Tools of the trade - by category
--------------------------------------------------------------------------------------
FOOTPRINTING:
Maltego (paterva.com)
-is an open source intelligence and forensics application. Can be useful during info gathering.
-Maltego is a platform developed to deliver a clear threat picture to enviroment that the organisation owns and operates.
Recon-ng (https://bitbucker.org)
-Similar feel to metasploit framework
- It is however a web based open source recon.
FOCA (https://www.elevenpaths.com)
-Capable of scanning and analysing wide variety of docs ie PDF, Microsoft Office
-Features: Web, DNS search, IP Resolution, PTR scanning, Bing IP, Common Names
Recon-Dog (http://github.com)
-Uses APIs to collect info about target system
-Features: Whois Lookup, DNS Lookup, Zone Transfer, Port Scan, HTTP Hearder Grabber, Honeypot Detector, Robot.txt Scanner, IP location Finder, Traceroute, Link Grabber
OSRFramework (https://github.com)
-is a GNU AGPLv3+ set of libraries developed to perform Open Source Intelligence tasks
-The libraries provide a collections of scripts that can enumerate users, domains and more across 200 services. Tools in OSR = usufy.py, mailfy.py, searchfy.py, domainfy.py. phonefy.py, entify.py
ENUMERATION:
NetBIOS Tools: NBTstat utility Hyena (systemtools.com) Netscan tools SuperScan MegaPing SNMP Tools: OpUtils (manageengine.com) NetScan Tools SNScan (mcafee.com) SNMPCheck (nothink.org) LDAP Tools: Softerra LDAP admin (ldapadministrator.com) LDAP admin (ldapadmin.org) OpenLDAP (openldap.org) NTP Tools: Command line PRTG network monitor (paessler.com) NTP time server monitor (meinbergglobal.com) SMTP Tools: NetScanTools Pro (netscantools.com) smtp-user-enum (pentestmonkey.net) Telent (technet.microsoft.com) MX Toolbox (mxtoolbox.com) DNS Tools: IPsec Enumeration: ike-scan (github.com) VOIP Enumeration: Svmap (github.com) RPC (Remote Procedure call) Enumeration: Use Nmap commands Unix/Linux User Enumeration: rusers rwho Finger Vulnerability Analysis Tools:
Vuln Scoring System: -Common Vuln Scoring System (CVSS) --www.first.org --//nvs.nist.gov -Common Vuln and Exposures (CVE) --cve.mitre.org -National Vuln Database (NVD) --nvd.nist.gov Resources for Vuln Research: -Microsoft Vuln Research (MSVR) -technet.microsoft.com -Security Focus -securityfocus.com -Hackerstorm -hackerstorm.co.uk -Exploit Database -exploit-db.com -rapid7 -rapid7.com Vuln Tools: -Qualys Vuln Management -qualys.com -Nessus Professional -tenable.com -GFI Languard -gfi.com -Qualys FreeScan -freescan.qualys.com -Nikto -cirt.net -OpenVAS -openvas.org -Retina CS -beyondtrust.com -Saint -Saintcorporation.com -Microsoft Baseline Security Analyzer (MBSA) -AVDS -Automated Vuln Detection System -beyondsecurity.com -Acunetix Web Vuln Scanner -acunetix.com -Nexpose -rapid7.com -Burp Suite Sniffing Tools:
DHCP starvation attacks tools: Yersinia -yersinia.net Hyenae -sourceforge.net dhcpstarv -github.com Gobbler -sourceforge.net ARP poisoning tools: Ufasoft Snif - ufasoft.com BetterCAP -betterCAP.org EtterCap -github.com Arpspooftool -sourceforge.net Cain abel -oxid.it hping3 -hping.org ARP spoofing detection tools: Xarp - xarp.net Capsa Network Analyzer -colasoft.com ArpON -arpon.spurceforge.net ARP Antispoofer (github) ARPStraw (github) MAC spoofing tools: Tecnitium MAC add changer - technitium.com MAC add changer - novirusrthanks.org GhostMAC -ghostmac.fevermedia.ro SMAC -kicconsulting.net
