| Astalavista Member |
Advanced Security Member Portal |
| |
Description: |
With over 12'000 members and 8000 tools,
Astalavista's Advanced Security Member Portal is the
largest security member portal in the world. A compact,
up-to-date and limitless security oracle is available
to all members. The best Tool ever! |
| Go to page: |
astalavista.net |
 |
| Nessus |
The premier Open Source vulnerability assessment
tool |
| |
Description: |
Nessus is a remote security scanner for Linux, BSD,
Solaris, and other Unices. It is plug-in-based, has
a GTK interface, and performs over 1200 remote security
checks. It allows for reports to be generated in HTML,
XML, LaTeX, and ASCII text, and suggests solutions
for security problems. |
| Download: |
nessus.org |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| Ethereal |
Sniffing the glue that holds the Internet together |
| |
Description: |
Ethereal is a free network protocol analyzer for
Unix and Windows. It allows you to examine data from
a live network or from a capture file on disk. You
can interactively browse the capture data, viewing
summary and detail information for each packet. Ethereal
has several powerful features, including a rich display
filter language and the ability to view the reconstructed
stream of a TCP session. A text-based version called
tethereal is included. |
| Download: |
ethereal.com |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
|
| Snort |
A free intrusion detection system (IDS) for the
masses |
| |
Description: |
Snort is a lightweight network intrusion detection
system, capable of performing real-time traffic analysis
and packet logging on IP networks. It can perform
protocol analysis, content searching/matching and
can be used to detect a variety of attacks and probes,
such as buffer overflows, stealth port scans, CGI
attacks, SMB probes, OS fingerprinting attempts, and
much more. Snort uses a flexible rule based language
to describe traffic that it should collect or pass,
and a modular detection engine. Many people also suggested
that the Analysis Console for Intrusion Databases
(ACID) be used with Snort. |
| Download: |
snort.org |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| Netcat |
The network swiss army knife |
| |
Description: |
A simple Unix utility which reads and writes data
across network connections, using TCP or UDP protocol.
It is designed to be a reliable "back-end"
tool that can be used directly or easily driven by
other programs and scripts. At the same time, it is
a feature-rich network debugging and exploration tool,
since it can create almost any kind of connection
you would need and has several interesting built-in
capabilities. |
| Download: |
atstake.com
|
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| TCPDump / WinDump |
The classic sniffer for network monitoring and data
acquisition |
| |
Description: |
Tcpdump is a well-known and well-loved text-based
network packet analyzer ("sniffer"). It
can be used to print out the headers of packets on
a network interface that matches a given expression.
You can use this tool to track down network problems
or to monitor network activities. There is a separate
Windows port named WinDump. TCPDump is also the source
of the Libpcap/WinPcap packet capture library, which
is used by Nmap among many other utilities. Note that
many users prefer the newer Ethereal sniffer. |
| Download: |
tcpdump.org
windump.polito.it |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| Hping2 |
A network probing utility like ping on steroids |
| |
Description: |
hping2 assembles and sends custom ICMP/UDP/TCP packets
and displays any replies. It was inspired by the ping
command, but offers far more control over the probes
sent. It also has a handy traceroute mode and supports
IP fragmentation. This tool is particularly useful
when trying to traceroute/ping/probe hosts behind
a firewall that blocks attempts using the standard
utilities. |
| Download: |
hping.org |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| DSniff |
A suite of powerful network auditing and penetration-testing
tools |
| |
Description: |
This popular and well-engineered suite by Dug Song
includes many tools. dsniff, filesnarf, mailsnarf,
msgsnarf, urlsnarf, and webspy passively monitor a
network for interesting data (passwords, e-mail, files,
etc.). arpspoof, dnsspoof, and macof facilitate the
interception of network traffic normally unavailable
to an attacker (e.g, due to layer-2 switching). sshmitm
and webmitm implement active monkey-in-the-middle
attacks against redirected SSH and HTTPS sessions
by exploiting weak bindings in ad-hoc PKI. |
| Download: |
Homepage |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| GFI LANguard |
A commercial network security scanner for Windows |
| |
Description: |
LANguard scans networks and reports information
such as service pack level of each machine, missing
security patches, open shares, open ports, services/applications
active on the computer, key registry entries, weak
passwords, users and groups, and more. Scan results
are outputted to an HTML report, which can be customized/queried.
