I know everyone has their own programs they find useful for various things, wanting to compile a list of programs everyone suggests as useful. For any replies, please post the name of the program, link, and a quick description.
=================================
Compiled list as of Feb. 20, 2009
=================================
==========
Operating Systems/Live disks
==========
Backtrack 3 ( http://www.remote-exploit.org/backtrack.html ) Linux operating system, preloaded with some good programs. Great driver support for wireless cards which allow monitor mode
Knoppix Live CD ( http://www.knoppix.net/ ) Linux operating system, includes NTFS support
==========
Software
==========
Firefox ( http://www.mozilla.com/en-US/firefox/ ) Browser compatable with Windows, Mac OS X, and Linux. Suggested addons: firebug, tamper data, user agent switcher, IE Tab, torbutton, Keyscrambler Personal
Keyscrambler Personal ( http://www.qfxsoftware.com/Download.htm ) encrypts anything you type on a webpage: login, account numbers, passwords
Firebug ( https://addons.mozilla.org/en-US/firefox/addon/1843 ) Firebug allows you to do many different things with dom manipulation, and also allows you to see ajax requests as they are happening. The webpage you are looking at doesnt have jquery loaded? firebug will let you run javascript on the fly so you can do any javascript hacking you need, without refreshing the page.
Acunteix (http://www.acunetix.com/) Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities
AirCrack-ng ( http://www.aircrack-ng.org/doku.php ) 802.11 WEP and WPA-PSK keys cracking program
AirSnort ( http://airsnort.shmoo.com/ ) wireless LAN (WLAN) tool which recovers encryption keys
BeEF ( http://www.bindshell.net/tools/beef/ ) browser exploitation framework
bin2h ( http://www.mechcore.net/code/tools/bin2h.c ) Takes a binary file as input and spits out a C header with the binary data as a char array. - Great when you are too lazy to make a decent file loader, or want the data embedded in the binary executable.
Cain and Abel ( http://www.oxid.it/cain.html ) password recovery tool for Microsoft Operating Systems
Core Impact (http://www.coresecurity.com/) CORE IMPACT Pro is a commercial-grade, automated penetration security testing software solution designed to allow organizations of all sizes to conduct comprehensive penetration testing across their infrastructure and applications.
dameware ( http://www.dameware.com/ ) Remote system management software for windows
ethereal ( http://www.ethereal.com/ ) extremely detailed and crafty sniffer
ettercap ( http://ettercap.sourceforge.net/ ) simple arp spoofing with lots of power
Exploit-Me ( http://www.securitycompass.com/exploitme.shtml ) suite of Firefox web application security testing tools designed to be lightweight and easy to use
gdb ( http://www.gnu.org/software/gdb/ ) GNU Project debugger, allows you to see what is going on `inside' another program while it executes
GNU binutils ( http://www.gnu.org/software/ ) Includes gas, objcopy, objdump, c++filt, readelf and several others.
Graphviz ( http://www.graphviz.org/ ) Includes different tools to render graphs, both undirected as well as trees. I use `dot` mostly.
hping2 ( http://www.hping.org/ ) extremely versatile packet crafting good for network/firewall mapping
hte ( http://hte.sourceforge.net/ ) file editor/viewer/analyzer for executables
netcat/nc ( http://netcat.sourceforge.net/ ) networking utility which reads and writes data across network connections, using the TCP/IP protocol
L0pht Crack ( http://download.insecure.org/stf/lc5-setup.exe ) password auditing and recovery application, uses rainbow tables
lsof ( http://en.wikipedia.org/wiki/Lsof ) command meaning "list open files", which is used in many Unix-like systems
Nessus ( http://www.nessus.org/nessus/ ) vulnerability scanner
NetStumbler ( http://www.netstumbler.com/ ) wireless networking tool
nmap ( http://www.nmap.org/ ) utility for network exploration or security auditing
perl ( http://www.perl.org/ ) cross platform programming language
p0f ( http://freshmeat.net/projects/p0f/ ) full passive OS fingerprinting
pstools ( http://www.softpedia.com/progDownload/PsTools-Download-5353.html ) must have for physically removing virii, spyware and other annoyances in windows.
