Pandora’s Box

pandora

Welcome to the goodies room! The following are the security and forensic tools I found useful over the years. I installed them on a Linux system, but some are available for Microsoft Windows.

Aircrack-ng
Perhaps the best known set of tools for breaking wireless gateway keys, although it’s not effective on a netbook with limited hardware resources.
www.aircrack-ng.org

Binutils
Definitely a good idea to install this if you’re doing any static analysis or shellcoding.
www.gnu.org/software/binutils/

Bokken and Radare
Bokken is the GUI for the Radare reverse engineering framework.
http://inguma.eu/projects/bokken
http://radare.org/y/

Command Line Tools
By this I mean the basic set of command line tools every hacker and network admin should be very familiar with, such as ping, whois, dig, nslookup, wget, traceroute, nmap, etc.

EtherApe
Shows a topology listing hosts on the local network, the IP addresses they’re in communication with and the communication protocols.
http://etherape.sourceforge.net

Geany
A lightweight developer environment that doubles as a text editor. It supports practically all the known programming languages (if the compilers are installed), and automates the compile-build-execute process.
www.geany.org

GNU Debug
Useful to have. A command line debugging tool, although there are GUIs available for it.
https://www.gnu.org/software/gdb/

Metasploit
Usually controlled by the msfconsole command line and the web browser interface. The Armitage GUI can be added as an optional extra.
www.metasploit.com
www.fastandeasyhacking.com

Nemiver
Graphical C and C++ debugging program.
https://projects.gnome.org/nemiver/

Netwide Assembler
Assembler for the x86 architecture.
www.nasm.us

Nessus
A pretty good vulnerability scanner. It produces a HTML report that categorises discovered vulnerabilities and provides their database references. Don’t forget to check out the Tenabl Network Security podcast.
www.tenable.com/products/nessus

OpenVAS
An alternative vulnerability scanner. It takes a little setting up.
www.openvas.org

Sleuth Kit and Autopsy
The Sleuth Kit is a set of command line tools for digital forensic applications, and Autopsy is the browser-based GUI. Using this, we can analyse imaged volumes, memory dumps and other data that was captured during the incident response stage. Cases can also be managed, with the option of archiving evidence in a more secure location.
http://sleuthkit.org/autopsy/
www.sleuthkit.org

Wireshark
Wieshark is arguably the single most important item in the pen testing toolkit, as practically evrything about the local network/VLAN can be derived through packet capture and analysis. Another possible application is rootkit discovery.
www.wireshark.org

Zenmap
The graphical interface for nmap, but this program does a little bit more, namely automating scan configurations and constructing a topology of scanned hosts.
http://nmap.org/zenmap/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s