Apparently a limited free version is available for
non-commercial/trial use. |
| Download: |
gfi.com/lannetscan/ |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware and Shareware Editions |
| |
| Ettercap |
In case you still thought switched LANs provide
much extra security |
| |
Description: |
Ettercap is a terminal-based network sniffer/interceptor/logger
for ethernet LANs. It supports active and passive
dissection of many protocols (even ciphered ones,
like SSH and HTTPS). Data injection in an established
connection and filtering on the fly is also possible,
keeping the connection synchronized. Many sniffing
modes were implemented to give you a powerful and
complete sniffing suite. Plugins are supported. It
has the ability to check whether you are in a switched
LAN or not, and to use OS fingerprints (active or
passive) to let you know the geometry of the LAN. |
| Download: |
ettercap.sourceforge.net |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| Whisker/Libwhisker |
Rain.Forest.Puppy's CGI vulnerability scanner and
library |
| |
Description: |
Whisker is a scanner which allows you to test HTTP
servers for many known security holes, particularly
the presence of dangerous CGIs. Libwhisker is a perl
library (used by Whisker) which allows for the creation
of custom HTTP scanners. If you wish to audit more
than just web servers, have a look at Nessus. |
| Download: |
wiretrip.net |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| John the Ripper |
An extraordinarily powerful, flexible, and fast
multi-platform password hash cracker |
| |
Description: |
John the Ripper is a fast password cracker, currently
available for many flavors of Unix (11 are officially
supported, not counting different architectures),
DOS, Win32, BeOS, and OpenVMS. Its primary purpose
is to detect weak Unix passwords. It supports several
crypt(3) password hash types which are most commonly
found on various Unix flavors, as well as Kerberos
AFS and Windows NT/2000/XP LM hashes. Several other
hash types are added with contributed patches. |
| Download: |
openwall.com/john/ |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| OpenSSH |
A secure way to access remote computers |
| |
Description: |
Ssh (Secure Shell) is a program for logging into
or executing commands on a remote machine. It provides
secure encrypted communications between two untrusted
hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over
the secure channel. It is intended as a replacement
for rlogin, rsh and rcp, and can be used to provide
rdist, and rsync with a secure communication channel.
OpenSSH is affiliated with the OpenBSD project, though
a portable version runs on most UNIX systems. Note
that the SSH.Com link above costs money for some uses,
while OpenSSH is always free. Windows users may want
to try the free PuTTY SSH Client or the nice terminal-based
port of OpenSSH that comes with Cygwin. There are
dozens of other clients (free or prorietary) available
for most platforms |
| Download: |
openssh.com
|
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| Sam Spade |
Freeware Windows network query tool |
| |
Description: |
SamSpade provides a consistent GUI and implementation
for many handy network query tasks. It was designed
with tracking down spammers in mind, but can be useful
for many other network exploration, administration,
and security tasks. It includes tools such as ping,
nslookup, whois, dig, traceroute, finger, raw HTTP
web browser, DNS zone transfer, SMTP relay check,
website search, and more. Non-Windows users can enjoy
online versions of many of their tools. |
| Download: |
samspade.org
|
Platform: |
Windows |
| License: |
Freeware |
| |
| ISS Internet Scanner |
Application-level vulnerability assessment |
| |
Description: |
Internet Scanner started off in '92 as a tiny Open
Source scanner by Christopher Klaus. Now he has grown
ISS into a billion-dollar company with a myriad of
security products. ISS Internet Scanner is pretty
good, but is not cheap. So companies on a tight budget
may wish to look at Nessus instead. A March 2003 Information
Security magazine review of 5 VA tools (including
these) is available here. Note that VA tools only
report vulnerabilities. Commercial tools for actually
exploiting them include CORE Impact and Dave Aitel's
Canvas. |
| Download: |
iss.net
download page
iss.net
|
Platform: |
Windows |
| License: |
Shareware |
| |
| Tripwire |
The grand-daddy of file integrity checkers |
| |
Description: |
A file and directory integrity checker. Tripwire
is a tool that aids system administrators and users
in monitoring a designated set of files for any changes.
