Tools (Hacking)
Revision as of 16:05, 6 April 2010 by Ron (talk | contribs) (→Tools used by an unnamed organization)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Useful tools
This is my attempt to maintain a list of tools. I might eventually sort it by OS or purpose or whatever, but eh? Note that I'm not including wireless tools in this list. So, in no particular order, ...
General (uncategorized)
- nmap
- nessus
- metasploit
- hping3
- netcat
- wireshark (ethereal)
- putty
- pstools
- RegMon/FileMon/procmon (from sysinternals)
- unix-privesc-check
- amap
- xprobe2
- ettercap
- BiLE.pl
- LfT
- Wireshark SSL cracker
- gsecdump
- p0f
- nbtscan
Enumeration/Passwords
- user2sid/sid2user
- enum
- fgdump
- pwdump
- cain&able
- rcrack (+tables)
- john
- hydra
- libssh2 0.11 (http://0xbadc0de.be/libssh/libssh-0.11.tgz)
- pshtoolkit (pass-the-hash toolkit)
- samba (w/ hash passing)
- SQLHack (to crack MySQL old_password entries)
Web
- DirBuster (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)
- nikto.pl
- paros
- Malzilla (http://malzilla.sourceforge.net/)
Stuff to investigate
- SMBProxy (http://www.cqure.net/wp/11/)
Useful Non-metasploit Exploits
- vmsplice (http://www.milw0rm.com/exploits/5093)
- Works well against Fedora Core 8
Firefox Addons
I don't actually use all these on a regular basis, but I found some on another site.
- Add & Edit Cookies
- Firebug
- Foxy Proxy
- Noscript
- Server Spy
- Tamper Data
- User Agent Switcher
- Web Developer
- SSL Blacklist
- Firebug
- Hackbar
- Header Monitor
- Poster
- SQL Inject Me
This is cool enough that I had to link it from somewhere
- Security Bookmarklets (http://ha.ckers.org/bookmarklets.html)
Wireless tools
TODO: learn to hack wireless. :)
Stuff I wrote
- See My Projects
Tools used by an unnamed organization
- Achilles Proxy
- ActivePerl
- Air Magnet
- AirSnort
- Algosec
- amap
- Appscan
- ArCrack
- Auditor
- AutoIT
- Brutus
- Burp Proxy
- Burp Suite
- Cadaver
- Cai & Abel
- CAL9000
- Canvas Framework
- CIS RAT
- ClearSight
- Core Impact
- cURL
- Cygwin
- DAVexplorer
- DiG
- Dmitry
- Dsniff
- Enum
- Ettercap
- Fortify
- Fping
- Hping2, Hping3
- Hunt
- Hydra
- ikescan
- Iptraf
- Jad
- JADE Proxy
- JODE
- John the Ripper
- kismet
- LdapMiner
- MBSA
- Metasploit
- Nbtscan
- Nemesis
- Nessus
- Netcat
- Net-SNMP
- NetStumbler
- Nikto
- Nmap
- N-Stealth
- OAT
- OpenLDAP
- OpenVAS
- OpenVPN
- Ophcrack
- Paros
- Pwdump
- Python
- Retina
- Sandstorm
- Scapy
- ScreamingCSS
- Sing
- SiVuS
- SmartProxy
- Sniffit
- Snmpscan
- Solar Winds
- Stunnel
- SuperScan
- Tcpdump
- Telesweep
- TSEnum
- WebCracker
- Webinspect
- Wget
- Wireshark