Hacking Tools :-
Port Scanners :-
 |
Nmap
:- This tool developed by Fyodor is one of the
best unix and windows based port scanners. This advanced port
scanner has a number of useful arguments that gives user a lot
of control over the process. Home:- http://www.insecure.org Latest Release:- Nmap 5.50 Download:- http://nmap.org/download.html |
 |
Superscan
:- A Windows-only port scanner, pinger, and
resolver SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois. Home:- http://www.foundstone.com Latest Release:- SuperScan v4.0 Download:- http://www.foundstone.com/us/resources/proddesc/superscan4.htm |
 |
Angry
IP Scanner :- A fast windows IP scanner and
port scanner. Angry IP Scanner can perform basic host discovery
and port scans on Windows. Its binary file size is very small
compared to other scanners and other pieces of information about
the target hosts can be extended with a few plugins. Home:- http://www.angryziber.com [sourceforge.net] Latest Release:- IPScan 3.0-beta3 Download:- http://www.angryziber.com/w/Download |
 |
Unicornscan
:- Unicornscan is an attempt at a User-land
Distributed TCP/IP stack for information gathering and correlation.
It is intended to provide a researcher a superior interface
for introducing a stimulus into and measuring a response from
a TCP/IP enabled device or network. Some of its features include
asynchronous stateless TCP scanning with all variations of TCP
flags, asynchronous stateless TCP banner grabbing, and active/passive
remote OS, application, and component identification by analyzing
responses. Home:- http://www.unicornscan.org Latest Release:- Unicornscan 0.4.7-2 Download:- http://www.unicornscan.org |
OS Fingerprinting Tools :-
|
Nmap
:- This tool developed by Fyodor is one of the
best unix and windows based active os fingerprinting tool. Home:- http://www.insecure.org Latest Release:- Nmap 5.50 Download:- http://nmap.org/download.html |
 |
P0f
:- A passive OS fingerprinting tool. P0f is
able to identify the operating system of a target host simply
by examining captured packets even when the device in question
is behind an overzealous packet firewall.P0f can detect firewall
presence, NAT use, existence of load balancers, and more! Home:- http://lcamtuf.coredump.cx/p0f.shtml Latest Release:- p0f v2 (2.0.8) Download:- http://lcamtuf.coredump.cx/p0f.shtml |
 |
Xprobe2
:- Active OS fingerprinting tool. XProbe is
a tool for determining the operating system of a remote host.
They do this using some of the same techniques as Nmap as well
as some of their own ideas. Xprobe has always emphasized the
ICMP protocol in its fingerprinting approach. Home:- http://www.sys-security.com [sourceforge.net] Latest Release:- Xprobe2 0.3 Download:- http://sourceforge.net/projects/xprobe |
 |
Cain and Abel :- The top password recovery tool
for Windows. This Windows-only password recovery tool handles
an enormous variety of tasks. It can recover passwords by sniffing
the network, cracking encrypted passwords using Dictionary,
Brute-Force and Cryptanalysis attacks, recording VoIP conversations,
decoding scrambled passwords, revealing password boxes, uncovering
cached passwords and analyzing routing protocols. Home:- http://www.oxid.it Latest Release:- cain & abel v4.9.40 Download:- http://www.oxid.it/cain.html |
 |
John the Ripper :- A powerful, flexible, and
fast multi-platform password hash cracker. John the Ripper is
a fast password cracker, currently available for many flavors
of Unix, DOS, Win32, BeOS, and OpenVMS. Its primary purpose
is to detect weak Unix passwords. It supports several crypt(3)
password hash types which are most commonly found on various
Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP
LM hashes. Several other hash types are added with contributed
patches. Home:- http://www.openwall.com Latest Release:- John the Ripper 1.7 Download:- http://www.openwall.com/john/ |
 |
THC
Hydra :- A Fast network authentication cracker
which support many different services. When you need to brute
force crack a remote authentication service, Hydra is often
the tool of choice. It can perform rapid dictionary attacks
against more then 30 protocols, including telnet, ftp, http,
https, smb, several databases, and much more. Home:- http://www.thc.org Latest Release:- THC-Hydra v5.4 Download:- http://freeworld.thc.org/thc-hydra/ |
 |
L0phtcrack
:- Windows password auditing and recovery application L0phtCrack, also known as LC5, attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows NT/2000 workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). Home:- Not Available Latest Release:- L0phtcrack v5.04 Download:- http://download.insecure.org/stf/lc5-setup.exe http://download.insecure.org/stf/lc5-crack.zip (keygen) |
| Pwdump
:- Windows password recovery tool. Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file. Home:- http://www.foofus.net/fizzgig/pwdump Latest Release:- pwdump6 version 1.7.2 Download:- http://swamp.foofus.net/fizzgig/pwdump/downloads.htm |
| RainbowCrack
:- An Innovative Password Hash Cracker. The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished. Home:- http://www.antsight.com Latest Release:- rainbowcrack v1.2 Download:- http://www.antsight.com/zsl/rainbowcrack/ |
| Brutus
:- A network brute-force authentication cracker This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. Home:- http://www.hoobie.net Latest Release:- brutus-aet2 Download:- http://www.hoobie.net/brutus/brutus-download.html |
Vulnerability Scanners :-
 |
Nessus :- Premier UNIX vulnerability assessment
tool Nessus is the best free network vulnerability scanner available, and the best to run on UNIX at any price. It is constantly updated, with more than 11,000 plugins for the free (but registration and EULA-acceptance required) feed. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. Home:- http://www.nessus.org Latest Release:- Nessus 4 Download:- http://www.nessus.org/download/ |
 |
GFI LANguard :- A commercial network security
scanner for Windows GFI LANguard scans IP networks to detect what machines are running. Then it tries to discern the host OS and what applications are running. I also tries to collect Windows machine's service pack level, missing security patches, wireless access points, USB devices, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. Scan results are saved to an HTML report, which can be customized/queried. It also includes a patch manager which detects and installs missing patches. Home:- http://www.gfi.com Latest Release:- GFI LANguard Network Security Scanner 8 Download:- http://www.gfi.com/lannetscan/ |
 |
Retina
:- Commercial vulnerability assessment scanner
by eEye Like Nessus, Retina's function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research. Home:- http://www.eeye.com Latest Release:- Retina Network Security Scanner v5.15.7 Download:- http://www.eeye.com/html/Products/Retina/index.html |
 |
Core
Impact :- An automated, comprehensive penetration
testing product. it is widely considered to be the most powerful
exploitation tool available. It sports a large, regularly updated
database of professional exploits, and can do neat tricks like
exploiting one machine and then establishing an encrypted tunnel
through that machine to reach and exploit other boxes. Home:- http://www.coresecurity.com Latest Release:- Core Impact 4.0 Download:- http://www.coresecurity.com/ |
 |
ISS Internet Scanner :-
Application-level vulnerability assessment Internet Scanner started off in '92 as a tiny open source scanner by Christopher Klaus. Now he has grown ISS into a billion-dollar company with a myriad of security products.
http://www.iss.net/products_services/enterprise_protection
/vulnerability_assessment/scanner_internet.php |
 |
SARA
:- Security Auditor\92s Research Assistant SARA is a third generation network security analysis tool that Operates under Unix, Linux, MAC OS/X or Windows. The first generation assistant, the Security Administrator's Tool for Analyzing Networks (SATAN) was developed in early 1995. It became the benchmark for network security analysis for several years. However, few updates were provided and the tool slowly became obsolete in the growing threat environment. Home:- http://www-arc.com Download:- http://www-arc.com/sara |
Packet Sniffers :-
|