Used with system files on a regular (e.g., daily)
basis, Tripwire can notify system administrators of
corrupted or tampered files, so damage control measures
can be taken in a timely manner. An Open Source Linux
version is freely available at Tripwire.Org. UNIX
users may also want to consider AIDE, which has been
designed to be a free Tripwire replacement. Or you
may wish to investigate Radmind. |
| Download: |
tripwire.com
|
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Shareware |
| |
| Nikto |
A more comprehensive web scanner |
| |
Description: |
Nikto is a web server scanner which looks for over
2000 potentially dangerous files/CGIs and problems
on over 200 servers. It uses LibWhisker but is generally
updated more frequently than Whisker itself. |
| Download: |
cirt.net
|
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| Kismet |
A powerful wireless sniffer |
| |
Description: |
Kismet is an 802.11b network sniffer and network
dissector. It is capable of sniffing using most wireless
cards, automatic network IP block detection via UDP,
ARP, and DHCP packets, Cisco equipment lists via Cisco
Discovery Protocol, weak cryptographic packet logging,
and Ethereal and tcpdump compatible packet dump files.
It also includes the ability to plot detected networks
and estimated network ranges on downloaded maps or
user supplied image files. Windows support is currently
preliminary, so those users may want to look at Netstumbler
if they run into trouble. Linux (and Linux PDAs like
Zaurus) users may wish to also look at the Wellenreiter
wireless scanner. |
| Download: |
kismetwireless.net |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| SuperScan |
Foundstone's Windows TCP port scanner |
| |
Description: |
A connect-based TCP port scanner, pinger and hostname
resolver. No source code is provided. It can handle
ping scans and port scans using specified IP ranges.
It can also connect to any discovered open port using
user-specified "helper" applications (e.g.
Telnet, Web browser, FTP). |
| Download: |
foundstone.com |
Platform: |
Windows |
| License: |
Freeware |
| |
| L0phtCrack |
(now called "LC4"): Windows password auditing
and recovery application |
| |
Description: |
L0phtCrack attempts to crack Windows passwords from
hashes which it can obtain (given proper access) from
stand-alone Windows NT/2000 workstations, networked
servers, primary domain controllers, or Active Directory.
In some cases it can sniff the hashes off the wire.
It also has numerous methods of generating password
guesses (dictionary, brute force, etc). L0phtcrack
currently costs 0/machine and no source code is provided.
Companies on a tight budget may want to look at John
the Ripper, Cain & Abel, and pwdump3. |
| Download: |
atstake.com |
Platform: |
Windows |
| License: |
Shareware |
| |
| Retina |
Commertial vulnerability assessment scanner by eEye |
| |
Description: |
Like Nessus and ISS Internet Scanner mentioned previously,
Retina's function is to scan all the hosts on a network
and report on any vulnerabilities found. |
| Download: |
eeye.com
download page
eeye.com |
Platform: |
Windows |
| License: |
Shareware |
| |
| Netfilter: |
The current Linux kernel packet filter/firewall |
| |
Description: |
Netfilter is a powerful packet filter which is implemented
in the standard Linux kernel. The userspace iptables
tool is used for configuration. It now supports packet
filtering (stateless or stateful), all different kinds
of NAT (Network Address Translation) and packet mangling.
For non-Linux platforms, see pf (OpenBSD), ipfilter
(many other UNIX variants), or even the Zone Alarm
personal firewall (Windows). |
| Download: |
http://www.netfilter.org/ |
Platform: |
Linux |
| License: |
GNU GPL |
| |
| traceroute/ping/telnet/whois |
The basics |
| |
Description: |
While there are many whiz-bang high-tech tools out
there to assist in security auditing, don't forget
about the basics! Everyone should be very familiar
with these tools as they come with most operating
systems (except that Windows omits whois and uses
the name tracert). They can be very handy in a pitch,
although for more advanced usage you may be better
off with Hping2 and Netcat. |
| Download: |
--- |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
GNU GPL |
| |
| Fport |
Foundstone's enhanced netstat |
| |
Description: |
fport reports all open TCP/IP and UDP ports on the
machine you run it on and shows what application opened
each port. So it can be used to quickly identify unknown
open ports and their associated applications. It only
runs on Windows, but many UNIX systems now provided
this information via netstat (try 'netstat -pan' on
Linux). |
| Download: |
foundstone.com |
Platform: |
Windows |
| License: |
Freeware |
| |
| SAINT |
Security Administrator's Integrated Network Tool |
| |
Description: |
Saint is another commercial vulnerability assessment
tool (like ISS Internet Scanner or eEye Retina). Unlike
those Windows-only tools, SAINT runs exclusively on
UNIX. Saint used to be free and open source, but is
now a commercial product. |
| Download: |
saintcorporation.com
download page
saintcorporation.com |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Shareware |
| |
| Network Stumbler |
Free Windows 802.11 Sniffer |
| |
Description: |
Netstumbler is the best known Windows tool for finding
open wireless access points ("wardriving").
