Difference between revisions of "Tools (Hacking)"

From SkullSecurity
Jump to: navigation, search
(New page: * Dead-Simple Relay)
 
(Tools used by an unnamed organization)
 
(30 intermediate revisions by the same user not shown)
Line 1: Line 1:
* [[Dead-Simple Relay]]
+
==Useful tools==
 +
This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ...
 +
 
 +
===General (uncategorized)===
 +
* [http://www.insecure.org nmap]
 +
* [http://www.nessus.org nessus]
 +
* [http://www.metasploit.com metasploit]
 +
* [http://www.hping.org/ hping3]
 +
* [http://netcat.sourceforge.net/ netcat]
 +
* [http://www.wireshark.org wireshark] (ethereal)
 +
* [http://www.chiark.greenend.org.uk/~sgtatham/putty/ putty]
 +
* [http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx pstools]
 +
* [http://technet.microsoft.com/en-us/sysinternals/bb896652.aspx RegMon]/[http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx FileMon]/[http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx procmon] (from sysinternals)
 +
* [http://pentestmonkey.net/tools/unix-privesc-check/ unix-privesc-check]
 +
* [http://freeworld.thc.org/thc-amap/ amap]
 +
* [http://xprobe.sourceforge.net/ xprobe2]
 +
* [http://ettercap.sourceforge.net/ ettercap]
 +
* [http://www.vulnerabilityassessment.co.uk/bile.htm BiLE.pl]
 +
* [http://www.askapache.com/tools/lft-traceroute-tool.html LfT]
 +
* [http://www.lucianobello.com.ar/exploiting_DSA-1571/ Wireshark SSL cracker]
 +
* [http://www.truesec.com/PublicStore/catalog/categoryinfo.aspx?cid=223 gsecdump]
 +
* [http://lcamtuf.coredump.cx/p0f.shtml p0f]
 +
* [http://www.inetcat.net/software/nbtscan.html nbtscan]
 +
 
 +
===Enumeration/Passwords===
 +
* user2sid/sid2user
 +
* enum
 +
* fgdump
 +
* pwdump
 +
* cain&able
 +
* rcrack (+tables)
 +
* john
 +
* hydra
 +
** libssh2 0.11 (http://0xbadc0de.be/libssh/libssh-0.11.tgz)
 +
* pshtoolkit (pass-the-hash toolkit)
 +
* samba (w/ hash passing)
 +
** Slackware source: http://slackware.mirrors.tds.net/pub/slackware/slackware-12.1/source/n/samba/
 +
** Patch: http://www.foofus.net/jmk/passhash.html
 +
* [http://sqlhack.com/poc.html SQLHack] (to crack MySQL old_password entries)
 +
 
 +
===Web===
 +
* DirBuster (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)
 +
* nikto.pl
 +
* paros
 +
* Malzilla (http://malzilla.sourceforge.net/)
 +
 
 +
==Stuff to investigate==
 +
* SMBProxy (http://www.cqure.net/wp/11/)
 +
 
 +
==Useful Non-metasploit Exploits==
 +
* vmsplice (http://www.milw0rm.com/exploits/5093)
 +
** Works well against Fedora Core 8
 +
 
 +
==Firefox Addons==
 +
I don't actually use all these on a regular basis, but I found some on another site.
 +
* [https://addons.mozilla.org/en-US/firefox/addon/573 Add & Edit Cookies]
 +
* [https://addons.mozilla.org/en-US/firefox/addon/1843 Firebug]
 +
* [https://addons.mozilla.org/en-US/firefox/addon/2464 Foxy Proxy]
 +
* [https://addons.mozilla.org/en-US/firefox/addon/722 Noscript]
 +
* [https://addons.mozilla.org/en-US/firefox/addon/2036 Server Spy]
 +
* [https://addons.mozilla.org/en-US/firefox/addon/966 Tamper Data]
 +
* [https://addons.mozilla.org/en-US/firefox/addon/59 User Agent Switcher]
 +
* [https://addons.mozilla.org/en-US/firefox/addon/60 Web Developer]
 +
* [http://codefromthe70s.org/sslblacklist.aspx SSL Blacklist]
 +
* Firebug
 +
* Hackbar
 +
* Header Monitor
 +
* Poster
 +
* SQL Inject Me
 +
 
