'John the ripper'에 해당되는 글 4건

  1. 2011.04.29 John the Ripper password cracker update (1)
  2. 2010.08.22 BEST TOOLS EVER (UPDATED)
  3. 2010.06.23 Top 100 Network Security Tools
2011.04.29 13:33

John the Ripper password cracker update

This is the change log for JtR version 1.7.7:

  • Added Intel AVX and AMD XOP instruction sets support for bitslice DES (with C compiler intrinsics). New make targets: linux-x86-64-avx, linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent versions of GCC and GNU binutils).
  • A “dummy” “format” is now supported (plaintext passwords encoded in hexadecimal and prefixed with “$dummy$”) – for faster testing and tuning of custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of John itself.
  • Apache “$apr1$” MD5-based password hashes are now supported along with the FreeBSD-style MD5-based crypt(3) hashes that were supported previously. Hashes of both of these types may be loaded for cracking simultaneously.
  • The “–salts” option threshold is now applied before removal of previously cracked hashes for consistent behavior with interrupted and continued sessions. (Suggested by magnum.)
    The “Idle = Y” setting (which is the default) is now ignored for OpenMP-enabled hash types when the actual number of threads is greater than 1. (Unfortunately, it did not work right at least with GNU libgomp on Linux.)
  • When a cracking session terminates or is interrupted, John will now warn the user if the cracked passwords printed to the terminal while cracking are potentially incomplete. It will advise the user to use the “–show” option to see the complete set of cracked passwords with proper post-processing.
  • When loading hashes specified on a line on their own (feature introduced in 1.7.6), the loader will now ignore leading and trailing whitespace.
  • Unless a hash type is forced from the command line, the loader will now print warnings about additional hash types seen in the input files (beyond the hash type autodetected initially).
  • For use primarily by the jumbo patch (and later by future enhancements to the official versions as well), the loader now includes logic to warn the user of ambiguous hash encodings (e.g. LM vs. NTLM vs. raw-MD5, all of which may be represented as 32 hexadecimal characters) and of excessive partial hash collisions, which it works around (these are typically caused by an incomplete implementation of a new hash type).
  • The “unique” and “unshadow” programs have been made significantly faster.
  • “DateTime”, “Repeats”, “Subsets”, “AtLeast1-Simple”, “AtLeast1-Generic”, and “Policy” external mode samples have been added to the default john.conf.
  • The self-tests have been enhanced to detect more kinds of program bugs.
  • A few minor bug fixes and enhancements were made.

This version has been sponsered by Rapid7.

Download John the Ripper v1.7.7 (john-1.7.7-jumbo-1.tar.gz/john-1.7.7-jumbo-1.tar.bz2).
http://download.openwall.net/pub/projects/john/1.7.7/

출처 :  PenTestIT


Trackback 0 Comment 1
  1. Favicon of http://online-casino.eu.com online casino 2011.07.30 17:16 address edit & del reply

    아주 좋은 기사

2010.08.22 02:52

BEST TOOLS EVER (UPDATED)

OpenVPN
OpenVPN is a full-featured SSL VPN solution which can accomodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. GUI-version for Windows!
http://uploading.com/files/GTWU6PHX/open...l.zip.html


BlueFTP
This is an old tool which will helps you to hack mobiles throw bluetooth. Try it by yourself.
http://uploading.com/files/KTR3ONRF/BlueFTP.zip.html


DELmE's Batch Virus Generator v1.0
This tool is a virus creater. It will create very proffesional virus. Never test any virus on your PC. Very effective for bad hackers. All credits go to DELmE
http://uploading.com/files/CS02T8P6/DELm...1.rar.html


DELmE's Batch Virus Generator v2.0
This tool is a virus creater. It will create very proffesional virus. I would say it is best virus creater i have ever saw. Never test any virus on your PC. Very effective for bad hackers. All credits go to DELmE
http://uploading.com/files/0BPU0ZCP/DELm...0.rar.html


Windows command list
This is a list for most of the windows operator commands. It can very useful for virus programmers.
http://uploading.com/files/SG3CU3V8/wind...t.rar.html


THC-Hydra 5.4
This tool is a really good one to hack websites.This tool supports: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC,RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, LDAP2 and Cisco AAA. It is worth to try it.
http://uploading.com/files/WWZGWNJG/hydr...n.zip.html