They also distribute a WinCE version for PDAs and
such called Ministumbler. The tool is currently free
but Windows-only and no source code is provided. They
note that "the author reserves the right to change
this license agreement as he sees fit, without notice."
UNIX users (and advanced Win users) may want to look
at Kismet instead. |
| Download: |
stumbler.net |
Platform: |
Windows |
| License: |
Freeware |
| |
| SARA |
Security Auditor's Research Assistant |
| |
Description: |
SARA is a vulnerability assessment tool that was
derived from the infamous SATAN scanner. They try
to release updates twice a month and try to leverage
other software created by the open source community
(such as Nmap and Samba). |
| Download: |
www-arc.com/sara/ |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| N-Stealth |
Web server scanner |
| |
Description: |
N-Stealth is a commercial web server security scanner.
It is generally updated more frequently than free
web scanners such as whisker and nikto, but do take
their web site with a grain of salt. The claims of
"30,000 vulnerabilities and exploits" and
"Dozens of vulnerability checks are added every
day" are highly questionable. Also note that
essentially all general VA tools such as nessus, ISS,
Retina, SAINT, and SARA include web scanning components.
They may not all be as up-to-date or flexible though.
N-stealth is Windows only and no source code is provided. |
| Download: |
nstalker.com |
Platform: |
Windows |
| License: |
Shareware |
| |
| AirSnort |
802.11 WEP Encryption Cracking Tool |
| |
Description: |
AirSnort is a wireless LAN (WLAN) tool that recovers
encryption keys. It was developed by the Shmoo Group
and operates by passively monitoring transmissions,
computing the encryption key when enough packets have
been gathered. Windows support is still very preliminary. |
| Download: |
airsnort.shmoo.com |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| NBTScan |
Gathers NetBIOS info from Windows networks |
| |
Description: |
NBTscan is a program for scanning IP networks for
NetBIOS name information. It sends NetBIOS status
query to each address in supplied range and lists
received information in human readable form. For each
responded host it lists IP address, NetBIOS computer
name, logged-in user name and MAC address. |
| Download: |
inetcat.org/software/nbtscan.html |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| GnuPG / PGP |
Secure your files and communication w/advanced encryption |
| |
Description: |
PGP is the famous encryption program by Phil Zimmerman
which helps secure your data from eavesdroppers and
other risks. GnuPG is a very well-regarded open source
implentation of the PGP standard (the actual executable
is named gpg). While GnuPG is always free, PGP costs
money for some uses. |
| Download: |
gnupg.org
pgp.com |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware, Shareware |
| |
| Firewalk |
Advanced traceroute |
| |
Description: |
Firewalk employs traceroute-like techniques to analyze
IP packet responses to determine gateway ACL filters
and map networks. This classic tool was rewritten
from scratch in October 2002. Note that much or all
of this functionality can also be performed by the
Hping2 --traceroute option. |
| Download: |
packetfactory.net/projects/firewalk/ |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| Cain & Abel |
The poor man's L0phtcrack |
| |
Description: |
Cain & Abel is a free password recovery tool
for Microsoft Operating Systems. It allows easy recovery
of various kind of passwords by sniffing the network,
cracking encrypted passwords using Dictionary &
Brute-Force attacks, decoding scrambled passwords,
revealing password boxes, uncovering cached passwords
and analyzing routing protocols. Source code is not
provided. |
| Download: |
oxid.it/cain.html |
Platform: |
Windows |
| License: |
Freeware |
| |
| XProbe2 |
Active OS fingerprinting tool |
| |
Description: |
XProbe is a tool for determining the operating system
of a remote host. They do this using some of the same
techniques as Nmap as well as many different ideas.
