8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 1/26

Hacking Tools RepositoryHere is a list of security tools that have been collected from the internet. These

tools are specifically aimed toward security professionals and

enthusiasts/hobbyists for testing and demonstrating security weaknesses.

These tools are created for the sole purpose of security awareness andeducation, they should not be used against systems that you do not have

permission to test/attack. You could end up in jail.

ost of the tools are open source/free with a couple of e!ceptions, before

using any tools, " recommend that you read the instructions/documentationavailable on each of the individual tool#s websites. $lthough some of the tools

could be listed in more than one category, they only appear in the list only

once, under its primary category.

"f you have suggestions or links to tools/scripts to submit, please do, you canfork, edit, send a pull re%uest or you can leave a comment on the wiki page

here, your name or github page will be credited.

https&//github.com/'e!os/hacking(tools(repository/wiki)*asswords )+canning )+niffer )numeration )-etworking Tools )ireless 

)luetooth )eb +canners )0atabase )1uln +canners )1uln $pps )2ive 30 

*asswords

3ain 4 $bel

3ain 4 $bel is a password recovery toolfor icrosoft 5perating +ystems. "tallows easy recovery of various kind of

passwords by sniffing the network.

3ache0ump

3ache0ump, licensed under the '*2,

demonstrates how to recover cache

entry information& username and+3$+H.

6ohn the Ripper

6ohn the Ripper is a fast password

cracker, currently available for manyflavors of 7ni! 899 are officially

supported, not counting different

architectures:, indows, 05+, e5+,and 5pen1+.

;+3rack '7" for 6ohn the Ripper. ;+3rack is a

front end for 6ohn the Ripper 86tR: thatprovides a graphical user interface

8'7": for access to most of 6tR<s

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 2/26

functions.

Hydra

$ very fast network logon cracker whichsupport many different services.-umber

one of the biggest security holes arepasswords, as every password security

study shows.

keimp!

keimp! is an open source tool, releasedunder a modified version of $pache

2icense 9.9. "t can be used to %uicklycheck for the usefulness of credentials

across a network over +.

edusa

edusa is intended to be a speedy,

massively parallel, modular, login brute(forcer. The goal is to support as many

services which allow remoteauthentication as possible.

-crack

-crack is a high(speed network

authentication cracking tool. "t was builtto help companies secure their networks

by proactively testing all their hosts and

networking devices for poor passwords.

5phcrack

5phcrack is a indows passwordcracker based on rainbow tables. "t is a

very efficient implementation ofrainbow tables done by the inventors of

the method.

Rainbow3rackRainbow3rack is a general proposeimplementation of *hilippe 5echslin#s

faster time(memory trade(off techni%ue.

phrasen=drescher

phrasen=drescher 8p=d: is a modularand multi processing pass phrase

cracking tool. "t comes with a number of 

plugins but a simple plugin $*" allowsan easy development of new plugins.

23*

ain purpose of 23* program is useraccount passwords auditing andrecovery in indows

-T/>???/@*/>??A.

3runch

3runch is a wordlist generator whereyou can specify a standard character set

or a character set you specify. crunch

can generate all possible combinationsand permutations.

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 3/26

;crackBip

-aturally, programs are born out of anactual need. The situation with fcrackBip

was no different... "#m not using Bip verymuch, but recently " needed a password

cracker.

numia!

num"$@ is an "nter $sterisk !changeversion > 8"$@>: protocol username

brute(force enumerator. enum"$@ may

operate in two distinct modesC+e%uential 7sername 'uessing or

0ictionary $ttack.

yd

wyd.pl was born out of those two ofsituations& 9. $ penetration test should

be performed and the default wordlistdoes not contain a valid password. >.

0uring a forensic crime investigation a

password protected file must be openedwithout knowing the the password.

ruter

ruter is a parallel network login brute(

forcer on inA>. This tool is intended todemonstrate the importance of choosing

strong passwords. The goal of ruter is

to support a variety of services thatallow remote authentication.

The ssh

bruteforcer

"s a tool to perform dictionary attacks tothe ++H servers, it#s a simple tool, you

set the target server, target account,wordlist, port and wait..