John the ripper
This tool is should crack password
http://uploading.com/files/S06PAFJJ/john171w.zip.html


Rainbowcrack 1.2
This tool will helps you to crack the PC users and administartors passwords. This is really good. Tutorial on how to use it is included.
http://uploading.com/files/5R4T4YPI/rain...n.zip.html


Konboot
This tool should recover your lost passwords for your PCs users accounts. This is an iso file so you have to burn it on a CD so it works. Work for Windows/Linux
http://uploading.com/files/7VQ5MFN4/pass...o.zip.html
For more information


Firefox Master Password Remover
This tool will remove the Master password on firefox. I create it and test it on my PC and works fine. I got this idea since i saw many people begging for master password on their firefox browser. Very effective
http://uploading.com/files/7KII7524/Fire...r.rar.html


Rapidshare Points Generator v2.4
This tool should generate points for your rapidshare accounts. Clean but not test it. Try it and let us know if it works
http://uploading.com/files/K2IC5Z4G/Rapi...4.rar.html


Icon changer
I noticed that some people asking for ful version icon changer. I couldn't bring the full version but i bring this. A very simple tool to add/remove icons for any application. It is shareware.
http://uploading.com/files/TG37XPXE/Icon...r.rar.html


Icons Extract
The Icons Extract utility scans the files and folders on your computer, and extract the icons and cursors stored in EXE, DLL, OCX, CPL, and in other file types. You can save the extracted icons to ICO files (or CUR files for cursors), or copy the image of a single icon into the clipboard. Very useful
http://uploading.com/files/XDHT9FPG/icon...r.zip.html


XSS_Scanner_1.0
This tool have been posted twice before but looks it is lost in the forum so i took the initiative to post it in my list. This tool will scan the web using google and will search for vulnerable XSS website.
http://uploading.com/files/HU7BBAYR/XSS_...0.zip.html


k9 web protection
This tool will let you control your browsers by control what types of websites to block or what particulary websites to block. It is very effective for parental control to limit what there children can access including hacking . Also ability to protect from infected websites. A full list of websites already exist. Very effective
http://uploading.com/files/7RVR98TU/k9%2...n.rar.html


72389 Mass Bomber
This tool will let you to send messages to multiple emails from a signle email at the same time. very effective. All credit go to Nathan72389
http://uploading.com/files/PS93X57M/7238...r.rar.html


Nsis 2.45
This contain some really good scripts that can be used in your websites and ability to create the script you want. Very good for java writers
http://uploading.com/files/F0CY0R6K/nsis...g.rar.html


Password door
This tool will helps you to restrict access to applications installed on your PC. This tool will put a password that you choose on the application that you choose so no one can open it without a password. Very effective
http://uploading.com/files/SL389H3D/Pass...r.rar.html


Security administrator
This tool will give control on all tasks that all user account have. Block what you don't want them to have as tasks and options eg: block downloading
http://uploading.com/files/Z497IJSP/Secu...r.zip.html


L337 Virus Creator
This tool is a fake virus generator. It looks like a virus generator while in fact it will infect the person himself. Use it to trick your victims. Let them think they can create virus using this one while they will get infected once they press any button. NEVER EVER test it on yourself. It will infect you. All credits go to Right Hand Man.
Code:
http://i275.photobucket.com/albums/jj299/s...titled-1-18.jpg
http://uploading.com/files/7KO7NNNW/L337...r.rar.html


Password generator 2.02
This tool will create complex passwords that you choose the type of the password and ability to personalize the person.
http://uploading.com/files/SQ1FGMAQ/PWGen-2.02.rar.html


Dork list
This is a list for some of the most used dorks in hacking websites.
http://uploading.com/files/7LVF2XEF/Dork...t.rar.html


Avast Virus removal pro v4
This is one of the best virus removal if not the best. It will search for virus on your system and remove them. Very effective
http://uploading.com/files/XPZGHUNA/Avas...4.rar.html


Password Zilla
This is the best password generator i have ever saw in my life. It will create the most complex and complicated passwords in the world. Choose the format of your password and what caracters to use and let it work. Also this tool can crack hashes. I am in love with this tool. My msn was hacked twice but a third time when i used a password generated by this one. Very effective
http://uploading.com/files/PKLLKB3V/Pass...a.rar.html


