Difference between revisions of "Tools (Hacking)"
Jump to navigation
Jump to search
(One intermediate revision by the same user not shown) | |||
Line 79: | Line 79: | ||
==Stuff I wrote== | ==Stuff I wrote== | ||
* See [[My Projects#Security|My Projects]] | * See [[My Projects#Security|My Projects]] | ||
==Tools used by an unnamed organization== | |||
* Achilles Proxy | |||
* ActivePerl | |||
* Air Magnet | |||
* AirSnort | |||
* Algosec | |||
* amap | |||
* Appscan | |||
* ArCrack | |||
* Auditor | |||
* AutoIT | |||
* Brutus | |||
* Burp Proxy | |||
* Burp Suite | |||
* Cadaver | |||
* Cai & Abel | |||
* CAL9000 | |||
* Canvas Framework | |||
* CIS RAT | |||
* ClearSight | |||
* Core Impact | |||
* cURL | |||
* Cygwin | |||
* DAVexplorer | |||
* DiG | |||
* Dmitry | |||
* Dsniff | |||
* Enum | |||
* Ettercap | |||
* Fortify | |||
* Fping | |||
* Hping2, Hping3 | |||
* Hunt | |||
* Hydra | |||
* ikescan | |||
* Iptraf | |||
* Jad | |||
* JADE Proxy | |||
* JODE | |||
* John the Ripper | |||
* kismet | |||
* LdapMiner | |||
* MBSA | |||
* Metasploit | |||
* Nbtscan | |||
* Nemesis | |||
* Nessus | |||
* Netcat | |||
* Net-SNMP | |||
* NetStumbler | |||
* Nikto | |||
* Nmap | |||
* N-Stealth | |||
* OAT | |||
* OpenLDAP | |||
* OpenVAS | |||
* OpenVPN | |||
* Ophcrack | |||
* Paros | |||
* Pwdump | |||
* Python | |||
* Retina | |||
* Sandstorm | |||
* Scapy | |||
* ScreamingCSS | |||
* Sing | |||
* SiVuS | |||
* SmartProxy | |||
* Sniffit | |||
* Snmpscan | |||
* Solar Winds | |||
* Stunnel | |||
* SuperScan | |||
* Tcpdump | |||
* Telesweep | |||
* TSEnum | |||
* WebCracker | |||
* Webinspect | |||
* Wget | |||
* Wireshark |
Latest revision as of 16:05, 6 April 2010
Useful tools
This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ...
General (uncategorized)
- nmap
- nessus
- metasploit
- hping3
- netcat
- wireshark (ethereal)
- putty
- pstools
- RegMon/FileMon/procmon (from sysinternals)
- unix-privesc-check
- amap
- xprobe2
- ettercap
- BiLE.pl
- LfT
- Wireshark SSL cracker
- gsecdump
- p0f
- nbtscan
Enumeration/Passwords
- user2sid/sid2user
- enum
- fgdump
- pwdump
- cain&able
- rcrack (+tables)
- john
- hydra
- libssh2 0.11 (http://0xbadc0de.be/libssh/libssh-0.11.tgz)
- pshtoolkit (pass-the-hash toolkit)
- samba (w/ hash passing)
- SQLHack (to crack MySQL old_password entries)
Web
- DirBuster (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)
- nikto.pl
- paros
- Malzilla (http://malzilla.sourceforge.net/)
Stuff to investigate
- SMBProxy (http://www.cqure.net/wp/11/)
Useful Non-metasploit Exploits
- vmsplice (http://www.milw0rm.com/exploits/5093)
- Works well against Fedora Core 8
Firefox Addons
I don't actually use all these on a regular basis, but I found some on another site.
- Add & Edit Cookies
- Firebug
- Foxy Proxy
- Noscript
- Server Spy
- Tamper Data
- User Agent Switcher
- Web Developer
- SSL Blacklist
- Firebug
- Hackbar
- Header Monitor
- Poster
- SQL Inject Me
This is cool enough that I had to link it from somewhere
- Security Bookmarklets (http://ha.ckers.org/bookmarklets.html)
Wireless tools
TODO: learn to hack wireless. :)
Stuff I wrote
- See My Projects
Tools used by an unnamed organization
- Achilles Proxy
- ActivePerl
- Air Magnet
- AirSnort
- Algosec
- amap
- Appscan
- ArCrack
- Auditor
- AutoIT
- Brutus
- Burp Proxy
- Burp Suite
- Cadaver
- Cai & Abel
- CAL9000
- Canvas Framework
- CIS RAT
- ClearSight
- Core Impact
- cURL
- Cygwin
- DAVexplorer
- DiG
- Dmitry
- Dsniff
- Enum
- Ettercap
- Fortify
- Fping
- Hping2, Hping3
- Hunt
- Hydra
- ikescan
- Iptraf
- Jad
- JADE Proxy
- JODE
- John the Ripper
- kismet
- LdapMiner
- MBSA
- Metasploit
- Nbtscan
- Nemesis
- Nessus
- Netcat
- Net-SNMP
- NetStumbler
- Nikto
- Nmap
- N-Stealth
- OAT
- OpenLDAP
- OpenVAS
- OpenVPN
- Ophcrack
- Paros
- Pwdump
- Python
- Retina
- Sandstorm
- Scapy
- ScreamingCSS
- Sing
- SiVuS
- SmartProxy
- Sniffit
- Snmpscan
- Solar Winds
- Stunnel
- SuperScan
- Tcpdump
- Telesweep
- TSEnum
- WebCracker
- Webinspect
- Wget
- Wireshark