Xprobe has always emphasized the ICMP protocol in
their fingerprinting approach. |
| Download: |
sys-security.com/html/projects/X.html |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| SolarWinds Toolsets |
A plethora of network discovery/monitoring/attack
tools |
| |
Description: |
SolarWinds has created and sells dozens of special-purpose
tools targetted at systems administrators. Security
related tools include many network discovery scanners
and an SNMP brute-force cracker. These tools are Windows
only, cost money, and do not include source code. |
| Download: |
solarwinds.net |
Platform: |
Windows |
| License: |
Freeware, Shareware |
| |
| NGrep |
Convenient packet matching & display |
| |
Description: |
ngrep strives to provide most of GNU grep's common
features, applying them to the network layer. ngrep
is a pcap-aware tool that will allow you to specify
extended regular or hexadecimal expressions to match
against data payloads of packets. It currently recognizes
TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI,
Token Ring and null interfaces, and understands bpf
filter logic in the same fashion as more common packet
sniffing tools, such as tcpdump and snoop. |
| Download: |
packetfactory.net/projects/ngrep/ |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| Perl / Python |
Portable, general-purpose scripting languages |
| |
Description: |
While many canned security tools are available on
this page for handling common tasks, it is important
to have the ability to write your own (or modify the
existing ones) when you need something more custom.
Perl and Python make it very easy to write quick,
portable scripts to test, exploit, or even fix systems!
Archives like CPAN are filled with modules such as
Net::RawIP and protocol implementations to make your
tasks even easier. |
| Download: |
perl.org
python.org |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| THC-Amap |
An application fingerprinting scanner |
| |
Description: |
Amap (by THC) is a new but powerful scanner which
probes each port to identify applications and services
rather than relying on static port mapping. |
| Download: |
thc.org |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| OpenSSL |
The premier SSL/TLS encryption library |
| |
Description: |
The OpenSSL Project is a collaborative effort to
develop a robust, commercial-grade, full-featured,
and Open Source toolkit implementing the Secure Sockets
Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols as well as a full-strength general purpose
cryptography library. The project is managed by a
worldwide community of volunteers that use the Internet
to communicate, plan, and develop the OpenSSL toolkit
and its related documentation. |
| Download: |
openssl.org |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| NTop |
A network traffic usage monitor |
| |
Description: |
Ntop shows network usage in a way similar to what
top does for processes. In interactive mode, it displays
the network status on the user's terminal. In Web
mode, it acts as a Web server, creating an HTML dump
of the network status. It sports a NetFlow/sFlow emitter/collector,
an HTTP-based client interface for creating ntop-centric
monitoring applications, and RRD for persistently
storing traffic statistics. |
| Download: |
ntop.org |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| Nemesis |
Packet injection simplified |
| |
Description: |
The Nemesis Project is designed to be a commandline-based,
portable human IP stack for UNIX/Linux (and now Windows!).
The suite is broken down by protocol, and should allow
for useful scripting of injected packet streams from
simple shell scripts. If you enjoy Nemesis, you might
also want to look at hping2. They complement each
other well. |
| Download: |
packetfactory.net/projects/nemesis/ |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| LSOF |
LiSt Open Files |
| |
Description: |
Lsof is an extremely powerful unix diagnostic tool.
Its name stands for LiSt Open Files, and it does just
that. It lists information about any files that are
open by processes currently running on the system.
It is useful for pinpointing which process is using
each network socket. FAQ available here. Changes:
Supports reporting of TCP flags, socket options, and
states. Adds support for OS X 10.3.2, improved POSIX
support, added compatability with newer OS's, and
fixed some bugs. |
| Download: |
Homepage |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| Hunt |
An advanced packet sniffing and connection intrusion
tool for Linux |
| |
Description: |
Hunt can watch TCP connections, intrude into them,
or reset them. Hunt is meant to be used on ethernet,
and has active mechanisms to sniff switched connections.
Advanced features include selective ARP relaying and
connection synchronization after attacks. If you like
Hunt, also take a look at Ettercap and Dsniff. |
| Download: |
lin.fsid.cvut.cz/~kra/index.html#HUNT |
Platform: |
Linux |
| License: |
Freeware |
| |
| Honeyd |
Your own personal honeynet |
| |
Description: |
Honeyd is a small daemon that creates virtual hosts
on a network. The hosts can be configured to run arbitrary
services, and their TCP personality can be adapted
so that they appear to be running certain versions
of operating systems. Honeyd enables a single host
to claim multiple addresses on a LAN for network simulation.
