Info request - Penetration Testing tools list

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I haven't played with the pen test tools lately (since 4 years).  The
most familiar tools are Nessus/nmap/strobe (from freeware world) and
ISS/Cybercop and others from the (commercial world).

Recently, I have heard of metasploitz (sp).  Is this a compilation of
all the exploits?

A lot has changed in the last 2 years!  I am trying to update my pen
test skills.   What are the current tools that I should be familiar with?

Thank you in advance for any information and advice.


Subba Rao
Please remove SPAMBUSTER to reply via email.

Re: Info request - Penetration Testing tools list

Subba Rao wrote:
Quoted text here. Click to load it

Consider giving the following security based live CDs a look.

Auditor (check the research blog also)
WHoppix (nice flash based demos as well)

These should have many of the tools that you will need to get started.


Re: Info request - Penetration Testing tools list

Subba Rao wrote:
Quoted text here. Click to load it

As from 'Auditor Security Live' collection:
Security Auditing:

        itrace  -  traceroute ICMP echo
        tctrace -  traceroute TCP SYN packets
        Gnetutil 1.0
        Curl - transfer a URL
        tkmib -  MIB browser for SNMP
        arpfetch - eth/ip adress vio snmp
        gq - GTK based LDAP Client
        LinNeighborhood - SMB Network Browser
        net - tool for administration od samba CIFS servers(samba packet)
        SMB DumpUsers 0.9.1
        SMB ServerInfo 0.9.1
        nmblookup - lookup NetBIOS names(samba packet)
    OS Detection
        xprobe2  - OS fingerprinting tool
        queso -  OS fprint tool
        P0f - passive OS fingerprinting
        cheops - net monitor tools for sys administration

    Security Scanners
        Raccess - Remote Access Session
    Webserver Scanners
        whisker - CGI scanner
        Nikto - Server and CGI scanner
        ab - apachebench
    Network Scanners
        nmap /fe
        scanrand - Stateless TCP net analysis system
        ike-scan  - discover and fingeprint IKE hosts (IPsec VPN)
    Application Scanners
        amap - app mapper
        scanssh - scans for open proxys and ssh servers
    SMB Scanners
        nbtscan - scans networks for NetBIOS name information
        smb-nat - NetBIOS auditing tool
    Router Scanner
        ass - autonomous system scanner

    Network Analyzers
        Etherape - graphical network browser
    Password Analyzers
    Application Analyzers
        Mailsnarf - sniff mail messages
        urlsnarf - sniff HTTP requests
        spkproxy - web application auditing

        arpspoof - intercept packets on a switched LAN
        macof - flood switched LAN's with random MAC's
        dnsspoof - forge replies to DNS adress
        hping2 - send arbitrary TCP/IP packets to hosts
        icmpush - ICMP packet builder
        tcpreply - reply packets from capture files
        IP Sorcery - packet generator
        cdp - cdp packet generator
    Routing Protocols
        igrp - igrp route injector
    WEP Breaking
        Wep Crack
        Wep Decrypt

    hydra - multi purpose bruteforcer (GTK Gui postoji)
    k0ldS - LDAP bruteforcer
    ADMsnmp - SNMP bruteforcer
    ObiWan III - HTTP Bruteforcer
    guess-who - SSH bruteforcer

Password Crackers
    John the Ripper
        fcrackzip - ZIP pass cracker
Digital Forensics
    Data Recovery
        testdisk - scan and repair disk partitions
    ext2fs recovery
        recover - recover a deleted file    
    Secure Delete
        Wipe - securely erase files

        Internetwork Routing Protocol Attack Suite
    Nemesis Project

      "Not mind. Not code. Not things.
  Always changing, yet never changing."
GPG:0xA8916BBD |

Re: Info request - Penetration Testing tools list

Quoted text here. Click to load it

GNU c compiler and perl.


Site Timeline