 +
 
 +
 
 +
This is cool enough that I had to link it from somewhere
 +
* Security Bookmarklets (http://ha.ckers.org/bookmarklets.html)
 +
 
 +
==Wireless tools==
 +
TODO: learn to hack wireless. :)
 +
 
 +
==Stuff I wrote==
 +
* See [[My Projects#Security|My Projects]]
 +
 
 +
==Tools used by an unnamed organization==
 +
* Achilles Proxy
 +
* ActivePerl
 +
* Air Magnet
 +
* AirSnort
 +
* Algosec
 +
* amap
 +
* Appscan
 +
* ArCrack
 +
* Auditor
 +
* AutoIT
 +
* Brutus
 +
* Burp Proxy
 +
* Burp Suite
 +
* Cadaver
 +
* Cai & Abel
 +
* CAL9000
 +
* Canvas Framework
 +
* CIS RAT
 +
* ClearSight
 +
* Core Impact
 +
* cURL
 +
* Cygwin
 +
* DAVexplorer
 +
* DiG
 +
* Dmitry
 +
* Dsniff
 +
* Enum
 +
* Ettercap
 +
* Fortify
 +
* Fping
 +
* Hping2, Hping3
 +
* Hunt
 +
* Hydra
 +
* ikescan
 +
* Iptraf
 +
* Jad
 +
* JADE Proxy
 +
* JODE
 +
* John the Ripper
 +
* kismet
 +
* LdapMiner
 +
* MBSA
 +
* Metasploit
 +
* Nbtscan
 +
* Nemesis
 +
* Nessus
 +
* Netcat
 +
* Net-SNMP
 +
* NetStumbler
 +
* Nikto
 +
* Nmap
 +
* N-Stealth
 +
* OAT
 +
* OpenLDAP
 +
* OpenVAS
 +
* OpenVPN
 +
* Ophcrack
 +
* Paros
 +
* Pwdump
 +
* Python
 +
* Retina
 +
* Sandstorm
 +
* Scapy
 +
* ScreamingCSS
 +
* Sing
 +
* SiVuS
 +
* SmartProxy
 +
* Sniffit
 +
* Snmpscan
 +
* Solar Winds
 +
* Stunnel
 +
* SuperScan
 +
* Tcpdump
 +
* Telesweep
 +
* TSEnum
 +
* WebCracker
 +
* Webinspect
 +
* Wget
 +
* Wireshark

Latest revision as of 16:05, 6 April 2010

Useful tools

This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ...

General (uncategorized)

Enumeration/Passwords

Web

Stuff to investigate

Useful Non-metasploit Exploits

Firefox Addons

I don't actually use all these on a regular basis, but I found some on another site.


This is cool enough that I had to link it from somewhere

Wireless tools

TODO: learn to hack wireless. :)

Stuff I wrote

Tools used by an unnamed organization

  • Achilles Proxy
  • ActivePerl
  • Air Magnet
  • AirSnort
  • Algosec
  • amap
  • Appscan
  • ArCrack
  • Auditor
  • AutoIT
  • Brutus
  • Burp Proxy
  • Burp Suite
  • Cadaver
  • Cai & Abel
  • CAL9000
  • Canvas Framework
  • CIS RAT
  • ClearSight
  • Core Impact
  • cURL
  • Cygwin
  • DAVexplorer
  • DiG
  • Dmitry
  • Dsniff
  • Enum
  • Ettercap
  • Fortify
  • Fping
  • Hping2, Hping3
  • Hunt
  • Hydra
  • ikescan
  • Iptraf
  • Jad
  • JADE Proxy
  • JODE
  • John the Ripper
  • kismet
  • LdapMiner
  • MBSA
  • Metasploit
  • Nbtscan
  • Nemesis
  • Nessus
  • Netcat
  • Net-SNMP
  • NetStumbler
  • Nikto
  • Nmap
  • N-Stealth
  • OAT
  • OpenLDAP
  • OpenVAS
  • OpenVPN
  • Ophcrack
  • Paros
  • Pwdump
  • Python
  • Retina
  • Sandstorm
  • Scapy
  • ScreamingCSS
  • Sing
  • SiVuS
  • SmartProxy
  • Sniffit
  • Snmpscan
  • Solar Winds
  • Stunnel
  • SuperScan
  • Tcpdump
  • Telesweep
  • TSEnum
  • WebCracker
  • Webinspect
  • Wget
  • Wireshark