It is possible to ping the virtual machines, or to
traceroute them. Any type of service on the virtual
machine can be simulated according to a simple configuration
file. It is also possible to proxy services to another
machine rather than simulating them. |
| Download: |
citi.umich.edu/u/provos/honeyd/ |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| Achilles |
A Windows web attack proxy |
| |
Description: |
Achilles is a tool designed for testing the security
of web applications. Achilles is a proxy server, which
acts as a man-in-the-middle during an HTTP session.
A typical HTTP proxy will relay packets to and from
a client browser and a web server. Achilles will intercept
an HTTP session's data in either direction and give
the user the ability to alter the data before transmission.
For example, during a normal HTTP SSL connection a
typical proxy will relay the session between the server
and the client and allow the two end nodes to negotiate
SSL. In contrast, when in intercept mode, Achilles
will pretend to be the server and negotiate two SSL
sessions, one with the client browser and another
with the web server. As data is transmitted between
the two nodes, Achilles decrypts the data and gives
the user the ability to alter and/or log the data
in clear text before transmission. |
| Download: |
mavensecurity.com/achilles |
Platform: |
Windows |
| License: |
Freeware |
| |
| Stunnel |
A general-purpose SSL cryptographic wrapper |
| |
Description: |
The stunnel program is designed to work as an SSL
encryption wrapper between remote client and local
(inetd-startable) or remote server. It can be used
to add SSL functionality to commonly used inetd daemons
like POP2, POP3, and IMAP servers without any changes
in the programs' code. It will negotiate an SSL connection
using the OpenSSL or SSLeay libraries. |
| Download: |
stunnel.org |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| Paketto Keiretsu |
Extreme TCP/IP |
| |
Description: |
The Paketto Keiretsu is a collection of tools that
use new and unusual strategies for manipulating TCP/IP
networks. They tap functionality within existing infrastructure
and stretch protocols beyond what they were originally
intended for. It includes Scanrand, an unusually fast
network service and topology discovery system, Minewt,
a user space NAT/MAT router, linkcat, which presents
a Ethernet link to stdio, Paratrace, which traces
network paths without spawning new connections, and
Phentropy, which uses OpenQVIS to render arbitrary
amounts of entropy from data sources in three dimensional
phase space. Got all that? :). |
| Download: |
doxpara.com/read.php/code/paketto.html |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| Fragroute |
IDS systems' worst nightmare |
| |
Description: |
Fragroute intercepts, modifies, and rewrites egress
traffic, implementing most of the attacks described
in the Secure Networks IDS Evasion paper. It features
a simple ruleset language to delay, duplicate, drop,
fragment, overlap, print, reorder, segment, source-route,
or otherwise monkey with all outbound packets destined
for a target host, with minimal support for randomized
or probabilistic behaviour. This tool was written
in good faith to aid in the testing of intrusion detection
systems, firewalls, and basic TCP/IP stack behaviour.
Like Dsniff, and Libdnet, this excellent tool was
written by Dug Song. |
| Download: |
monkey.org/~dugsong/fragroute/ |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| SPIKE Proxy |
HTTP Hacking |
| |
Description: |
Spike Proxy is an open source HTTP proxy for finding
security flaws in web sites. It is part of the Spike
Application Testing Suite and supports automated SQL
injection detection, web site crawling, login form
brute forcing, overflow detection, and directory traversal
detection. |
| Download: |
ntop.org |
Platform: |
Windows, Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
| |
| THC-Hydra |
Parallized network authentication cracker |
| |
Description: |
This tool allows for rapid dictionary attacks against
network login systems, including FTP, POP3, IMAP,
Netbios, Telnet, HTTP Auth, LDAP NNTP, VNC, ICQ, Socks5,
PCNFS, and more. It includes SSL support and is apparently
now part of Nessus. Like Amap, this release is from
the fine folks at THC. |
| Download: |
ntop.org |
Platform: |
Linux, FreeBSD/NetBSD/OpenBSD and/or proprietary
UNIX systems (Solaris, HP-UX, IRIX, etc.) |
| License: |
Freeware |
[Free
Software] [Security Links]
[Security News] [Top
50 Security Tools] [About
Bureau 24] [Warranty]
[Privacy Policy] [Contact
Us] [Tech Newsletter]
[Terms and Conditions]
[Sitemap]
[Resources] |
