We present another list of the must hacking tools every 
hacker must have. These tools make the life of a hacker much easier and 
every n00b must first learn how to use these tools first.
AIRCRACK
Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can 
recover keys once enough data packets have been captured. It implements 
the standard FMS attack along with some optimizations like KoreK attacks,
 as well as the all-new PTW attack, thus making the attack much faster 
compared to other WEP cracking tools. In fact, Aircrack-ng is a set of 
tools for auditing wireless networks.
Site URL: 
http://www.aircrack-ng.org/
BackTrack
BackTrack is a A Linux Distribution focused on penetration testing.
Site URL: 
http://www.bactrack-linux.org
BarsWF
BarsWF is the worlds fastest md5 bruteforcing password cracker, just in case you didn't already know.
It combines using your computers processor with you graphics cards GPU 
for computing the largest amount of hashes as quickly as possible. It is
 not unheard of to get 100's of millions of hashes per second when using
 this application.
Prerequisites which really dont need to be mentioned are a processor 
with SSE2 instruction set, and any nvidia geforce 8 and up graphics card
 with CUDA support if you want the really fast one, otherwise most 
decently new nvidia graphics cards bought in the past 2 years should be 
able to work with this.
Site URL: 
http://3.14.by/en/md5
BLOODSHED IDE
Bloodshed IDE is an Integrated Development Environment (IDE) for the C/C++ programming language.
Site URL: 
http://www.bloodshed.net/devcpp.html
CAIN AND ABEL
Cain and Abel is a Windows password cracker, capable of cracking a variety of hashes, as well as arp poisoning, sniffing the network, etc.. to obtain those password hashes in the first place.
Site URL: 
http://www.oxid.it/cain.html
CANVAS
Immunity's CANVAS makes available hundreds of exploits, an automated 
exploitation system, and a comprehensive, reliable exploit development 
framework to penetration testers and security professionals worldwide. To see CANVAS in action please see the movies at immunitysec.com
Supported Platforms and Installations
# Windows (requires Python & PyGTK)
# Linux
# MacOSX (requires PyGTK)
# All other Python environments such as mobile phones and commercial 
Unixes (command line version only supported, GUI may also be available)
Exploits
# currently over 400 exploits, an average of 4 exploits added every monthly release
# Immunity carefully selects vulnerabilities for inclusion as CANVAS 
exploits. Top priorities are high-value vulnerabilities such as remote, 
pre-authentication, and new vulnerabilities in mainstream software.
# Exploits span all common platforms and applications
Payload Options
# to provide maximum reliability, exploits always attempt to reuse socket
# if socket reuse is not suitable, connect-back is used
# subsequent MOSDEF session allows arbitrary code execution, and 
provides a listener shell for common actions (file management, 
screenshots, etc)
# bouncing and split-bouncing automatically available via MOSDEF
# adjustable covertness level
Ability to make Custom Exploits
# unique MOSDEF development environment allows rapid exploit development
Development
# CANVAS is a platform that is designed to allow easy development of 
other security products. Examples include Gleg, Ltd's VulnDisco and the 
Argeniss Ultimate 0day Exploits Pack.
Site URL: 
http://www.immunitysec.com/products-canvas.shtml
CYGWIN
Cygwin is the next best thing to using Linux.
I personally do not use a windows box period, work, school, or other, unless I have Cygwin installed.
It's a large download, but once you get use to using it there's no turning back.
I have actually created a condensed copy that I carry around on my flash drive.
It comes complete with most Unix/Linux commands, to include the ability to compile things on the fly with gcc, perl, etc..
It has many useful things about it, but the only way to really see the 
extent of them is to use it yourself unless you like reading pages of 
technical data to help put you to sleep at night.
FYI...Last I checked it was currently managed by RedHat.
Site URL: 
http://www.cygwin.com/
DBAN
DBAN- Short for Darik's Boot and Nuke, is a good utility for securely erasing contents of hard disk.
It uses encryption and re-writing over drives multiple times for a 
fairly secure deletion which makes if very difficult if not impossible 
to recover using forensics.
Site URL: 
http://www.dban.org/about
FARONICS DEEP FREEZE
Faronics Deep Freeze helps eliminate workstation damage and downtime by 
making computer configurations indestructible. Once Deep Freeze is 
installed on a workstation, any changes made to the computer—regardless 
of whether they are accidental or malicious—are never permanent. Deep 
Freeze provides immediate immunity from many of the problems that 
"He-Who-Must-Not-Be-Named." computers today—inevitable configuration 
drift, accidental system misconfiguration, malicious software activity, 
and incidental system degradation.
Deep Freeze ensures computers are absolutely bulletproof, even when users have full access to
 system software and settings. Users get to enjoy a pristine and 
unrestricted computing experience, while IT personnel are freed from 
tedious helpdesk requests, constant system maintenance, and continuous 
configuration drift.
Site URL: 
http://www.faronics.com/html/deepfreeze.asp
NEMESIS
Nemesis is a packet injector utility that is command line based and supports linux and windows.
Site URL: 
http://www.packetfactory.net/projects/nemesis/
GEEKSQUAD MRI
GeekSquad MRI is the the Best Buy geek squad repair disc - Code Name MRI
 - for internal use only, confidential, and a trade secret. This is 
version 5.0.1.0 - the latest version.
 The disc has tools to help fix computers - it has AntiVirus, 
AntiSpyware, Disk Cleaner, Process List, Winsock Fix, etc, all in an 
attractive and quite usable interface!
Site URL:
At piratebay or google it.
SCAPY
Scapy is a packet manipulator used for crafting packets, sending packets, sniffing them etc. Also runs on Linux and Windows.
Site URL: 
http://www.secdev.org/projects/scapy/
TRUECRYPT
TrueCrypt- Free open-source disk encryption software.
Site URL: 
http://www.truecrypt.org
SKYPELOGVIEW
SkypeLogView reads the log files created by Skype application, and 
displays the details of incoming/outgoing calls, chat messages, and file
 transfers made by the specified Skype account. You can select one or 
more items from the logs list, and then copy them to the clipboard, or 
export them into text/html/csv/xml file.This utility works on any 
version of Windows starting from Windows 2000 and up to Windows 2008. 
You don't have to install Skype in order to use this utility. You only 
need the original log files created by skype, even if they are on an external drive.
Site URL: 
http://www.nirsoft.net/utils/skype_log_view.html
PASSWORD FOX
PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox
 Web browser. By default, PasswordFox displays the passwords stored in 
your current profile, but you can easily select to watch the passwords 
of any other Firefox profile. For each password entry, the following 
information is displayed: Record Index, Web Site, User Name, Password, 
User Name Field, Password Field, and the Signons filename. This utility 
works under Windows 2000, Windows XP, Windows Server 2003, and Windows Vista. Firefox should also be installed on your system in order to use this utility.
Site URL: 
http://www.nirsoft.net/utils/passwordfox.html
NESSUS
Nessus has been around for a little more than a little while now and has gone from free to almost free to it's gonna cost ya.
I'm not really sure regarding the newest updates as I haven't used it 
since it lost it's freedom, but I will say it has plugins for everything
 under the sun!
It is mainly used for network and server scanning and has the ability to
 test and create a client/server connection between yourself and the 
host you're testing with.
Site URL: 
http://www.nessus.org/nessus/
RAINBOW CRACK
RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique.
In short, the RainbowCrack tool is a hash cracker. A traditional brute 
force cracker try all possible plaintexts one by one in cracking time. 
It is time consuming to break complex password in this way. The idea of 
time-memory trade-off is to do all cracking time mabait in advance and 
store the result in files so called "rainbow table". It does take a long
 time to precompute the tables. But once the one time mabait is 
finished, a time-memory trade-off cracker can be hundreds of times 
faster than a brute force cracker, with the help of precomputed tables.
Site URL: 
http://www.antsight.com/zsl/rainbowcrack/
UNETBOOTIN
UNetbootin - An application to install an operating system to a flash 
drive or to a hard disk by either using the pre-downloaded iso file or 
by downloading the operating system through the application.
Site URL: 
http://unetbootin.sourceforge.net/
VISUAL STUDIO 2010
Visual Studio 2010- A development environment, and programmers best 
friend when it comes to designing windows applications. A little pricey,
 but free for academic use under the MSDNAA.
Site URL: 
http://www.microsoft.com/visualstudio/en-us
WINHEX
Winhex is a hexadecimal editor, particularly helpful in the realm of 
computer forensics, data recovery, low-level data processing, and IT 
security. Also a advanced tool for everyday and emergency use.
Code: [Check Download Links]
http://www.x-ways.net/winhex/
WPE PRO
Winsock Packet Editor (WPE) Pro is a packet sniffing/editing tool which 
is generally used to hack multiplayer games. WPE Pro allows modification
 of data at TCP level. Using WPE Pro one can select a running process 
from the memory and modify the data sent by it before it reaches the 
destination. It can record packets from specific processes, then analyze
 the information. You can setup filters to modify the packets or even 
send them when you want in different intervals. WPE Pro could also be a 
useful tool for testing thick client applications or web applications 
which use applets to establish socket connections on non http ports.
Site URL: 
http://wpepro.net/
IDP
Interactive Disassembler Pro (IDP) . Supports 80x86 binaries and FLIRT, a
 unique Fast Library Identification and Recognition Technology that 
automagically recognizes standard compiler library calls. Widely used in
 COTS validation and hostile code analysis.
In short it's what we like to call the "Reverse Engineer's Wet Dream".
Site URL: 
http://www.hex-rays.com/idapro/
HPING
Hping is a command-line TCP/IP assembler that supports TCP, ICMP, UDP and RAW-IP protocols.
also works on Unix systems, Windows, Sun and MacOS's.
Site URL: 
http://www.hping.org/
JOHN THE RIPPER
John the Ripper- free open-source software (if you want to buy you can always get the pro version)
John has been, and continues to still be, the most famous and most widely used password cracker for linux/unix systems.
Things everyone likes about it:
It's fast, it has support for cracking a lot of different but commonly 
used hash types, and it's able to run on just about anything.
Site URL: 
http://www.openwall.com/john/

 
 
No comments:
Post a Comment