WinRar Password Remover v1.1
This tool will crack any protected winrar files.
http://uploading.com/files/PEXJGFBY/WinR...1.rar.html


GroundZero's Account Freezer V1.0
This tool will freeze facebook accounts.All credits go to GroundZero
http://uploading.com/files/TGKRE72N/Grou...0.zip.html
Tutorial


LC4
One of the most proffesional windows password crackers. very useful
http://uploading.com/files/H1M3LOB3/LC4.rar.html


1 million serials
This have been posted before and i think it is damn good that it shouldn't be lost with the other files. It will provide you with serials for over 1 million software.
http://uploading.com/files/CFO0UES9/1.Mi...s.rar.html


Forum auto poster
This was posted before in the forum but his owner was quicked out the forum.This tool will helps you to auto post in multiple forums in very few and easy steps.
http://uploading.com/files/J4U3KXUC/foru...r.rar.html


Autorun pro entreprise
This is the best autorun maker i have ever saw. It is damn pro. It can be very useful making your virus to autorun.
http://uploading.com/files/E24WUTUH/Auto...e.rar.html


File renamer
This tool will remane a very big number of files and folders at the same in only few clicks. Pro hackers can use this one to mess victims system.
http://uploading.com/files/S795U2M2/File...r.rar.html


Cheat Engine 55
This tool will helps to hack different things including flash games.
http://uploading.com/files/ZMJOZEIC/Chea...5.exe.html
Tutorial


Alpha editor
Alpha Editor is a Windows based text editor designed to make the creation and use of batch files by administrators easier. Alpha editor includes built in coding for login script creation.
http://uploading.com/files/C52TN3VM/Alph...r.zip.html


CSS Maker
Create stylesheets with no CSS knowledge! Don´t worry about the german intro, language can be adjusted in the program...;) very useful for websites writers
http://uploading.com/files/2R3S5TW0/CSS%...r.zip.html


Scour 2.3.7
I know that many people use scour.com to gain money and that they are getting tireds doing the searches by themself.This tool was posted before in the forum. Use theis tool to automate the searches on scour.com. Jsut input your informations in "Settings.ini" file and you are ready to use it and to win money.


Website Defacing Tools
Password Code:
www.avhackers.com


IP HIDER 3.7 Full + License Key


PS3 Jailbreak Trojan
http://www.f-secure.com/weblog/archives/00002014.html

Trackback 0 Comment 0
2010.06.23 18:53

Top 100 Network Security Tools

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also point newbies to this site whenever they write me saying “I don't know where to start”.

Respondents were allowed to list open source or commercial tools on any platform. Commercial tools are noted as such in the list below. No votes for the Nmap Security Scanner were counted because the survey was taken on a Nmap mailing list. This audience also biases the list slightly toward “attack” hacking tools rather than defensive ones.

Each tool is described by one ore more attributes:

new Did not appear on the 2003 list
/ Popularity ranking rose / fell the given number since the 2003 survey
  TITLE= Generally costs money. A free limited/demo/trial version may be available.
Linux Works natively on Linux
*BSD Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
OS X Works natively on Apple Mac OS X
Windows Works natively on Microsoft Windows
Command-line interface Features a command-line interface
GUI Interface Offers a GUI (point and click) interface
Source code Source code available for inspection.

Please send updates and suggestions (or better tool logos) to Fyodor. If your tool is featured or you think your site visitors might enjoy this list, you are welcome to use our link banners. Here is the list, starting with the most popular:

#1
  TITLE=
Linux
*BSD
OS X
Windows
GUI Interface
Nessus : Premier UNIX vulnerability assessment tool
Nessus was a popular free and open source vulnerability scanner until they closed the source code in 2005 and removed the free "registered feed" version in 2008. A limited “Home Feed” is still available, though it is only licensed for home network use. Some people avoid paying by violating the “Home Feed” license, or by avoiding feeds entirely and using just the plugins included with each release. But for most users, the cost has increased from free to $1200/year. Despite this, Nessus is still the best UNIX vulnerability scanner available and among the best to run on Windows. Nessus is constantly updated, with more than 20,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones.

See all vulnerability scanners


#2
Linux
*BSD
OS X
Windows
Command-line interface
GUI Interface
Source code
Wireshark : Sniffing the glue that holds the Internet together
Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).

