Top 10 Linux Accoutrement 1. nmap – Nmap (”Network Mapper”) is a chargeless accessible antecedent account for arrangement assay or aegis auditing. It was advised to rapidly browse ample networks, although it works accomplished adjoin distinct hosts. Nmap uses raw IP packets in atypical means to actuate what hosts are accessible on the network, what casework (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what blazon of packet filters/firewalls are in use, and dozens of added characteristics. Nmap runs on best types of computers and both animate and graphical versions are available.
2. Nikto – Nikto is an Accessible Antecedent (GPL) web server scanner which performs absolute tests adjoin web servers for assorted items, including over 3200 potentially alarming files/CGIs, versions on over 625 servers, and adaptation specific problems on over 230 servers. Browse items and plugins are frequently adapted and can be automatically adapted (if desired).
3. THC-Amap – Amap is a next-generation apparatus for assistingnetwork assimilation testing. It performs fast and reliable appliance agreement detection, independant on the TCP/UDP anchorage they are actuality apprenticed to.
4. Ethereal – Aerial is acclimated by arrangement professionals about the apple for troubleshooting, analysis,computer appliance and agreement development, and education. It has all of the accepted appearance you would apprehend in a agreement analyzer, and several appearance not apparent in any added product.
5. THC-Hydra – Number one of the better aegis holes are passwords, as every countersign aegis abstraction shows. Hydra is a parallized login cracker which supports abundant protocols to attack. New modules are accessible to add, beside that, it is adjustable and actual fast.
6. Metasploit Framework – The Metasploit Framework is an avant-garde open-source belvedere for developing, testing, and appliance accomplishment code. This activity initially started off as a carriageable arrangement bold and has acquired into a able apparatus for assimilation testing, accomplishment development, and vulnerability research.
7. John the Ripper – John the Ripper is a fast countersign cracker, currently accessible for abounding flavors of Unix (11 are clearly supported, not counting altered architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to ascertain anemic Unix passwords. Besides several crypt(3) countersign assortment types best frequently begin on assorted Unix flavors, authentic out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, additional several added with contributed patches.
8. Nessus – Nessus is the world’s best accepted vulnerability scanner acclimated in over 75,000 organisations world-wide. Abounding of the world’s better organisations are realising cogent amount accumulation by appliance Nessus to analysis business-critical action accessories and applications.
9. IRPAS – Internetwork Acquisition Agreement Beforehand Suite – Acquisition protocols are by analogue protocols, which are acclimated by routers to acquaint with anniversary added about means to bear baffled protocols, such as IP. While abounding improvements accept been done to the host aegis back the aboriginal canicule of the Internet, the amount of this arrangement still uses counterfeit casework for analytical communication.
10. Rainbowcrack – RainbowCrack is a accepted adduce accomplishing of Philippe Oechslin’s faster time-memory accommodation technique. In short, the RainbowCrack apparatus is a assortment cracker. A acceptable animal force cracker try all accessible plaintexts one by one in arise time. It is time arresting to breach circuitous countersign in this way. The abstraction of time-memory accommodation is to do all arise time ciphering in beforehand and abundance the aftereffect in files so alleged “rainbow table”.
Top 10 Windows Tools
1. Cain & Abel – Cain & Abel is a countersign accretion apparatus for the Microsoft Windows Operating System. It allows accessible accretion of assorted affectionate of passwords by sniffing the network, arise encrypted passwords appliance Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, adaptation accolade passwords, absolute countersign boxes, apprehension buried passwords and allegory acquisition protocols.
2. SuperScan – SuperScan is a able TCP anchorage scanner, pinger, resolver. SuperScan 4 (Current Version) is a completely-rewritten amend of the awful accepted Windows anchorage scanning tool, SuperScan.
3. GFI LANguard Arrangement Aegis Scanner – GFI LANguard N.S.S. is a arrangement vulnerability administering band-aid that scans your arrangement and performs over 15,000 vulnerability assessments. It identifies all accessible aegis threats and provides you with accoutrement to appliance and defended your network. GFI LANguard N.S.S. was voted Favorite Bartering Aegis Apparatus by NMAP users for 2 years alive and has been awash over 200,000 times!
4. Retina – Retina Arrangement Aegis Scanner, recognised as the industry accepted for vulnerability assessment, identifies accepted aegis vulnerabilities and assists in prioritising threats for remediation. Featuring fast, accurate, and non-intrusive scanning, users are able to defended their networks adjoin alike the best contempo of apparent vulnerabilities.