pwdump ( http://www.foofus.net/fizzgig/pwdump/ ) if you have physical access to the box (windows)
Rainbow Crack ( http://project-rainbowcrack.com/ ) rainbow table based password/hash cracker
Retina Wireless Network Security Scanner ( http://www.eeye.com/ ) identifies known and zero day vulnerabilities plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits
Retina Network Security Scanner ( http://www.eeye.com/ ) identifies known and zero day vulnerabilities plus provides security risk assessment, enabling security best practices, policy enforcement, and regulatory audits
SolarWinds LAN Toolset Enterprise v10 ( http://www.solarwinds.com/ ) Network Management Products
strace ( http://sourceforge.net/projects/strace/ ) system call tracer, i.e. a debugging tool which prints out a trace of all the system calls made by a another process/program
Vim - Everyone's (?) favorite editor!
VMWare ( http://www.vmware.com/ ) run virtual machines/multiple OS's simultaneously
WildPackets iNet Tools ( http://www.wildpackets.com/ ) iNet Tools, AiroPeek NX, OmniPeek Enterprise. Network and application performance monitoring, analysis, and troubleshooting solutions
winhex ( http://www.x-ways.net/winhex/ ) good for data recovery
wireshark ( http://www.wireshark.org/ ) network protocol analyzer for Unix and Windows
-= Editors =-
KHexEdit ( http://home.online.no/~espensa/khexedit/ ) A decent hex editor.
dreamweaver ( http://www.adobe.com/products/dreamweaver/ ) make handeling web code less ugly and quicker
ZEND ( http://www.zend.com/ ) PHP Editor
Eclipse ( http://www.eclipse.org/ ) IDE
HexEdit ( ??? ) Someone posted this one without a link, and it's too common of a name for me to look it up
-= Free HTML/text Editors =-
Notetab Light ( http://www.notetab.com/ ) tabbed text editor
Hapedit ( http://hapedit.free.fr/ ) Html Asp Php editor. syntax highlighting for php, asp, html, JavaScript, CSS and SQL. SQL console. FTP Manager.
Notepad++ ( http://notepad-plus.sourceforge.net/ ) tabbed text editor with syntax highlighting and plugins
PSPAD ( http://www.pspad.com/ ) tabbed text editor with syntax highlighting and many other features
TSW WebCoder ( http://www.tsware.net/products.php ) text editor with html/php syntax highlighting and intellisense/auto-suggest
HTML-Kit ( http://www.chami.com/html-kit/ ) text editor with html syntax highlighting and many other features
Notepad ( packed with MS Windows ) basic text editor for windows
Wordpad ( packed with MS Windows ) text editor with basic rich-text formatting ability
-= Free WYSIWYG's and Website Builders =-
Kompozer ( http://www.kompozer.net/ ) web authoring system that combines web file management and easy-to-use WYSIWYG web page editing
Trellian ( http://www.trellian.com/webpage/ ) wysiwyg HTML/CSS creator/editor
==========
Links
==========
http://dnsstuff.com - handy for resolving addresses to looking through spam db's
http://www.domaintools.com/
http://www.SecurityFocus.com/
http://www.pointblanksecurity.com/wardriving-tools.php
http://www.wardriving.com/code.php
http://www.wardrive.net/security/tools/
http://packetstormsecurity.org/
http://www.i-hacked.com/
http://www.passcracking.com/
http://remote-exploit.org/codes_tools.html
http://www.metasploit.com/
tutorials - youtube type in the program (name) example (brutus-aet)
And the very elusive.... http://google.com
Name: Firebug Link:
Name: Firebug
Link: https://addons.mozilla.org/en-US/firefox/addon/1843
Description:
Firebug allows you to do many different things with dom manipulation, and also allows you to see ajax requests as they are happening.
The webpage you are looking at doesnt have jquery loaded? firebug will let you run javascript on the fly so you can do any javascript hacking you need, without refreshing the page.
Firefox with the following
Firefox with the following addons: firebug, tamper data, user agent switcher, IE Tab, and torbutton
For non-web-based stuff: gdb and hte go hand-in-hand, nc, nmap, strace, lsof, and maybe a few others I can't think of off-hand.
Retoros Security
Name: Backtrack 3 Link:
Name: Backtrack 3
Link: http://www.remote-exploit.org/backtrack.html
Description:
Linux operating system, preloaded with some good programs. Great driver support for wireless cards which allow monitor mode, deffinanetly recomend it to anyone who is new to the hacking scene.
netcat -
netcat - http://netcat.sourceforge.net/
perl - http://www.perl.org/
wireshark - www.wireshark.org/
GNU binutils - (
GNU binutils - ( http://www.gnu.org/software/ )
- Includes gas, objcopy, objdump, c++filt, readelf and several others.
