://ha.ckers.org/bookmarklets.html)
Wireless tools
TODO: learn to hack wireless. :)
Stuff I wrote
- See My Projects