I know everyone has their own programs they find useful for various things, wanting to compile a list of programs everyone suggests as useful. For any replies, please post the name of the program, link, and a quick description.
=================================
Compiled list as of Aug 14, 2011
=================================
Compiled list as of Aug 14, 2011
=================================
==========
Operating Systems/Live disks
==========
Backtrack 4 ( http://www.remote-exploit.org/backtrack.html ) Linux operating system, preloaded with some good programs. Great driver support for wireless cards which allow monitor mode
Knoppix Live CD ( http://www.knoppix.net/ ) Linux operating system, includes NTFS support
==========
Software
==========
Firefox ( http://www.mozilla.com/en-US/firefox/ ) Browser compatable with Windows, Mac OS X, and Linux. Suggested addons: firebug, tamper data, user agent switcher, IE Tab, torbutton, Keyscrambler Personal
Keyscrambler Personal ( http://www.qfxsoftware.com/Download.htm ) encrypts anything you type on a webpage: login, account numbers, passwords
Firebug ( https://addons.mozilla.org/en-US/firefox/addon/1843 ) Firebug allows you to do many different things with dom manipulation, and also allows you to see ajax requests as they are happening. The webpage you are looking at doesnt have jquery loaded? firebug will let you run javascript on the fly so you can do any javascript hacking you need, without refreshing the page.
Acunteix (http://www.acunetix.com/) Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities
AirCrack-ng ( http://www.aircrack-ng.org/doku.php ) 802.11 WEP and WPA-PSK keys cracking program
AirSnort ( http://airsnort.shmoo.com/ ) wireless LAN (WLAN) tool which recovers encryption keys
BeEF ( http://www.bindshell.net/tools/beef/ ) browser exploitation framework
bin2h ( http://www.mechcore.net/code/tools/bin2h.c ) Takes a binary file as input and spits out a C header with
the binary data as a char array. - Great when you are too lazy to make a decent file loader, or want the data embedded in the binary executable.
Cain and Abel ( http://www.oxid.it/cain.html ) password recovery tool for Microsoft Operating Systems
Core Impact (http://www.coresecurity.com/) CORE IMPACT Pro is a commercial-grade, automated penetration security testing software solution designed to allow organizations of all sizes to conduct comprehensive penetration testing across their infrastructure and applications.
dameware ( http://www.dameware.com/ ) Remote system management software for windows
ethereal ( http://www.ethereal.com/ ) extremely detailed and crafty sniffer
ettercap ( http://ettercap.sourceforge.net/ ) simple arp spoofing with lots of power
Exploit-Me ( http://www.securitycompass.com/exploitme.shtml ) suite of Firefox web application security testing
tools designed to be lightweight and easy to use
gdb ( http://www.gnu.org/software/gdb/ ) GNU Project debugger, allows you to see what is going on `inside' another program while it executes
GNU binutils ( http://www.gnu.org/software/ ) Includes gas, objcopy, objdump, c++filt, readelf and several others.
Graphviz ( http://www.graphviz.org/ ) Includes different tools to render graphs, both undirected as well as trees. I use `dot` mostly.
hping2 ( http://www.hping.org/ ) extremely versatile packet crafting good for network/firewall mapping
hte ( http://hte.sourceforge.net/ ) file editor/viewer/analyzer for executables
netcat/nc ( http://netcat.sourceforge.net/ ) networking utility which reads and writes data across network connections, using the TCP/IP protocol
L0pht Crack ( http://download.insecure.org/stf/lc5-setup.exe ) password auditing and recovery application, uses rainbow tables
lsof ( http://en.wikipedia.org/wiki/Lsof ) command meaning "list open files", which is used in many Unix-like systems
Nessus ( http://www.nessus.org/nessus/ ) vulnerability scanner
NetStumbler ( http://www.netstumbler.com/ ) wireless networking tool
nmap ( http://www.nmap.org/ ) utility for network exploration or security auditing
perl ( http://www.perl.org/ ) cross platform programming language
p0f ( http://freshmeat.net/projects/p0f/ ) full passive OS fingerprinting
pstools ( http://www.softpedia.com/progDownload/PsTools-Download-5353.html ) must have for physically
removing virii, spyware and other annoyances in windows.
pwdump ( http://www.foofus.net/fizzgig/pwdump/ ) if you have physical access to the box (windows)
Rainbow Crack ( http://project-rainbowcrack.com/ ) rainbow table based password/hash cracker
Retina Wireless Network Security Scanner ( http://www.eeye.com/ ) identifies known and zero day vulnerabilities
plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits
Retina Network Security Scanner ( http://www.eeye.com/ ) identifies known and zero day vulnerabilities plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits
SolarWinds LAN Toolset Enterprise v10 ( http://www.solarwinds.com/ ) Network Management Products
strace ( http://sourceforge.net/projects/strace/ ) system call tracer, i.e. a debugging tool which prints out a trace of all the system calls made by a another process/program
Vim - Everyone's (?) favorite editor!