See all packet sniffers


#3
  TITLE=
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Snort : Everyone's favorite open source IDS
This lightweight network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

Open source Snort works fine for many individuals, small businesses, and departments. Parent company SourceFire offers a complimentary product line with more enterprise-level features and real-time rule updates. They offer a free (with registration) 5-day-delayed rules feed, and you can also find many great free rules at Bleeding Edge Snort.

See all intrusion detection systems


#4
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Netcat : The network Swiss army knife
This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections. The original Netcat was released by Hobbit in 1995, but it hasn't been maintained despite its immense popularity. It can sometimes even be hard to find nc110.tgz. The flexibility and usefulness of this tool have prompted people to write numerous other Netcat implementations - often with modern features not found in the original. One of the most interesting is Socat, which extends Netcat to support many other socket types, SSL encryption, SOCKS proxies, and more. It even made this list on its own merits. There is also Chris Gibson's Ncat, which offers even more features while remaining portable and compact. Other takes on Netcat include OpenBSD's nc, Cryptcat, Netcat6, PNetcat, SBD, and so-called GNU Netcat.

See all Netcats


#5
new
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Metasploit Framework : Hack the Planet
Metasploit took the security world by storm when it was released in 2004. No other new tool even broke into the top 15 of this list, yet Metasploit comes in at #5, ahead of many well-loved tools that have been developed for more than a decade. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their online exploit building demo. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. Similar professional exploitation tools, such as Core Impact and Canvas already existed for wealthy users on all sides of the ethical spectrum. Metasploit simply brought this capability to the masses.

See all vulnerability exploitation tools


#6
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Hping2 : A network probing utility like ping on steroids
This handy little utility assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. This tool is particularly useful when trying to traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities. This often allows you to map out firewall rulesets. It is also great for learning more about TCP/IP and experimenting with IP protocols.

See all packet crafting tools


#7
10
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Kismet : A powerful wireless sniffer
Kismet is an console (ncurses) based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing (as opposed to more active tools such as NetStumbler), and can even decloak hidden (non-beaconing) networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/TCPDump compatible format, and even plot detected networks and estimated ranges on downloaded maps. As you might expect, this tool is commonly used for wardriving. Oh, and also warwalking, warflying, and warskating, ...

See all wireless tools, and packet sniffers


#8
3
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Tcpdump : The classic sniffer for network monitoring and data acquisition
Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with fewer security holes. It also requires fewer system resources. While it doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. TCPDump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap among many other tools.

See all packet sniffers


#9
23
Windows
GUI Interface
Cain and Abel : The top password recovery tool for Windows
UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented.

See all password crackers, and packet sniffers


#10
1
Linux
*BSD
OS X
Windows
Command-line interface
Source code
John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here, here, or here.

See all password crackers


#11
2
Linux
*BSD
OS X
Windows
Command-line interface
GUI Interface
Source code
Ettercap : In case you still thought switched LANs provide much extra security
Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.

See all packet sniffers


#12
4
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Nikto : A more comprehensive web scanner
Nikto is an open source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired). It uses Whisker/libwhisker for much of its underlying functionality. It is a great tool, but the value is limited by its infrequent updates. The newest and most critical vulnerabilities are often not detected.

See all web vulnerability scanners


#13
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Ping/telnet/dig/traceroute/whois/netstat : The basics
While there are many whiz-bang high-tech tools out there to assist in security auditing, don't forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that Windows omits whois and uses the name tracert). They can be very handy in a pinch, although for more advanced usage you may be better off with Hping2 and Netcat.

#14
2
Linux
*BSD
OS X
Windows
Command-line interface
Source code
OpenSSH / PuTTY / SSH : A secure way to access remote computers
SSH (Secure Shell) is the now ubiquitous program for logging into or executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network, replacing the hideously insecure telnet/rlogin/rsh alternatives. Most UNIX users run the open source OpenSSH server and client. Windows users often prefer the free PuTTY client, which is also available for many mobile devices. Other Windows users prefer the nice terminal-based port of OpenSSH that comes with Cygwin. Dozens of other free and proprietary clients exist. You can explore them here or here.

#15
35
Linux
*BSD
OS X
Windows
Command-line interface
GUI Interface
Source code
THC Hydra : A Fast network authentication cracker which supports many different services
When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC.

