Pandora’s Box


Welcome to the goodies room! The following are the security and forensic tools I found useful over the years. I installed them on a Linux system, but some are available for Microsoft Windows.

Perhaps the best known set of tools for breaking wireless gateway keys, although it’s not effective on a netbook with limited hardware resources.

Definitely a good idea to install this if you’re doing any static analysis or shellcoding.

Bokken and Radare
Bokken is the GUI for the Radare reverse engineering framework.

Command Line Tools
By this I mean the basic set of command line tools every hacker and network admin should be very familiar with, such as ping, whois, dig, nslookup, wget, traceroute, nmap, etc.

Shows a topology listing hosts on the local network, the IP addresses they’re in communication with and the communication protocols.

A lightweight developer environment that doubles as a text editor. It supports practically all the known programming languages (if the compilers are installed), and automates the compile-build-execute process.

GNU Debug
Useful to have. A command line debugging tool, although there are GUIs available for it.

Usually controlled by the msfconsole command line and the web browser interface. The Armitage GUI can be added as an optional extra.

Graphical C and C++ debugging program.

Netwide Assembler
Assembler for the x86 architecture.

A pretty good vulnerability scanner. It produces a HTML report that categorises discovered vulnerabilities and provides their database references. Don’t forget to check out the Tenabl Network Security podcast.

An alternative vulnerability scanner. It takes a little setting up.

Sleuth Kit and Autopsy
The Sleuth Kit is a set of command line tools for digital forensic applications, and Autopsy is the browser-based GUI. Using this, we can analyse imaged volumes, memory dumps and other data that was captured during the incident response stage. Cases can also be managed, with the option of archiving evidence in a more secure location.

Wieshark is arguably the single most important item in the pen testing toolkit, as practically evrything about the local network/VLAN can be derived through packet capture and analysis. Another possible application is rootkit discovery.

The graphical interface for nmap, but this program does a little bit more, namely automating scan configurations and constructing a topology of scanned hosts.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s