VMWare ( http://www.vmware.com/ ) run virtual machines/multiple OS's simultaneously
WildPackets iNet Tools ( http://www.wildpackets.com/ ) iNet Tools, AiroPeek NX, OmniPeek Enterprise.
Network and application performance monitoring, analysis, and troubleshooting solutions
winhex ( http://www.x-ways.net/winhex/ ) good for data recovery
wireshark ( http://www.wireshark.org/ ) network protocol analyzer for Unix and Windows
-= Editors =-
KHexEdit ( http://home.online.no/~espensa/khexedit/ ) A decent hex editor.
dreamweaver ( http://www.adobe.com/products/dreamweaver/ ) make handeling web code less ugly and quicker
ZEND ( http://www.zend.com/ ) PHP Editor
Eclipse ( http://www.eclipse.org/ ) IDE
HexEdit ( ??? ) Someone posted this one without a link, and it's too common of a name for me to look it up
KHexEdit ( http://home.online.no/~espensa/khexedit/ ) A decent hex editor.
dreamweaver ( http://www.adobe.com/products/dreamweaver/ ) make handeling web code less ugly and quicker
ZEND ( http://www.zend.com/ ) PHP Editor
Eclipse ( http://www.eclipse.org/ ) IDE
HexEdit ( ??? ) Someone posted this one without a link, and it's too common of a name for me to look it up
-= Free HTML/text Editors =-
Notetab Light ( http://www.notetab.com/ ) tabbed text editor
Hapedit ( http://hapedit.free.fr/ ) Html Asp Php editor. syntax highlighting for php, asp, html, JavaScript, CSS and SQL. SQL console. FTP Manager.
Notepad++ ( http://notepad-plus.sourceforge.net/ ) tabbed text editor with syntax highlighting and plugins
PSPAD ( http://www.pspad.com/ ) tabbed text editor with syntax highlighting and many other features
TSW WebCoder ( http://www.tsware.net/products.php ) text editor with html/php syntax highlighting and intellisense/auto-suggest
HTML-Kit ( http://www.chami.com/html-kit/ ) text editor with html syntax highlighting and many other features
Notepad ( packed with MS Windows ) basic text editor for windows
Wordpad ( packed with MS Windows ) text editor with basic rich-text formatting ability
Notetab Light ( http://www.notetab.com/ ) tabbed text editor
Hapedit ( http://hapedit.free.fr/ ) Html Asp Php editor. syntax highlighting for php, asp, html, JavaScript, CSS and SQL. SQL console. FTP Manager.
Notepad++ ( http://notepad-plus.sourceforge.net/ ) tabbed text editor with syntax highlighting and plugins
PSPAD ( http://www.pspad.com/ ) tabbed text editor with syntax highlighting and many other features
TSW WebCoder ( http://www.tsware.net/products.php ) text editor with html/php syntax highlighting and intellisense/auto-suggest
HTML-Kit ( http://www.chami.com/html-kit/ ) text editor with html syntax highlighting and many other features
Notepad ( packed with MS Windows ) basic text editor for windows
Wordpad ( packed with MS Windows ) text editor with basic rich-text formatting ability
-= Free WYSIWYG's and Website Builders =-
Kompozer ( http://www.kompozer.net/ ) web authoring system that combines web file management and easy-to-use WYSIWYG web page editing
Trellian ( http://www.trellian.com/webpage/ ) wysiwyg HTML/CSS creator/editor
Kompozer ( http://www.kompozer.net/ ) web authoring system that combines web file management and easy-to-use WYSIWYG web page editing
Trellian ( http://www.trellian.com/webpage/ ) wysiwyg HTML/CSS creator/editor
==========
Links
==========
Links
==========
http://dnsstuff.com - handy for resolving addresses to looking through spam db's
http://www.domaintools.com/
http://www.SecurityFocus.com/
http://www.pointblanksecurity.com/wardriving-tools.php
http://www.wardriving.com/code.php
http://www.wardrive.net/security/tools/
http://packetstormsecurity.org/
http://www.i-hacked.com/
http://www.passcracking.com/
http://remote-exploit.org/codes_tools.html
http://www.metasploit.com/
tutorials - youtube type in the program (name) example (brutus-aet)
And the very elusive.... http://google.com
http://www.domaintools.com/
http://www.SecurityFocus.com/
http://www.pointblanksecurity.com/wardriving-tools.php
http://www.wardriving.com/code.php
http://www.wardrive.net/security/tools/
http://packetstormsecurity.org/
http://www.i-hacked.com/
http://www.passcracking.com/
http://remote-exploit.org/codes_tools.html
http://www.metasploit.com/
tutorials - youtube type in the program (name) example (brutus-aet)
And the very elusive.... http://google.com
taken from ROOTHACK
0 comments:
Post a Comment