1. Nmap
I think everyone has heard of this one, recently evolved into the 4.x series.
Nmap
(“Network Mapper”) is a free open source utility for network
exploration or security auditing. It was designed to rapidly scan large
networks, although it works fine against single hosts. Nmap uses raw IP
packets in novel ways to determine what hosts are available on the
network, what services (application name and version) those hosts are
offering, what operating systems (and OS versions) they are running,
what type of packet filters/firewalls are in use, and dozens of other
characteristics. Nmap runs on most types of computers and both console
and graphical versions are available. Nmap is free and open source.
2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works with a client-server framework.
Nessus is the world’s most popular vundra vulnerability scanner used
in over 75,000 organizations world-wide. Many of the world’s largest
organizations are realizing significant cost savings by using Nessus to
audit business-critical enterprise devices and applications.
3. John the Ripper
John
the Ripper is a fast password cracker, currently available for many
flavors of Unix (11 are officially supported, not counting different
architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to
detect weak Unix passwords. Besides several crypt(3) password hash
types most commonly found on various Unix flavors, supported out of the
box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several
more with contributed patches.
4. Nikto
Nikto
is an Open Source (GPL) web server scanner which performs comprehensive
tests against web servers for multiple items, including over 3200
potentially dangerous files/CGIs, versions on over 625 servers, and
version specific problems on over 230 servers. Scan items and plugins
are frequently updated and can be automatically updated (if desired).
Nikto
is a good CGI scanner, there are some other tools that go well with
Nikto (focus on http fingerprinting or Google hacking/info gathering
etc, another article for just those).
5. SuperScan
Powerful
TCP port scanner, pinger, resolver. SuperScan 4 is an update of the
highly popular Windows port scanning tool, SuperScan.
If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.
6. p0f
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
– machines that connect to your box (SYN mode),
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
7. Wireshark (Formely Ethereal)
Wireshark
is a GTK+-based network protocol analyzer, or sniffer, that lets you
capture and interactively browse the contents of network frames. The
goal of the project is to create a commercial-quality analyzer for Unix
and to give Wireshark features that are missing from closed-source
sniffers.
Works
great on both Linux and Windows (with a GUI), easy to use and can
reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
8. Yersinia
Yersinia
is a network tool designed to take advantage of some weakeness in
different Layer 2 protocols. It pretends to be a solid framework for
analyzing and testing the deployed networks and systems. Currently, the
following network protocols are implemented: Spanning Tree Protocol
(STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP),
Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol
(HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking
Protocol (VTP).
The best Layer 2 kit there is.
9. Eraser
Eraser is an advanced security tool (for Windows),
which allows you to completely remove sensitive data from your hard
drive by overwriting it several times with carefully selected patterns.
Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free
software and its source code is released under GNU General Public
License.
An
excellent tool for keeping your data really safe, if you’ve deleted
it..make sure it’s really gone, you don’t want it hanging around to bite
you in the ass.
PuTTY
is a free implementation of Telnet and SSH for Win32 and Unix
platforms, along with an xterm terminal emulator. A must have for any
h4x0r wanting to telnet or SSH from Windows without having to use the
crappy default MS command line clients.
0 comments:
Post a Comment