--------------------------------------------------------------------------------
#26 Perl / Python / Ruby: Simple, multi-purpose scripting language
Common security issues can be solved by tools online, but in scripting language you can write your own (or edit existing) tools when you need to solve a specific problem. Fast and simple scripting languages can test, discover vulnerabilities and even fix system vulnerabilities. CPAN is full of program modules similar to Net::RawIP and execution protocols, which can make your work easier.
--------------------------------------------------------------------------------
#27 L0phtcrack: Windows password guessing and recovery program
L0phtCrack is also called LC5, which is used to try to crack a Windows NT/2000 workstation, networked server, main domain controller, or active directory password through hashing (obtained through some access method). Sometimes it can also obtain the hash value of the password through sniffing. It can also guess passwords through a variety of means (dictionary, brute force, break, etc.). Symantec has stopped the development of LC5 in 2006, but the installation files of LC5 installer can be found everywhere. The free trial version can only be used for 15 days. Symantec has stopped selling the registration code for this software, so if you don't want to give up using it, you must find a corresponding registration code generator (key generator). Because Symantec no longer maintains this software, it is best to try to replace it with Cain and Abel or John the Ripper.
--------------------------------------------------------------------------------
#28 Scapy: Interactive packet processing tool
Scapy is a powerful interactive packet processing tool, packet generator, network scanner, network discovery tool and packet sniffing tool. It provides interactive functions such as multiple categories of interactive generation of packets or sets of packets, operating on packets, sending packets, packet sniffing, answering and feedback matching. The Python interpreter provides interactive functions, so Python programming knowledge (such as variables, loops, and functions) needs to be used. Supports the generation of reports, and reports are simple to generate.
--------------------------------------------------------------------------------
#29 Sam Spade: Windows Network Query Free Tool
Sam Spade provides graphical interfaces and convenient operations for the general work of many network queries. This tool is designed to track spammers, but it can also be used for many other network probing, management and security efforts. It contains many useful tools such as ping, nslookup, whois, dig, routing tracking, finder, raw HTTP web browser, DNS address translation, SMTP relay checking, website search, and more. Non-Windows users can use more other tools online.
--------------------------------------------------------------------------------
#30 GnuPG/PGP: Advanced encryption of your files and communications
PGP is a famous encryption program produced by Phil Zimmerman, which can protect your data from stealing and other dangers. GnuPG is an open source application with good reputation that complies with the PGP standard (the executable program is called gpg). GunPG is free, while PGP is charged for some users.
--------------------------------------------------------------------------------
#31 Airsnort: 802.11 WEP encryption cracking tool
AirSnort is a wireless LAN (WLAN) tool used to recover encrypted passwords. Produced by Shmoo Group, the working principle is to passively monitor transmission information, and start calculating the encryption password after collecting enough data packets. Aircrack is very similar to it.
--------------------------------------------------------------------------------
#32 BackTrack: A very innovative and breakthrough Live (engraved on the CD, the CD starts directly) CD-ROM self-booting Linux system platform
This excellent disc self-booting Linux system is a combination of Whax and Auditor. It is known for its super-large security and protection tools with a rich development environment. The focus is on its user-modular design, where users can customize which modules they engrave onto the CD, such as scripts written by themselves, additional tools, custom kernels, etc.
--------------------------------------------------------------------------------
#33 P0f: Universal passive operating system fingerprint tool
P0f can identify the operating system on the host by capturing and analyzing data packets sent by the target host, even if it is installed with a firewall with good performance on the system. P0f does not increase any direct or indirect network load, no name search, no secret detection, no ARIN query, nothing. Some experts can also use P0f to detect whether there is a firewall on the host, whether there is a NAT, whether there is a load balancer, etc.!
--------------------------------------------------------------------------------
#34 Google: Everyone's favorite search engine
Google is certainly not a security tool, but its super huge database is the best resource for security experts and intruders. If you want to know a company, you can use it to search for "site:", and you can obtain employee names, sensitive information (usually the company is not public, but it is hard to say on Google), software vulnerabilities installed within the company, etc. Similarly, if you find a website with a certain vulnerability on Google, Google will also provide you with a list of other websites with the same vulnerability. Among them, Johny Long, a guru who uses Google to conduct hacking activities, established a Google Hacking Database (Google Hacking Database) and published a book on how to use Google to conduct hacking activities. Google Hacking for Penetration Testers.
--------------------------------------------------------------------------------
#35 WebScarab: A framework for analyzing application using HTTP and HTTPS protocols
Its principle is simple. WebScarab records the session content (request and reply) it detects, and users can view the record in many forms. WebScarab is designed to allow users to master the operation process of some HTTP(S)-based program; it can also be used to debug more difficult bugs in the program, and can also help security experts discover potential program vulnerabilities.
--------------------------------------------------------------------------------
#36 Ntop: Network Communication Monitor
Ntop displays network usage in a process manager-like manner. In application mode, it can display the network status on the user terminal. In web mode, it acts as a web server to display network status in HTML documents. It is a NetFlow/sFlow transmitter and collector, which generates a NOP-centric monitoring program through an HTTP-based client interface. RRD (Round Robin Database) is used to continuously store network communication status information.
--------------------------------------------------------------------------------
#37 Tripwire: Very old file integrity checker
A file and directory integrity checker. Tripwire is a tool that helps system administrators and general users monitor changes in a specific file or directory. Can be used to perform daily system files(For example:every day)examine,TripwireYou can inform the system administrator of the file corruption or tampering,So this is a periodic method of file damage control。 Free open source Linux versions are available for download. AIDE is a Tripwire alternative to UNIX platform. Or Radmind, RKHunter and chkrootkit are also good choices. Windows users please use the RootkitRevealer produced by Sysinternals.
--------------------------------------------------------------------------------
#38 Ngrep: Convenient packet matching and display tool
ngrep implements as many functions as possible in GNU grep and applies them to the network layer. Ngrep is a pcap-aware tool that allows various regular or hexadecimal expressions to match data loads or packets. Currently, it supports ICMP, PPP, SLIP, FDDI, Token Ring and null interfaces on TCP, UDP, and Ethernet. It can also understand bpf filter logic in the same form as Tcpdump and snoop.
--------------------------------------------------------------------------------
#39 Nbtscan: Collect NetBIOS information on Windows network
NBTscan is a tool for scanning NetBIOS name information on IP networks. It obtains feedback information by sending status queries to all addresses within a specified range and presents it to the user in a table form. Feedback information of each address includes the IP address, NetBIOS computer name, logged-in user, and MAC address.
--------------------------------------------------------------------------------
#40 WebInspect: Powerful web program scanner
SPI Dynamics’ WebInspect application security assessment tool helps you identify known and unknown web layer vulnerabilities. It can also detect the configuration properties of the web server and conduct common web attacks, such as parameter injection, cross-site scripting, directory wandering, etc.
--------------------------------------------------------------------------------
#41 OpenSSL: The best SSL/TLS encryption library
The purpose of the OpenSSL project is to develop a robust, fully functional, open source, open-source, commonly used encryption library toolsets that can be compared with similar commercial programs through the spirit of open source cooperation. This project is maintained by volunteers around the world who contact, plan and develop OpenSSL toolsets and their related documents over the Internet.
--------------------------------------------------------------------------------
#42 Xprobe2: Active operating system fingerprint tool
XProbe is a remote host operating system probe tool. The developer is based on some of the same technologies as Nmap and has added his own innovations. Xprobe uses the ICMP protocol to obtain fingerprints.
--------------------------------------------------------------------------------
#43 EtherApe: EtherApe is a graphical interface network monitor that imitates etherman on the Unix platform
It includes three modes: connection layer, IP and TCP. The EtherApe network activity diagram identifies different protocols through different colors. The graphics size of the host and connection varies with communication. It supports Ethernet, FDDI, token ring, ISDN, PPP and SLIP devices. It can implement filtering network communications or grab network communication snapshot files.
--------------------------------------------------------------------------------
#44 Core Impact: Fully automatic comprehensive intrusion detection tool
Core Impact is not cheap (prepare for tens of thousands of dollars first), but it is recognized as the strongest vulnerability detection tool. It has a powerful professional vulnerability database with regular updates. It can easily hack a computer and use it as a springboard to do something else. If you can't afford Core Impact, you can check out the cheaper Canvas or the free Metasploit Framework. Of course, it is best to use three at the same time.
--------------------------------------------------------------------------------
#45 IDA Pro: Windows or Linux decompiler and debugger
Decompiler is a very important security research direction. It can help you tear down Microsoft's patches to understand vulnerabilities that Microsoft has not disclosed and quietly patched, or directly detect a server in a binary way to find out why an existing vulnerability does not work. There are many decompilers, but IDA Pro is a malicious code and vulnerability research and analysis tool that complies with the de-facto standard of binary packages. This graphical, programmable, extensible, multiprocessor-enabled decompiler now has a Linux (command line mode) version that is exactly the same as Windows.
--------------------------------------------------------------------------------
#46 SolarWinds: Network Discovery/Surveillance/Attack Series Tools
SolarWinds produces and sells many professional system management tools. Security-related include many network discovery scanners, an SNMP brute force\breaker, router password decryptor, TCP connection reset program, the fastest and easiest router settings download and upload program, etc.
--------------------------------------------------------------------------------
#47 Pwdump: A Windows password recovery tool
Pwdump can obtain NTLM and LanMan hash values from Windows hosts, regardless of whether the system password is enabled or not. It can also display historical passwords that exist in the system. The data output format is L0phtcrack compatible format, and data can also be output in file form.
--------------------------------------------------------------------------------
#48 LSoF: Open the file list
This is a diagnostic and research tool on the Unix platform that lists the file information opened by all current processes. It can also list communication sockets (communications sockets) opened by all processes. Similar tools on the Windows platform are Sysinternals.
--------------------------------------------------------------------------------
#49 RainbowCrack: An Innovative Password Hash Crack
RainbowCrack is a hash cracking tool that uses large-scale time-memory trade-off technology. Traditional brute force cracking tools will try every possible password, and it will be time-consuming to crack complex passwords. RainbowCrack uses time exchange technology to pre-calculate the cracking time and saves the calculation results into a table called "rainbow tables". Pre-calculation does take a long time, but it is much shorter than brute force\breaking\solve. And once the pre-calculation is completed and cracking begins, the time required for cracking will be very, very short.
--------------------------------------------------------------------------------
#50 Firewalk: Advanced Routing Tracking Tool
Firewalk uses a technology similar to routing tracking to analyze IP packet feedback to determine gateway ACL filter type and network structure. ㊣ COPY BY ㊣ This classic tool was rewritten by scratch in October 2002. Most of the features of this tool can be implemented in Hping2's routing tracking section.
Previous page1234Next pageRead the full text