5. SamSpade – SamSpade provides a constant GUI and accomplishing for abounding accessible arrangement concern tasks. It was advised with tracking bottomward spammers in mind, but can be advantageous for abounding added arrangement exploration, administration, and aegis tasks. It includes accoutrement such as ping, nslookup, whois, dig, traceroute, finger, raw HTTP web browser, DNS area transfer, SMTP broadcast check, website search, and more.
6. N-Stealth – N-Stealth is a bartering web server aegis scanner. It is about adapted added frequently than chargeless web scanners such as barb and nikto, but you accept to pay for the privilege.
7. Solarwinds – Solarwinds contains abounding arrangement monitoring, analysis and beforehand tools. The avant-garde aegis accoutrement not alone analysis internet aegis with the SNMP Animal Force Beforehand and Dictionary Beforehand utilities but additionally validate the aegis on Cisco Routers with the Router Aegis Check. The Remote TCP Reset accidentally affectation all alive sessions on a accessory and the Countersign Decryption can break Blazon 7 Cisco Passwords. The Anchorage Scanner allows testing for accessible TCP ports beyond IP Address and anchorage ranges or alternative of specific machines and ports.
8. Achilles – The aboriginal about appear general-purpose web appliance aegis appraisal tool. Achilles acts as a HTTP/HTTPS proxy that allows a user to intercept, log, and adapt web cartage on the fly. Due to a cyber squatter, Achilles is no best online at its aboriginal home of www.Digizen-Security.com…OOPS!
9. CookieDigger - CookieDigger helps analyze anemic cookie bearing and afraid implementations of affair administering by web applications. The apparatus works by accession and allegory accolade issued by a web appliance for assorted users. The apparatus letters on the adequation and anarchy of the cookie and whether analytical information, such as user name and password, are included in the cookie values.
10. Netcat (The Arrangement SwissArmy Knife) – Netcat was originally a Unix account which reads and writes abstracts beyond arrangement connections, appliance TCP or UDP protocol. It is advised to be a reliable “back-end” apparatus that can be acclimated anon or calmly apprenticed by added programs and scripts. At the aforementioned time, it is a feature-rich arrangement debugging and assay tool, back it can actualize about any affectionate of affiliation you would charge and has several absorbing congenital capabilities.
| Nmap :- This tool developed by Fyodor is one of the best unix and windows based port scanners. This advanced port scanner has a number of useful arguments that gives user a lot of control over the process. http://www.insecure.org/nmap |
| Superscan :- A Windows-only port scanner, pinger, and resolver SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois. http://www.foundstone.com/ |
| Angry IP Scanner :- A fast windows IP scanner and port scanner. Angry IP Scanner can perform basic host discovery and port scans on Windows. Its binary file size is very small compared to other scanners and other pieces of information about the target hosts can be extended with a few plugins. http://www.angryziber.com/ipscan/ |
| Unicornscan :- Unicornscan is an attempt at a User-land Distributed TCP/IP stack for information gathering and correlation. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network. Some of its features include asynchronous stateless TCP scanning with all variations of TCP flags, asynchronous stateless TCP banner grabbing, and active/passive remote OS, application, and component identification by analyzing responses. http://www.unicornscan.org/ |
–: O.S. Fingerprinting Tools :–
| Nmap :- This tool developed by Fyodor is one of the best unix and windows based active os fingerprinting tool. http://www.insecure.org/nmap |
| P0f :- A passive OS fingerprinting tool. P0f is able to identify the operating system of a target host simply by examining captured packets even when the device in question is behind an overzealous packet firewall.P0f can detect firewall presence, NAT use, existence of load balancers, and more! http://lcamtuf.coredump.cx/p0f.shtml |
| Xprobe2 :- Active OS fingerprinting tool. XProbe is a tool for determining the operating system of a remote host. They do this using some of the same techniques as Nmap as well as some of their own ideas. Xprobe has always emphasized the ICMP protocol in its fingerprinting approach. http://www.sys-security.com/index.php?page=xprobe |
| Cain and Abel :- The top password recovery tool for Windows. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. http://www.oxid.it/cain.html |
| John the Ripper :- A powerful, flexible, and fast multi-platform password hash cracker. John the Ripper is a fast password cracker, currently available for many flavors of Unix, DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. http://www.openwall.com/john/ |
| THC Hydra :- A Fast network authentication cracker which support many different services. When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. http://www.thc.org/thc-hydra/ |
| L0phtcrack :- Windows password auditing and recovery application L0phtCrack, also known as LC5, attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows NT/2000 workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). http://www.l0pht.com |
