security:security-tools

Security-Tools

Links

Tools

  • BOSS (BSI OSS Security Suite)
  • Core Impact (Core Technologies)
  • AppScan (Watchfire)
  • CANVAS
  • SAINT
  • ISS scanner
  • QualysGuard
  • WebInspect (SpI Dynamics)

Encryption

Bcrypt (AES-Crypto) |

Portscanner

Sniffer

  • tcpdump
  • kismet
  • wireshark: Grafische Oberfläche, braucht X-Server; Consolenversion unter dem Namen tshark

Consolentools kann man nützlich mit anderen Programmen verbinden: 

tcpdump | ngrep -q GET

vulnerability Scanner

Amap (THC):Service ident | Tecchannel Link | Nessus | Nikto Vulnerability Scanner Homepage|

Brute-force

tecchannel-Übersicht Default-password-list Hydra (THC) | John the Ripper | Ophcrack (mehr tables) geht auch von USB |

http://www.tecchannel.de/sicherheit/grundlagen/431419/index3.html

Attacking

  • Ettercap läuft über n-curses (shell) oder gtk (grafisch), Angriffe enthalten (z.B. man-in-the-middle
  • DSniff: DSniff - eine Sammlung von tools für z.B. das Ausspähen von Passwörtern oder Angriffe.
  • Metasploit Framework
  • Toolkit 101
  • PMD

Pocket PC

Pen-testing Tools for the Pocket PC

ungeordnete Liste von Tools

Footprinting

  • Greenwhich
  • Whois
  • Gnetutil (Network Utilities)
  • Itrace (ICMP traceroute)
  • Tctrace (TCP traceroute)
  • Traceroute
  • DNSwalk (DNS verification)
  • Dig (DNS lookup)
  • Host (DNS lookup)
  • NSTXCD (IP over DNS client)
  • NSTXD (IP over DNS server)
  • Oxyman (DNS tunnel)
  • Socat (Socket Cat)
  • Stunnel (Universal SSL tunnel)
  • Arpfetch (SNMP ARP/IP fetcher)
  • SNMPWalk (SNMP tree walk)
  • TKMib (Mib browser)
  • Komba2 (KDE SMB browser)
  • LinNeighborhood (Graphical SMB browser)
  • Net utils (NET utilities)
  • SMBClient (SMB client)
  • SMBGet (SMB downloader)
  • Smb4K (SMB share browser)
  • Xsmbrowser (Graphical SMB browser)
  • nmblookup (Netbios name lookup)
  • smbdumpusers (User browser)
  • smbgetserverinfo (Get server info)
  • Cheops (Network neighborhood)
  • NTP-fingerprint (Detection based on ntp fingerprint)
  • Nmap (Network scanner)
  • NmapFE (Graphical network scanner)
  • P0f (Passive OS fingerprinting)
  • Queso (OS detection)
  • XProbe2 (OS detection)

Scanning

  • Cisco global exploiter (Cisco scanner)
  • Cisco torch (Cisco oriented scanner)
  • ExploitTree search (ExploitTree collection)
  • Metasploit (Metasploit commandline)
  • Metasploit (Metasploit console GUI)
  • Metasploit (Metasploit web interface)
  • Nessus (Security Scanner)
  • Raccess (Remote scanner)
  • Httprint (Webserver fingerprinting)
  • Nikto (Webserer scanner)
  • Stunnel (Universal SSL tunnel)
  • Cheops (Network neighborhood)
  • GTK-Knocker (Simple GUI portscanner)
  • IKE-Scan (IKE scanner)
  • Knocker (Simple portscanner)
  • Netenum (Pingsweep)
  • Netmask (Requests netmask)
  • Nmap (Network scanner)
  • NmapFE (Graphical network scanner)
  • Proxychains (Proxifier)
  • Scanrand (Stateless scanner)
  • Timestamp (Requests timestamp)
  • Unicornscan (Fast port scanner)
  • Isrscan (Source routed packets scanner)
  • Amap (Application identification)
  • Bed.pl (Application fuzzer)
  • SNMP-Fuzzer (SNMP protocol fuzzer)
  • ScanSSH (SSH identification)
  • Nbtscan (Netbios scanner)
  • SMB-Nat (SMB access scanner)
  • Ozyman (DNS tunnel)
  • Ass (Autonomous system scanner)
  • Protos (Protocol identification)

Analyzer

  • AIM-SNIFF (AIM sniffer)
  • Driftnet (Image sniffer)
  • Mailsnarf (Mail sniffer)
  • Paros (HTTP interception proxy)
  • URLsnarf (URL sniffer)
  • smbspy (SMB sniffer)
  • Etherape (Network monitor)
  • Ethereal (Network analyzer)
  • Ettercap (Sniffer/Interceptor/Logger)
  • Hunt (Sniffer/Interceptor)
  • IPTraf (Traffic monitor)
  • NGrep (Network grep)
  • NetSed (Network edit)
  • SSLDump (SSLv3/TLS analyzer)
  • Sniffit (Sniffer)
  • TcPick (Packet stream editor)
  • Dsniff (Password sniffer)