2odowep

2odowep is a tool for analyBingpassword strength of accounts on a

2otus 0omino webserver system. Thetool supports both session( and basic(

authentication.

++Hatter

++Hatter uses a brute force techni%ue todetermine how to log into an ++H

server. "t rigorously tries eachcombination in a list of usernames andpasswords to determine which ones

successfully log in.

Top

+canning

$map $map is a ne!t(generation scanning tool,which identifies applications and services

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 4/26

even if they are not listening on thedefault port by creating a bogus(

communication and analyBing theresponses.

0r.orena

0r.orena is a tool to confirm the rule

configuration of a ;irewall. Theconfiguration of a ;irewall is done by

combining more than one rule.

;irewalk

;irewalk is an active reconnaissancenetwork security tool that attempts to

determine what layer D protocols a given

"* forwarding device will pass. ;irewalkworks by sending out T3* or 70* packets

with a TT2 one greater than the targetedgateway.

-etcat

-etcat is a featured networking utility

which reads and writes data acrossnetwork connections, using the T3*/"*protocol. "t is designed to be a reliable

Eback(endE tool that can be used directlyor easily driven by other programs and

scripts.

"ke +can

"ke(scan is a command(line tool that usesthe "F protocol to discover, fingerprint

and test "*+ec 1*- servers. "t is availablefor 2inu!, 7ni!, ac5+ and indows

under the '*2 license.

-map

-map 8#-etwork apper#: is a free open

source utility for network e!ploration orsecurity auditing. "t was designed to

rapidly scan large networks, although itworks fine against single hosts.

Genmap

Genmap is the official -map +ecurity

+canner '7". "t is a multi(platform 82inu!,indows, ac 5+ @, +0, etc.

5nesi!tyone

onesi!tyone is an +-* scanner which

utiliBes a sweep techni%ue to achieve very

high performance. "t can scan an entireclass network in under 9A minutes.

+uper+can D

*owerful T3* port scanner, pinger,

resolver. +uper+can D is an update of thehighly popular indows port scanning

tool, +uper+can

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 5/26

$utoscan

$uto+can(-etwork is a network scanner8discovering and managing application:.

-o configuration is re%uired to scan yournetwork. The main goal is to print the list

of connected e%uipments in your network.

Fnocker

Fnocker is a simple and easy to use T3*security port scanner written in 3 to

analyBe hosts and all of the different

services started on them.

-sat

-+$T is a robust scanner which is

designed for& 0ifferent kinds of wide(

ranging scans, keeping stable for days.+canning on multi(user bo!es 8local

stealth and non(priority scanningoptions:.

5utput*-6

*-6 is a suite of tools to monitor changes

on a network over time. "t does this bychecking for changes on the targetmachine8s:, which includes the details

about the services running on them aswell as the service state.

+can*-6

+can*-6 performs an -map scan and

then stores the results in a database. The+can*-6 stores information about the

machine that has been scanned. +can*-6stores the "* $ddress, 5perating +ystem,

Hostname and a localhost bit.

glypeahead

y default the 'lype pro!y script has few

restrictions on what hosts/ports can beaccessed through it. "n addition, the pro!y

script normally displays all c7R2(relatederror messages.

7nicornscan

7nicornscan is a new information

gathering and correlation engine built forand by members of the security research

and testing communities.

T3* ;ast +can

$ very very fast tcp port scanner for linu!.

Runs very %uickly. 3an scan a lot ofhosts / ports ranges at a time.

ulti ThreadedT3* *ort

+canner A.?

This tool could be used to scan ports of

certain "*. "t also could describe each portwith standard name 8well(known and

registered ports:.

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 6/26

ing+weeper

ing+weeper is a network reconnaissancetool designed to facilitate large address

space,high speed node discovery andidentification.

7map87*-*ap:

7map 87*-* ap: attempts to scan open

T3* ports on the hosts behind a 7*-*enabled "nternet 'ateway 0evice8"'0:

-$T.

+end"*

+end"* has a large number of commandline options to specify the content of every

header of a -T*, '*, R"*, R"*ng, T3*,

70*, "3* or raw "*vD and "*vI packet."t also allows any data to be added to the

packet.