| RainbowCrack :- An Innovative Password Hash Cracker. The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called “rainbow tables”. It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished. http://www.antsight.com/zsl/rainbowcrack/ |
| Brutus :- A network brute-force authentication cracker This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. http://www.hoobie.net/brutus/ |
| Nessus :- Premier UNIX vulnerability assessment tool Nessus is the best free network vulnerability scanner available, and the best to run on UNIX at any price. It is constantly updated, with more than 11,000 plugins for the free (but registration and EULA-acceptance required) feed. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. http://www.nessus.org/ |
| GFI LANguard :- A commercial network security scanner for Windows GFI LANguard scans IP networks to detect what machines are running. Then it tries to discern the host OS and what applications are running. I also tries to collect Windows machine’s service pack level, missing security patches, wireless access points, USB devices, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. Scan results are saved to an HTML report, which can be customized/queried. It also includes a patch manager which detects and installs missing patches. http://www.gfi.com/lannetscan/ |
| Retina :- Commercial vulnerability assessment scanner by eEye Like Nessus, Retina’s function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research. http://www.eeye.com/html/Products/Retina/index.html |
| Core Impact :- An automated, comprehensive penetration testing product. it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. http://www.coresecurity.com/products/coreimpact/ |
| ISS Internet Scanner :- Application-level vulnerability assessment Internet Scanner started off in ‘92 as a tiny open source scanner by Christopher Klaus. Now he has grown ISS into a billion-dollar company with a myriad of security products. http://www.iss.net/products_services/enterprise_protection /vulnerability_assessment/scanner_internet.php |
| Ethereal :- This (also known as Wireshark) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. http://www.ethereal.com/ |
| Kismet :- A powerful wireless sniffer. Kismet is a console based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing, and can even decloak hidden networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/TCPDump compatible format, and even plot detected networks and estimated ranges on downloaded maps. http://www.kismetwireless.net/ |
| Tcpdump :- The classic sniffer for network monitoring and data acquisition. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. TCPDump is the source of the Libpcap/WinPcap packet capture library. http://www.tcpdump.org/ |
| Ettercap :- Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN. http://ettercap.sourceforge.net/ |
| Dsniff :- A suite of powerful network auditing and penetration-testing tools. This popular and well-engineered suite by Dug Song includes many tools. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected ssh and https sessions by exploiting weak bindings in ad-hoc PKI. Overall, this is a great toolset. It handles pretty much all of your password sniffing needs. http://www.monkey.org/~dugsong/dsniff/ |
| GnuPG / PGP :- Secure your files and communication with the advanced encryption. PGP is the famous encryption program by Phil Zimmerman which helps secure your data from eavesdroppers and other risks. GnuPG is a very well-regarded open source implementation of the PGP standard (the actual executable is named gpg). While GnuPG is always free, PGP costs money for some uses. http://www.gnupg.org/ http://www.pgp.com/ |
| OpenSSL :- The premier SSL/TLS encryption library. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. http://www.openssl.org/ |
| Tor :- An anonymous Internet communication system Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, irc, ssh, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. http://tor.eff.org/ |
| Stunnel :- A general-purpose SSL cryptographic wrapper. The stunnel program is designed to work as an SSL encryption wrapper between remote client and local or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs’ code. http://www.stunnel.org/ |
| OpenVPN :- A full-featured SSL VPN solution. OpenVPN is an open-source SSL VPN package which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN uses OpenSSL as its primary cryptographic library. http://openvpn.net/ |
| TrueCrypt :- Open-Source Disk Encryption Software for Windows and Linux. TrueCrypt is an excellent open source disk encryption system. Users can encrypt entire filesystems, which are then on-the-fly encrypted/decrypted as needed without user intervention beyond entering their passphrase intially. A clever hidden volume feature allows you to hide a 2nd layer of particularly sensitive content with plausible deniability about whether it exists. Then if you are forced to give up your passphrase, you give them the first-level secret. Even with that, attackers cannot prove that a second level key even exists. http://www.truecrypt.org/ AFCEH TOP HACKING TOOLS LIST*Information Gathering MingSweeper Proxy Servers DOS Attacks Sniffers Password Cracking THC Hydra Visualroute Trojans HoneyPots Back Officer Friendly Security Audit Shell Accounts |
0 comments
Post a Comment