Info request - Penetration Testing tools list

Info request - Penetration Testing tools list
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Info request - Penetration Testing tools list Subba Rao 05-19-2005
Posted by Subba Rao on May 19, 2005, 8:47 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello,

I haven't played with the pen test tools lately (since 4 years). The
most familiar tools are Nessus/nmap/strobe (from freeware world) and
ISS/Cybercop and others from the (commercial world).

Recently, I have heard of metasploitz (sp). Is this a compilation of
all the exploits?

A lot has changed in the last 2 years! I am trying to update my pen
test skills. What are the current tools that I should be familiar with?

Thank you in advance for any information and advice.

Regards,

Subba Rao
--
SR
castellan2004-mail@SPAMBUSTER.yahoo.com
Please remove SPAMBUSTER to reply via email.


Posted by Anthony Williams on May 20, 2005, 12:38 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Subba Rao wrote:
> Hello,
>
> I haven't played with the pen test tools lately (since 4 years). The
> most familiar tools are Nessus/nmap/strobe (from freeware world) and
> ISS/Cybercop and others from the (commercial world).
>
> Recently, I have heard of metasploitz (sp). Is this a compilation of
> all the exploits?
>
> A lot has changed in the last 2 years! I am trying to update my pen
> test skills. What are the current tools that I should be familiar with?
>
> Thank you in advance for any information and advice.
>
> Regards,
>
> Subba Rao

Consider giving the following security based live CDs a look.

Auditor http://www.remote-exploit.org (check the research blog also)
WHoppix http://www.whoppix.net (nice flash based demos as well)
Phlak http://www.phlak.org

These should have many of the tools that you will need to get started.


AW


Posted by anrxc on May 20, 2005, 6:57 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Subba Rao wrote:
> What are the current tools that I should be familiar with?

As from 'Auditor Security Live' collection:
---------------------------------
Security Auditing:

Footprinting
        Traceroute
                itrace - traceroute ICMP echo
                tctrace - traceroute TCP SYN packets
                Gnetutil 1.0
        HTTP/HTTPS
                Curl - transfer a URL
                stunnel
        SNMP
                tkmib - MIB browser for SNMP
                arpfetch - eth/ip adress vio snmp
        LDAP
                gq - GTK based LDAP Client
        SMB
                LinNeighborhood - SMB Network Browser
                net - tool for administration od samba CIFS servers(samba packet)
                SMB DumpUsers 0.9.1
                SMB ServerInfo 0.9.1
                nmblookup - lookup NetBIOS names(samba packet)
        OS Detection
                xprobe2 - OS fingerprinting tool
                queso - OS fprint tool
                P0f - passive OS fingerprinting
                cheops - net monitor tools for sys administration

Scanning
        Security Scanners
                Nessus
                Raccess - Remote Access Session
                Metasploit
        Webserver Scanners
                whisker - CGI scanner
                Nikto - Server and CGI scanner
                ab - apachebench
        Network Scanners
                nmap /fe
                scanrand - Stateless TCP net analysis system
                ike-scan - discover and fingeprint IKE hosts (IPsec VPN)
        Application Scanners
                amap - app mapper
                scanssh - scans for open proxys and ssh servers
        SMB Scanners
                nbtscan - scans networks for NetBIOS name information
                smb-nat - NetBIOS auditing tool
        Router Scanner
                ass - autonomous system scanner

Analyzing
        Network Analyzers
                Ethereal
                Ettercap
                Etherape - graphical network browser
        Password Analyzers
                Dsniff
        Application Analyzers
                Mailsnarf - sniff mail messages
                urlsnarf - sniff HTTP requests
                spkproxy - web application auditing

Spoofing
        ARP
                arpspoof - intercept packets on a switched LAN
                macof - flood switched LAN's with random MAC's
        DNS
                dnsspoof - forge replies to DNS adress
        ICMP
                hping2 - send arbitrary TCP/IP packets to hosts
                icmpush - ICMP packet builder
        TCP
                tcpreply - reply packets from capture files
                IP Sorcery - packet generator
        Cisco/CDP
                cdp - cdp packet generator
        Routing Protocols
                igrp - igrp route injector
                
Wireless
        Scanners/Analyzers
                Kismet
                Wellenreiter
        WEP Breaking
                Wep Crack
                Wep Decrypt
                AirSnort
                dwepcrack                 
                wepattack
        MACchanger

Bruteforce
        hydra - multi purpose bruteforcer (GTK Gui postoji)
        smb-nat
        k0ldS - LDAP bruteforcer
        ADMsnmp - SNMP bruteforcer
        ObiWan III - HTTP Bruteforcer
        guess-who - SSH bruteforcer

Password Crackers
        John the Ripper
        WIN
                RainbowCrack
                samdump2-linux
        ZIP
                fcrackzip - ZIP pass cracker
        
Digital Forensics
        Data Recovery
                testdisk - scan and repair disk partitions
        ext2fs recovery
                recover - recover a deleted file        
        Secure Delete
                Wipe - securely erase files



EXTRA
        IRPAS
                Internetwork Routing Protocol Attack Suite
        Nemesis Project
---------------------------------

--
"Not mind. Not code. Not things.
Always changing, yet never changing."
---
GPG:0xA8916BBD | xmpp:anrxc@jabber.org


Posted by c0ntex on May 21, 2005, 3:26 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> A lot has changed in the last 2 years! I am trying to update my pen
> test skills. What are the current tools that I should be familiar
with?


GNU c compiler and perl.

regards
c0ntex



Similar ThreadsPosted
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 May 30, 2005, 4:29 am
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 August 30, 2005, 4:26 am
[SSL-Talk List FAQ] Secure Sockets Layer Discussion List FAQ v1.1.1 October 19, 2005, 4:37 am
Single tool for audit, compliance, penetration test and forensic April 10, 2008, 6:44 am
Third Party Testing March 2, 2005, 4:07 pm
testing BIOS June 5, 2006, 3:58 pm
Testing users password on mambo February 14, 2006, 3:31 am
New PGP tool available for beta testing - for Gmail, MSN, Yahoo April 23, 2008, 3:43 am
Trend Micro IMSA 5000 Version 7.0 Usability Testing December 12, 2006, 1:36 pm
Certificate Management Tools April 27, 2005, 9:35 am

The site map in XML format XML site map

Contact Us | Privacy Policy