See all password crackers


#16
new
Linux
*BSD
OS X
Windows
Command-line interface
GUI Interface
Source code
Paros proxy : A web application vulnerability assessment proxy
A Java based web proxy for assessing web application vulnerability. It supports editing/viewing HTTP/HTTPS messages on-the-fly to change items such as cookies and form fields. It includes a web traffic recorder, web spider, hash calculator, and a scanner for testing common web application attacks such as SQL injection and cross-site scripting.

See all web vulnerability scanners


#17
10
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Dsniff : A suite of powerful network auditing and penetration-testing tools
This popular and well-engineered suite by Dug Song includes many tools. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected ssh and https sessions by exploiting weak bindings in ad-hoc PKI. A separately maintained partial Windows port is available here. Overall, this is a great toolset. It handles pretty much all of your password sniffing needs.

See all packet sniffers


#18
7
Windows
GUI Interface
NetStumbler : Free Windows 802.11 Sniffer
Netstumbler is the best known Windows tool for finding open wireless access points ("wardriving"). They also distribute a WinCE version for PDAs and such named Ministumbler. The tool is currently free but Windows-only and no source code is provided. It uses a more active approach to finding WAPs than passive sniffers such as Kismet or KisMAC.

See all wireless tools, and packet sniffers


#19
18
Linux
*BSD
OS X
Windows
Command-line interface
Source code
THC Amap : An application fingerprinting scanner
Amap is a great tool for determining what application is listening on a given port. Their database isn't as large as what Nmap uses for its version detection feature, but it is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap even knows how to parse Nmap output files. This is yet another valuable tool from the great guys at THC.

See all application-specific scanners


#20
12
  TITLE=
Windows
GUI Interface
GFI LANguard : A commercial network security scanner for Windows
GFI LANguard scans IP networks to detect what machines are running. Then it tries to discern the host OS and what applications are running. It also tries to collect Windows machine's service pack level, missing security patches, wireless access points, USB devices, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. Scan results are saved to an HTML report, which can be customized/queried. It also includes a patch manager which detects and installs missing patches. A free trial version is available, though it only works for up to 30 days.

See all vulnerability scanners


#21
new
Linux
*BSD
OS X
Windows
Command-line interface
Source code
Aircrack : The fastest available WEP/WPA cracking tool
Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

See all wireless tools, and password crackers


#22
4
Windows
GUI Interface
Superscan : A Windows-only port scanner, pinger, and resolver
SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois.

See all port scanners


#23
2
Linux
Command-line interface
Source code
Netfilter : The current Linux kernel packet filter/firewall
Netfilter is a powerful packet filter implemented in the standard Linux kernel. The userspace iptables tool is used for configuration. It now supports packet filtering (stateless or stateful), all kinds of network address and port translation (NAT/NAPT), and multiple API layers for 3rd party extensions. It includes many different modules for handling unruly protocols such as FTP. For other UNIX platforms, see Openbsd PF (OpenBSD specific), or IP Filter. Many personal firewalls are available for Windows (Tiny,Zone Alarm, Norton, Kerio, ...), though none made this list. Microsoft included a very basic firewall in Windows XP SP2, and will nag you incessantly until you install it.

See all firewalls


#24
new
Windows
Command-line interface
GUI Interface
Sysinternals : An extensive collection of powerful windows utilities
Sysinternals provides many small windows utilities that are quite useful for low-level windows hacking. Some are free of cost and/or include source code, while others are proprietary. Survey respondents were most enamored with:
  • ProcessExplorer for keeping an eye on the files and directories open by any process (like LSoF on UNIX).
  • PsTools for managing (executing, suspending, killing, detailing) local and remote processes.
  • Autoruns for discovering what executables are set to run during system boot up or login.
  • RootkitRevealer for detecting registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
  • TCPView, for viewing TCP and UDP traffic endpoints used by each process (like Netstat on UNIX).
Update: Microsoft acquired Sysinternals in July 2006, promising that “Customers will be able to continue building on Sysinternals' advanced utilities, technical information and source code”. Less than four months later, Microsoft removed most of that source code. Future product direction is uncertain.

See all rootkit detectors


#25
5
  TITLE=
Windows
GUI Interface
Retina : Commercial vulnerability assessment scanner by eEye
Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research.

See all vulnerability scanners



출처 : http://sectools.org/

Trackback 3 Comment 0