Dos / DDoS attack tools: High Orbit Ion Cannon (HOIC) - sourceforge.net Low Orbit Ion Cannon (LOIC) - sourceforge.net HULK - sectorix.com Evading Honeypots and Firewalls:
Intrusion Detection Tools: Snort - snort.org Check point IPS -checkpoint.com AlienVault - alienvault.com Fortigate IPS - fortinet.com Peek & Spy - networkingdynamics.com Vanguard Enforcer - go2vanguard.com Firewalls: ZoneAlarm Pro firewalls - zonealarm.com Firewall Analyzer - manageengine.com Sophos XG -sophos.com Honeypot Tools: KFSensor - keyfocus.net Specter - specter.com Honeybot -atomicsoftwaresolutions.com Glastopf - github.com Honeyd - honeyd.org for Mobile: HosTaGe - tk.informatik.tu.darmstadt.de Network Guard -play.google.com Anonymous tools: Anonymizer.com webproxyserver.net anonymous-proxy-server.net zendproxy.com proxify.com guardster.com HTTP tunnelling tools: Super network tunnel - networktunnel.net HTTPort and HTTHost - targeted.org Tunna - github.com Http Tunnel - http-tunnel.sourceforge.net SSH Tunneling tools: Bitvise - bitvise.com Secure Pipes - opoet.com IDS/Firewall Evasion Tools: Traffic IQ professional - idappcom.com Hotspot shield -hotspotshield.com Ftester - inversepath.com Tomahawk - tomahawk.sourceforge.net Packet Fragment Generator Tools: Colasoft Packet builder - colasoft.com CommView -tamos.com Netscantools pro - netscantools.com Ostinato - ostinato.org WAN killer - solarwinds.com Hping3 - hping.org fping - fping.org
Crypto Tools:
MD5 hash Calculators:
MD5 Calulator - bullzip.com
Hashmy files - nirsoft.net
HashCalc - slavasoft.com
onlineMD5.com
MD5 hash Calculator - md5calc.com
MD5 Hash generator- md5hashgenerator.com
hash for mobile:
MD5 hash calc - md5calculator.chromefans.org
Hash Droid - play.google.com
Cryptography tools:
Advanced encryption package 2017 - aeppro.com
BCText Encoder - jetico.com
AxCrypt - axcrypt.net
Folder Lock - newsoftwares.net
Certainsafe - certainsafe.com
Veracrypt - veracrypt.codeplex.com
Cryptoforge - cryptforge.com
WinAES - winaes.com
AES crypt - aescrypt.com
for mobile:
secret space encryptor - paranoiaworks.mobi
Decrypto - play.google.com
Sealnote - play.google.com
Certification Authorities:
Comodo - comodo.com
identrust - identrust.com
symatec - websecurity.symantec.com
godaddy - in.godaddy.com
globalsign - globalsign.com
digicert.com
verisign
Cryptography toolkits :
OpenSSL - openssl.org
Keyczar - github.com
Disk encryption tools:
VeraCrypt - veracrypt.codeplex.com
Symantec Drive Encryption - symantec.com
gilisoft
Endpoint full disk encryption
Axcrypt - axcrypt.net
Cryptanalysis tools:
Cryptool - cryptool.org
Cryptobench - addario.org
Cryptol - cryptol.net
Evercrack - evercrack.sourceforge.net
Alphapeeler - alphapeeler.sourceforge.net
Online MD5 Decryption tools:
MD5 Decoder - dcode.fr
MD5 decrypt - md5decrypt.org
MD5 decrypter -md5online.org
onlinehashcrack.com - onlinehashcrack.com
hashkiller.co.uk
cmd5.org
crackstation.net
md5this.com
Hacking Tools: Password/Steg/Covering Tracks:
Online tools to search default passwords: -open-sez.me -fortypoundhead.com -cirt.net -defaultpassword.us -defaultpasswords.in -routerpasswords.com -defaultpassword.com -default-password.info LLMNR / NBT -NS Poisoning Tools: -Responder -Github.com -Metasploit -NBNSpoof -Inveigh (all from github.com) Tools to create Rainbow Tables: -Rtgen -project-rainbowcrack.com -Winrtgen -oxid.it Password Recovery Tools: -Elcomsoft Distributed Password Recovery -elcomsoft.com Tools to extract the password Hashes: -PWdump7 -tarasco.org -FGdump -foofus.net Password Cracking tools for Windows Password Resetting: -L0phtcrack -L0phtcrack.com -Ophcrack -ophcrack.sourceforge.net Password Cracking Tools: -RainbowCrack -project-rainbowcrack.com -Cain Abel -oxid.it -Windws Password Recovery Tools -windowspasswordsrecovery.com -hashcat -hashcat.net -John the Ripper -openwall.com -THC-Hydra -github.com -Medusa -foofus.net
Tools for executing applications: -RemoteExec -isdecisions.com -PDQ deploy -pdq.com -Dameware Remote support -dameware.com -Manageengine Desktop central -manageengine.com -PsExec -docs.microsoft.com -TheFatRat
NTFS stream detector: Stream Armor - securityxploded.com Stream detector -novirusthanks.org Forensic Toolkot -mcafee.com ADS Manager -dmitrybrant.com ADS Scanner -pointstone.com Whitespace Steg tools: Snow - darkside.com.au Image Steg Tools: Openstego - openstego.info Quickstego -quickcrypto.com ImageHide -dancemammal.com Document Steg tools: Stegostick - sourceforge.net StegJ -stegj.sourceforge.net Snow Video Steg Tools: OmniHide pro - Omnihide.com StegoStick OpenPuff -embeddedsw.net Audio Steg Tools: Deepsound -jpinsoft.net BitCrypt -bitcrypt.moshe-szweizer.com MP3 Stego -petitcolas.net Folder Steg tools: Gilisoft File Lock Pro - gilisoft.com Folder Lock - newsoftwares.net Spam/Email Steg Tools: Spam Mimic - spammimic.com Steg tools for Mobile Phones: Steganography Master -play.google.com stegais -stegais.com SPY PIX -juicybitsoftware.com Pocket Stego -talixa.com Steg Detection Tools: Gargoyle Investigator Forensic Pro - wetstonetech.com StegAlyzerSS -www.sarc.wv.com Stegdetect -github.com Clearing Logs Tools: Manually Covering Track Tools: CCleaner - piriform.com DBAN - cybertronsoft.com Wipe - Privacyroot.com BleachBit -bleachbit.org
Session Hijacking:
Burp suite -portswigger.net OWASP Zap -owasp.org BetterCap -bettercap.org netool toolkit -sourceforge.net Cookie Catcher -github.com Web Servers:
Info gathering: WHOis - whois.net Whois Lookup - whois.domaintools.com Whois -whoiscom DNSstuff toolbox - dnsstuff.com Domain Dossier -centralops.net Robots.txt file Web Server Footprinting Tools: -Netcat -sourceforge.net -Telnet -technet.microsoft.com -Netcraft -netcraft.com -httprecon -computec.ch -IDserve - grc.com -Recon-ng -bitbucket.org -Uniscan - sourceforge.net -P0f - github.com Enumerating Web server info: Use NMAP Website Mirroring tools: Httrack - httrack.com WebCopier Pro -maximumsoft.com Website Ripper Copier -tensons.com Webripper - visualwebripper.com Finding default credentials of a web server: -Official manuals or documents -Metasploit -Online resources such as Open Sez me or cirt.net -various other online resources Finding default content of a web server: -Nikto2 -cirt.net -exploit databases such as security focus to find info Vuln Scanning: -Acenetix -Fortify WebInspect -Nessus -Paros Session Hijacking tools: -Burpsuite -Firesheep -JHijack -Ettercap -Cookiecatcher Web Server Password Hacking: -Hashcat -hashcat.net -THC Hydra -Ncrack -RainbowCrack -Medusa Web server attack tools: -Wfetch -microsoft.com -THC Hydra -Hulk Dos -MPack -w3af Web app:
