Hacking Tools

*HACKING TOOLS*

 

Nmap         http://www.insecure.org/nmap

Description: nmap is a utility for port scanning large networks, although it works fine for single hosts. nmap supports: Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, and output to machine parseable or human readable log files.

 

Netcat       http://www.l0pht.com/~weld/netcat/

Description: TCP/IP swiss army knife A simple Unix utility which reads and writes data across network connections using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. 

 

Tcpdump                http://www.tcpdump.org

Description: A powerful tool for network monitoring and data acquisition This program allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect "ping attacks" or to monitor the network activities.

 

DSniff         http://naughty.monkey.org/~dugsong/dsniff/

Description: A suite of powerful for sniffing networks for passwords and other information. Includes sophisticated techniques for defeating the "protection" of network switchers.

 

Hping2         http://www.kyuzz.org/antirez/hping/


Description: hping2 is a network tool able to send custom ICMP/UDP/TCP packets and to display target replies like ping does with ICMP replies. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under supported protocols. Using hping2, you can: test firewall rules, perform [spoofed] port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, tranfer files (even between really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, audit a TCP/IP stack, etc. hping2 is a good tool for learning TCP/IP.

 

SATAN        http://www.fish.com/satan/

Description: Security Auditing Tool for Analysing Networks This is a powerful tool for analyzing networks for vulnerabilities created for sysadmins that cannot keep a constant look at bugtraq, rootshell and the like.

 

Firewalk       http://www.packetfactory.net/Projects/Firewalk/

Description: Firewalking is a technique developed by MDS and DHG that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. Firewalk the tool employs the technique to determine the filter rules in place on a packet forwarding device. The newest version of the tool, firewalk/GTK introduces the option of using a graphical interface and a few bug fixes.

 

John The Ripper    http://www.openwall.com/john/

Description: An active password cracking tool john, normally called john the ripper, is a tool to find weak passwords of your users.

 

Perl           http://www.perl.org

Description: A very powerful scripting language which is often used to create "exploits" for the purpose of verifying security vulnerabilities. Of course, it is also used for all sorts of other things.

 

Ngrep        http://www.packetfactory.net/Projects/ngrep/

Description: grep for network traffic ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

 

traceroute/ping/telnet       http://www.linux.com

Description: These are utilities that virtually all UNIX boxes already have. In fact, even Windows NT has them ( but the traceroute command is called tracert ).

 

 

 

[Index] [Introduction] [Attack] [Detection / Recovery] [Prevention] [Conclusion] [Credits]