-
Dsniff : A suite of powerful network auditing and penetration-testing tools This popular and well-engineered suite by Dug Song includes many tools. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).…
-
Paros proxy
Paros proxy : A web application vulnerability assessment proxy A Java based web proxy for assessing web application vulnerability. It supports editing/viewing HTTP/HTTPS messages on-the-fly to change items such as cookies and form fields. It includes a web traffic recorder,…
-
THC Hydra
THC Hydra : A Fast network authentication cracker which support many different services When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then…
-
OpenSSH_PuTTY_SSH
OpenSSH / PuTTY / SSH : A secure way to access remote computers SSH (Secure Shell) is the now ubiquitous program for logging into or executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts…
-
Ping_telnet_dig_traceroute_whois_netstat
Ping/telnet/dig/traceroute/whois/netstat : The basics While there are many whiz-bang high-tech tools out there to assist in security auditing, don’t forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that…
-
Nikto
Nikto : A more comprehensive web scanner Nikto is an open source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific…
-
Ettercap
Ettercap : In case you still thought switched LANs provide much extra security Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection…