Security Resources
This will be a continual work in progress. All links and tools mentioned are for the purpose of ethical hacking, legal penetration testing, and security research. Use at your own risk.
Bluetooth Radio Analysis
BCCMD
BSS
BTAddr
BTAudit
BTPinCrack
Bluebugger
BlueMaho
Blueprint
BlueScan
BlueSmash
BlueSnarfer
BlueSquirrel
Braces
Btscanner
CW-Tools
CarWhisperer
Frontline
Ghettotooth
GreenPlaque
HCIDump
HID-Attack
Minicom
ObexFTP
ObexStress
Packet Replay
Redfang
TBSearch
TBear
Tanya
Ussp-Push
Database Analysis
BlindSQL – contains SQLCheck and SQLData shell scripts
DBPwAudit – online password auditing for numerous db servers
MSSQLScan – scans for MSSQL servers
Metacoretex – database vulnerability scanner
Mysqlaudit – audits for common security misconfigurations in MySQL
Oracle Auditing Tools – OraclePWGuess, OracleQuery, OracleSamDump, OracleSysExec, and OracleTNSCtrl
OScanner – Oracle assessment framework
PBLind – exploits blind sql injection vulnerabilities
SA Exploiter – website seems down, but great MSSQL tool available with BackTrack
SQLiX – SQL injection scanner from OWASP
SQLMap – automated sql injection
SQLbrute – brute force data with blind SQL injection
SQL Ninja – SQL Server injection and takeover tool
Sqlsus – MySQL injection and takeover tool
THC-OracleCrackert – Oracle 11g password cracker
UDF
Digital Forensics
AIR Imager
Afcat
Afcompare
Afconvert
Affix
Afinfo
Afstats
Afxml
Aimage
Allin1
Autopsy
Chkrootkit
Clamscan
DCFLDD
DD_rescue
Fatback
Foremost
Galleta
Magicrescue
MBoxGrep
Memdump
PhotoRec
Scalpel
Scrub
TestDisk
TrID
Vinetto
Wipe
Information Gathering
0trace – runs traceroute with an established TCP connection, bypasses some packet filtering
DMitry – gathers information about a host
dnswalk – DNS debugger
DNSTracer – determines where a given DNS gets its information from
DNSenum – enumerates information on a given domain and discovers non-contiguous ip blocks
dnsmap – subdomain bruteforcer for stealth enumeration
Dnsrecon – target enumeration through DNS
Dradis – information sharing framework
Fierce Domain Scan – domain scanner capable of identifying targets inside and outside a corporate network
Goorecon – enumeration of hosts, subdomains, and emails from a given domain using Google
Gooscan
Itrace
Lanmap
Lbd
Maltego
Metagoofil
Netenum
Netmask
Protos
SEAT
TCPtraceroute
Tctrace
TheHarvester
Malware Analysis (Windows Tools)
AutoIT
bintext
CaptureBAT
Depends
Dud
DynamicAnalysis
File
Frhed
FSG
GUnPacker
Handle
InCtrl
Inetsim
md5sum
odbg
Openports
pecheck
pefile
PEID
PEview
pmdump
ProcessExplorer
ProcessMonitor
ProtectionID
RegShot
Sandnet
Strings
TCPView
trid
Truman
upx
UserDB
WinDump
WinPcap
Wireshark
xvi
Network Mapping
0trace
4nmp
Amap
Arping
Autoscan
DMitry
Fping
Genlist
Hping2
Hping3
Httprint
Httsquash
Ike-scan
Lanmap
Lanmap2
LetDown
Nbtscan
Netifera
Nmap
Nsat
Onesixtyone
OutputPBNJ
p0f
PSK-Crack
Propecia
Protos
ReverseRaider
SCTPscan
SSLscan
ScanPBNJ
TCPtraceroute
Unicornscan
XProbe2
Zenmap
Smb4k
Password Attacks
Bkhive
BruteSSH
Chntpw
CUPP
Crunch
DNSBruteforce
Hydra
John
Lodowep
Medusa
Ophcrack
Pw-inspector
Pyrit
RTDump
RTGen
RTSort
Rainbowcrack
Rarcrack
RWW-Attack
Saltymd5
Samdump2
SSHater
TFTP-bruteforcer
VNCrack
Wyd
XHydra
Penetration
Fast Track – BackTrack front-end that automates a great deal of penetration testing
Inguma – a free Vulnerability Research and Penetration Testing Toolkit
Metasploit Exploitation Framework – modular penetration testing framework
sapyto – SAP Penetration Testing Framework
Social Engineering Toolkit – self explanatory, amazing
Reverse Engineering
Evans Debugger – Linux equivalent of OllyDBG
GDB GNU Debugger – open source debugger
IDA Pro – Windows or Linux hosted multi-processor disassembler and debugger
OllyDBG – 32-bit assembler level analysing debugger for Windows
RFID Analysis
RFIDIOt – huge collection of tools and hardware recommendations
Security Conferences
BlackHat (DC / Europe / Abudhabi / Las Vegas)
DefCon (Las Vegas)
HOPE (Hackers of Planet Earth) (NYC) 2600 sponsored
Information Security Summit (NE Ohio)
notacon (Cleveland)
RSA Conference
ShmooCon (Washington D.C)
ThotCon (Chicago)
Security Configurations for Operation Systems and Handhelds
The Center for Internet Security Benchmarks
NIST General Security Documents
NSA Security Configuration Guides
Security News
Security Podcasts
Exotic Liability
Pauldotcom
Security Justice
Session Hijacking
Hunt
IP Watcher
Juggernaut
TTY watcher
Sniffers
Arpalert
DSniff
Driftnet
Etherape
Ettercap
Ferret
Hamster
Ntop
SMBRelay3
SSLDump
SSLStrip
TcPick
Wireshark
Xspy
Xwatchwin
Spoofing
ADM-dns-tools
Etherape
Ettercap
ICMP Redirect
IRDP Responder
ISP
Igrp route injection
Middler
Nemesis
NetSed
Netenum
PackETH
Packit
SSLDump
SSLStrip
Scapy
Sing
TCPreplay
Tunneling
3proxy
CryptCat
DNS2tcp
Miredo
Nstx
ProxyTunnel
Proxychains
Proxyresolv
Ptunnel
Sbd
Socat
Stunnel4
TinyProxy
UDPtunnel
VoIP Analysis
Ace – VoIP corporate directory enumeration
Add_registrations
EnumIAX
Erase_registrations
IWaar
Iaxflood
Inviteflood
Ohrwurm
PCAPsipdump
Protos-Sip
RTP Flood
RTP InsertSound
RTP MixSound
RTPInject
RTPbreak
RedirectPoison
SIPP
SIPSak
SIPcrack
SIPdump
SIPvicious
Sip-scan
Sip_rogue
Smap
Teardown
ucsniff – VoIP & IP Video Security Assessment tool
vnak – attack multiple VoIP protocols
VoIPER – VoIP Exploit Research toolkit
VoIP Hopper – VLAN Hop test tool
VoIPong – VoIP sniffer and call detector
vomit – voice over misconfigured internet telephones
Warvox – VoIP wardialer
Vulnerability Identification
Nessus – free for personal use, commercial scanner by Tenable
OPENVAS – fork of the Nessus project opting to remain open source
SAINT – commercial scanner
Web Application Analysis
Acunetix Web Vulnerability Scanner – commercial product
ASP-Audit – fingerprint ASP.NET servers
AppScan – IBM, formerly Rational commercial product
Burpsuite – web attacking platform
CeWL – Custom Word List generator
Core IMPACT Pro – commercial product
CSRFTester – CSRF testing script from OWASP
cURL – command line HTTP/HTTPS client
DFF Scanner – finds common files and folders on web server
DirBuster – directory and file brute forcer
Durzosploit – javascript exploit generation framework in Ruby
Exploit-Me – free Firefox addons from Security Compass (XSS-Me, SQL Inject-Me, Access-Me)
Fierce Domain Scanner – reconnaissance tool for quickly scanning domains by RSnake
fimap – find local and remote file inclusion bugs
Flare – Actionscript decompiler
Flasm – assembler/disassembler of Flash ActionScript bytecode
GPScan – Google profile scanner
Grabber – web application scanner in Python
Grendel-Scan – web application security testing tool
hcraft – HTTP vulnerability request crafter
httprint – web server fingerprinting tool
JBroFuzz – web application fuzzer
JMeter – Java based load and performance tester by Apache
lbd – load balancing detector
List-Urls – link extractor, comes with BackTrack, link is howto use it
Lynx – text web browser
Metasploit WMAP – web application scanning framework for Metasploit
Mini MySqlat0r – discover and exploit SQL injection exploits, written in Java
N-Stalker Web Application Security Scanner – commercial product
Nikto – web server scanner with a lot of CGI capabilities
openAcunetix – java-based web application scanner
Paros proxy – web scanning Java based proxy
Powerfuzzer – automated and customizable web fuzzer
ProxyStrike – active web application proxy
ratproxy – semi-automated, largely passive web application security audit tool
SWFIntruder – first Flash application runtime testing and analysis tool
soapUI – web service testing tool
w3af – web application attack and audit framework
WAFW00F – identify and fingerprint web application firewall products
Wapiti – web application vulnerability scanner / security auditor
WebInspect – HP’s commercial product
WebScarab – web scanning framework in Java from OWASP
Webshag – web server audit tool with crawling, URL scanning, and fuzzing
Wfuzz – the web bruteforcer
Whisker – deprecated scanner, but home of libwhisker
WhiteHat Sentinel – commercial product
Wikto – similar to Nikto, built on .Net framework *shivers*
WMAT – web mail login tester
XSSS – brute force cross site scripting scanner