Footprinting web infrastucture: server discovery:
Whois Lookup
-Netcraft
-Whois.net
-SmartWhois
DNS interrogation
-DNSstuff Toolbox
-DIG
-DNS check
-Domain Tools
Port Scanning
-Nmap
-Netscan tools pro
-Advanced port scanner
-hping
Footprint web infrastruture : server identification/Banner grabbing
-Netcat
-ID serve
-Netcraft
Footprint web infrastruture : Detecting web app firewalls and proxies on target site
Wafw00f - github.com
Footprint web infrastruture : Hidden content discovery
Web spidering:
-Burp Suite
-OWASP Zed Attack Proxy
-Scrapy
-WebScarab
Web Crawling using mozenda web agent builder:
-Mozenda.com
-Octoparse.com
-Giant web crawl -80legs.com
-Crawler4j - github.com
Web server hacking tools:
Web Inspect - software.microfocus.com
Metasploit
Nikto
Nessus
HexorBase
identify server side technologies:
httprint - net-square.com
identify server side functionality:
GNU Wget -gnu.org
Blackwidow -softbytelabs.com
Teleport Pro -tenmax.com
Password attacks - Password guessing and brute-forcing:
-Password guessing
-THC hydra
-Cain & Abel
-Burp Suite
-L0phtcrack
-Brutus
cookie exploiting tools:
OWASP zed attack proxy - owasp.org
Burpsuite
XSSer - xsser.03c8.net
Web service attack tools:
SoapUI Pro - soapui.org
XMLSpy - altova.com
Web App hacking tools:
Burp Suite
Cookiedigger -mcafee.com
WebScarab - owasp.org
W3af
Httrack
WPscan
Fuzz Testing tools:
WSFuzzer - owasp.org
Webscrab
Burpsuite
Peach Fuzzer -peach.tech
IoT:
Info gathering for IoT devices: -Shodan -Multiping -pingman.com Vuln Scanning - use nmap use RIoT vuln scanner - beyondtrust.com Sniffing using foren6 -cetic.github.io Rolling code attack - RFCrack -github.com Hacking zigbee devices with attify zigbee framework: -attify.com Blueborne attack using HackRF One: -greatscottgadgets.com Info gathering tools: Censys - censys.io Thingful - thingful.net Sniffing tools: Z Wave Sniffer - suphammer.net Cloudshark - cloudshark.org Ubique Protocol Analyzer -perytons.com Vuln Scanning tools: beStorm - beyondsecurity.com Rapid7 metasploit pro IoTsploit - iotsploit.co IoTSeeker - info.rapid7.com IoTinspector - iot-inspector.com IoT hacking tools: Firmalyzer Enterprise - firmalyzer.com Chipwhisperer - newae.com rfcat-rolljam killerbee GATTack.io JTAGULATOR - grandideastudio.com
Mobile:
Android Rooting Tools:
KingoRoot -kingoapp.com
TunesGo Root Android tool - tunesgo.wondershare.com
One Click Root - oneclickroot.com
Unrevoked - unrevoked.com
MTK Droid - androidmtk.com
Superboot - galaxynexusforum.com
Superuser X - ksharkapps.com
Root Browser File Manager - jrummyapps.com
Blocking Wi Fi access using NETCUT:
-Netcut - aracai.com
Hacking with zANTI:
zANTI - zimperium.com
Hacking networks using Network Spoofer:
--digitalsquid.co.uk
Launching DoS attack using Low Orbit Ion Cannon (LOIC):
LOIC - play.google.com
Performing session hijacking using Droidsheep:
-droidsheep.org
Hacking with Orbot Proxy:
-guardianproject.info
Android Based sniffers:
Faceniff - faceniff.ponury.net
Packet Sniffer -play.google.com
tpacketcapture - taosoftware.co.jp
Android PCAP -play.google.com
Testeldroid - play.google.com
Postern
Wifiinspect
Sniffdroid