*ort+entry

The +entry tools provide host(levelsecurity services for the 7ni! platform.

*ort+entry, 2ogcheck/2og+entry, andHost+entry protect against portscans,automate log file auditing, and detect

suspicious login activity on a continuousbasis.

3urr*orts

3urr*orts will display the list of all

currently opened T3*/"* and 70* portson your *3. ;or each port in the list,

information about the process that openedthe port is also displayed.

-scan

-+can itself is a port scanner, which uses

connect8: method to find the list of the

host#s open ports. The difference from themost of other portscanners is it#s

fle!ibility and speed.

-etwork$ctiv

+can

-etwork$ctiv *ort +canner is a networke!ploration and administration tool that

allows you to scan and e!plore internal2$-s and e!ternal $-s.

lues *ort+canner

$ good port scanner is just one of the

basic tools anyone who is seriously

interested in the internet needs. Thelues*ort+can is, i think, the fastest

scanner for A>it windows which you canfound in the net.

Gap Gap is an open(source network scanner

that enables researchers to easily perform"nternet(wide network studies. ith a

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 7/26

single machine and a well provisionednetwork uplink, Gap is capable of

performing a complete scan of the "*vDaddress space in under DJ minutes,

approaching the theoretical limit of gigabitthernet.

subdomain(bruteforcer

+ubdomain(bruteforcer is a multi(

threaded python tool for enumerating

subdomains from a dictionary file.*articularily useful for finding admin

panels or other dodgy web practices.

ircsnapshot

"rcsnapshot is a python tool that connectsa bot to a server in order to fetch users#

hostmasks, names, and channelaffiliationsC also supports the creation of a

world map using the scraped data. 7seful

for reconnaissance on a "R3 server full ofsuspected bots. +upports +53F+ and T5R.

Top

+niffer

ireshark

ireshark is used by network professionals

around the world for troubleshooting,analysis, software and protocol

development, and education.

3haosreader

$ freeware tool to trace T3*/70*/...sessions and fetch application data from

snoop or tcpdump logs. This is a type of

Eany(snarfE program, as it will fetch telnetsessions, ;T* files, HTT* transfers 8HT2,

'";, 6*', ...:, +T* emails, ... from thecaptured data inside network traffic logs.

dsniff 

dsniff is a collection of tools for network

auditing and penetration testing. dsniff,

filesnarf, mailsnarf, msgsnarf, urlsnarf, and

webspy passively monitor a network forinteresting data.

ttercap

ttercap is a suite for man in the middle

attacks on 2$-. "t features sniffing of live

connections, content filtering on the fly andmany other interesting tricks.

-etworkine

r

-etworkiner is a -etwork ;orensic

$nalysis Tool 8-;$T: for indows.-etworkiner can be used as a passive

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 8/26

network sniffer/packet capturing tool inorder to detect operating systems, sessions,

hostnames, open ports etc.

Raw3apRaw3ap is a free command line networksniffer for indows that uses raw sockets.

+pike pro!y

-ot all web applications are built in the

same ways, and hence, many must beanalyBed individually. +*"F *ro!y is a

professional(grade tool for looking forapplication(level vulnerabilities in web

applications.

Tcpdump

Tcpdump prints out the headers of packets

on a network interface that match theboolean e!pression.

Tcpreplay

Tcpreplay is a suite of +0 licensed tools

written by $aron Turner for 7-"@ 8andinA> under 3ygwin: operating systems

which gives you the ability to use previouslycaptured traffic in libpcap format to test a

variety of network devices

*irni +niffer

*irni is the worlds first native network

sniffer for i*hone. The i*hone#s wifi hassome major drawbacks in it#s hardware

design, thus we can not properly set thedevice in promiscious mode.

7fasoft +nif 

7fasoft +nif is a network sniffer, designedfor capturing and analysis of the packetsgoing through the network. 7sing the

packet driver, it re%uests all the packetsfrom the network card driver 8even the

packets not addressed to this computer:.