Graphviz - ( http://www.graphviz.org/ )
Includes different tools to render graphs, both undirected as well as trees. I use `dot` mostly.
Vim -
- Everyone's (?) favorite editor!
bin2h - http://www.mechcore.net/code/tools/bin2h.c
- Takes a binary file as input and spits out a C header with the binary data as an char array.
- Great when you are too lazy to make a decent file loader, or want the data embedded in the binary executable.
KHexEdit - http://home.online.no/~espensa/khexedit/
- A decent hex editor.
NMAP - http://www.nmap.org/
You all know this one.
VMWare - run virtual
VMWare - run virtual machines/multiple OS's simultaneously
nmap - everyones roundabout port scanner
p0f - full passive OS fingerprinting
hping2 - extremely versatile packet crafting good for network/firewall mapping
ethereal - extremely detailed and crafty sniffer
ettercap - simple arp spoofing with lots of power
winhex - good for data recovery
backtrack - handy bootdisk with good tools
dreamweaver - make handeling web code less ugly and quicker
dnsstuff.com - handy for resolving addresses to looking through spam db's
Id replace dreamweaver with
Id replace dreamweaver with ZEND or Eclipse, preferably Zend
Agreed
Agreed
qwwqy
china hacker by:Black Boy
hi
i need someone to show me how to hack any thing
hack
hacker
tutorials
youtube type in the program (name) example (brutus-aet)
bingo
nube0_o
Ummmmmmmmm........site has been here a while......?
undetect programs
i hope da undetect program in site
agreed. My favorite bootable
agreed.
My favorite bootable distro.
hi
here u go
acunteix
Core Impact
nmap
angry blue port scanner
backtrack
XSS ME
SQL ME
and some others
pwdump:
pwdump: http://www.foofus.net/fizzgig/pwdump/ if you have physical access to the box/ windows
pstools; http://www.softpedia.com/progDownload/PsTools-Download-5353.html a must have if you're phsycially removing virii, spyware and and other annoyances in windows.
ethereal: http://www.ethereal.com/ already mentioned
Firefox addon. QFX software: keyscrambler personal. encrypts anything you type on a webpage: login, account numbers, passwords http://www.qfxsoftware.com/Download.htm
I still use a live knoppix cd distro if i just want to view a HD for basic crap but it works for simplification. (and god knows I like it simple)
Free HTML Editors / ASCII
Free HTML Editors / ASCII Text Web Editors
Notetab Light
Hapedit
Notepad++
PSPAD
TSS WebCoder
HTML-Kit
Notepad
Wordpad
Free WYSIWYG Web Editors and Website Builders
Kompozer
Trellian
These are all just editors I've tried and really like. I really recommend using Kompozer, just because you can do graphical editing and code editing. I really do not ever recommend Dreamweaver just because of the fact that if you are just getting into web design it doesn't use industry standard coding. It uses a mix of tables and CSS. A standard website layout should just use CSS. Using a table to organize information is a different matter.
My Tools
HEEEEEEEEEEY SNOWY!!!
This is what I have on my HP TX2000 Tablet PC, the one i use for Pen Testing.
Software:
NetStumbler
WildPackets iNet Tools
WildPackets AiroPeek NX
WildPackets OmniPeek Enterprise
SolarWinds LAN Toolset (Enterprise v10)
WireShark
AirSnort
Nessus
Cain and Abel
Retina Wireless Network Security Scanner
Retina Network Security Scanner
Rainbow Crack
L0pht Crack
HexEdit
CD/DVDs:
Backtrack (latest always)
Knoppix
Websites:
http://www.SecurityFocus.Com
http://www.pointblanksecurity.com/wardriving-tools.php
http://www.wardriving.com/code.php
http://www.wardrive.net/security/tools
http://packetstormsecurity.org
http://www.i-hacked.com
http://www.passcracking.com
http://remote-exploit.org/codes_tools.html
http://www.domaintools.com
http://www.metasploit.com
And the very elusive.... Google.Com
hope this helps some people :)
The Attitude You Receive Is Proportional To Your Intelligence.