Spoofing

  • Arpspoof (ARP spoofer)
  • Macof (ARP spoofer/generator)
  • Nemesis-ARP (ARP packet generator)
  • Nemesis-Ethernet (Ethernet packet generator)
  • CDP (CDP generator)
  • DNSSpoof (DNS spoofer)
  • Nemesis-DNS (DNS packet generator)
  • DHCPX (DHCP flooder)
  • Hping2 (Packet generator)
  • ICMPRedirect (ICMP redirect packet generator)
  • ICMPUSH (ICMP packet generator)
  • Nemesis-ICMP (ICMP packet generator)
  • Packit (Traffic inject/modify)
  • TcPick (Packet stream editor)
  • Yersinia (Layer 2 protocol injector)
  • Fragroute (Egress rewrite)
  • HSRP (HSRP generator)
  • IGRP (IGRP injector)
  • IRDP (IRDP generator)
  • IRDPresponder (IRDP response generator)
  • Nemesis-IGMP (IGMP generator)
  • Nemesis-RIP (RIP generator)
  • File2Cable (Traffic replay)
  • Fragrouter (IDS evasion toolkit)
  • Nemesis-IP (IP packet generator)
  • Nemesis-TCP (TCP packet generator)
  • Nemesis-UDP (UDP traffic generator)
  • SendIP (IP packet generator)
  • TCPReplay (Traffic replay
  • Etherwake (Generate wake-on-LAN)

Bluetooth

  • BTScanner (Bluetooth scanner)
  • Bluesnarfer (Bluesnarf attack)
  • Ghettotooth (Bluetooth scanner)
  • Kandy (Mobile phone tool)
  • Obexftp (Obexftp client)
  • Phone manager
  • RFComm (Bluetooth serial)
  • RedFang (Bluetooth bruteforce)
  • USSP-Push (Obex-push)
  • XMinicom (Terminal)

Wireless

  • apmode.sh (Act as accesspoint)
  • Airpwn (Client penetration)
  • Hotspotter (Client penetration)
  • GpsDrive
  • start-gps-daemon (GPS daemon)
  • stop-gps-daemon (GPS daemon)
  • ASLeap (LEAP/PPTP cracker)
  • Genkeys (Hash generator for ASLeap)
  • Airforge
  • File2air (Packet injector)
  • Void11
  • Void11-Hopper (Channel hopper)
  • GKismet (Graphical wireless scanner)
  • GPSMAP (wireless mapping)
  • KLV (Kismet Log Viewer)
  • Kismet (Ncurses wireless scanner)
  • Wellenreiter (Graphical Wireless scanner)
  • 802ether (Dumpfile format convertor)
  • airodump (Traffic recorder)
  • aircrack (Modern WEP cracker)
  • Aireplay (Wireless packet injector)
  • Wep_Crack (Wep Cracker)
  • Wep_Decrypt (Decrypt dump files)
  • Airsnort (GUI based WEP cracker)
  • ChopChop (Active WEP attack)
  • DWEPCrack (WEP cracker)
  • Decrypt (Dump file decrypter)
  • WEPAttack (Dictionary attack)
  • WEPlab (Modern WEP cracker)
  • Cowpatty (WPA PSK bruteforcer)
  • changemac.sh (MAC address changer)

Bruteforce

  • ADMsnmp (SNMP bruteforce)
  • Guess-who (SSH bruteforc)
  • Hydra (Multi purpose bruteforce)
  • K0ldS (LDAP bruteforce)
  • Obiwan III (HTTP bruteforce)
  • SMB-Nat (SMB access scanner)
  • TFTP-bruteforce
  • VNCrack (VNC bruteforce)
  • Xhydra (Graphical bruteforcer

Password cracker

  • BKHive (SAM recovery)
  • Fcrackzip (Zip password cracker)
  • John (Multi-purpose password cracker)
  • Default password list
  • Nasty (GPG secret key cracker)
  • Rainbowcrack (Hash cracker)
  • Samdump2 (SAM file dumper)
  • Wordlists (Collection of wordlists)

Forensics

  • Autopsy (Forensic GUI)
  • Recover (Ext2 file recovery)
  • Testdisk (Partition scanner)
  • Wipe (Securely delete files)

Honeypot

  • Honeyd (Honeypot)
  • IISEmulator (Honeypot)
  • Tinyhoneypot (Simple honeypot)