Top

numeration

dnsenumThe purpose of 0nsenum is to gather asmuch information as possible about adomain.

0ump+ec+omar+oft#s 0ump+ec is a security auditing

program for icrosoft indows -T/@*/>??!.

20$*

rowser

20$* rowser is a premier indows!plorer(like 20$* 0irectory client available

for inA> platforms.

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 9/26

-Tnum

-et"5+ numeration 7tility 8-Tnum: is autility for indows that can be used to

enumerate -et"5+ information from onehost or a range of hosts.

nbtscan

This tool that scans for open -T"5+

nameservers on a local or remote T3*/"*network, and this is a first step in finding of

open shares.

wmi client

This 035/" client implementation isbased on +ambaD sources. "t uses

R*3/035 mechanisms to interact with "

services on indows >???/@*/>??Amachines.

0nsmap

0nsmap is mainly meant to be used by

pentesters during the informationgathering/enumeration phase of

infrastructure security assessments.

0nsrecon

" wrote this tool back in late >??I and it hasbeen my favorite tool for enumeration thru

0-+, in great part because " wrote it and it

gives the output in a way that " canmanipulate it in my own style. 5ne of the

features that " used the most and gave mee!cellent results is the +R1 record

enumeration.

0nstracer0nstracer determines where a given 0omain-ame +erver 80-+: gets its information

from, and follows the chain of 0-+ servers

back to the servers which know the data.

Top

-etworkingTools

fragroutefragroute intercepts, modifies, and rewrites

egress traffic destined for a specified host.

hpinghping is a command(line oriented T3*/"*packet assembler/analyBer.

+capy

+capy is a powerful interactive packet

manipulation program. "t is able to forge ordecode packets of a wide number of

protocols, send them on the wire, capturethem, match re%uests and replies, and much

more.

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 10/26

+tunnel

The stunnel program is designed to work asan ++2 encryption wrapper between remote

client and local 8inetd(startable: or remoteserver.

tcptraceroute

tcptraceroute is a traceroute

implementation using T3* packets. Themore traditional traceroute8K: sends out

either 70* or "3* 3H5 packets with a TT2

of one, and increments the TT2 until thedestination has been reached.

tracetcp

tracetcp is a command line traceroute utility

for "-A> that uses T3* +Y- packets ratherthan "3*/70* packets that the usual

implementations use, thus bypassinggateways that block traditional traceroute

packets.

Yersinia

Yersinia is a network tool designed to takeadvantage of some weakeness in differentnetwork protocols. "t pretends to be a solid

framework for analyBing and testing thedeployed networks and systems.

-emesis

-emesis is a command(line network packet

crafting and injection utility for 7-"@(likeand indows systems. -emesis, is well

suited for testing -etwork "ntrusion0etection +ystems, firewalls, "* stacks and

a variety of other tasks. $s a command(linedriven utility, -emesis is perfect forautomation and scripting.

Top

ireless

$ircrack(ng

$ircrack is an K?>.99 * and *$(*+F

keys cracking program that can recover

keys once enough data packets have been

captured.

Fismet

Fismet is an K?>.99 layer> wirelessnetwork detector, sniffer, and intrusion

detection system. Fismet will work with

any wireless card which supports rawmonitoring 8rfmon: mode, and can sniff

K?>.99b, K?>.99a, and K?>.99g traffic.

-et+tumbler -et+tumbler delivers a tool that helps youdetect K?>.99 a/b/g 2$- standards.

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 11/26

hile wardriving is its main use, theapplication also facilitates the verifying of

network configurations.

$ir'rab i;i

Radar

$ir'rab i;i Radar is a tool to displayinformation about $pple $irport base

stations and other i;i 8K?>.99b/g/n:wireless access points.

$irobile agent

3lient application is downloaded in to your

*0$ or indows cellular *hone where itwill run in %uite mode in the background.

"f the application finds a rouge access

point it will investigate the $* and see if itposed a direct threat to your network.

$irRadar >

$irRadar allows you to scan for open

networks and tag them as favourites orfilter them out. 1iew detailed network

information, graph network signalstrength, and automatically join the bestopen network in range.

i+tumbler

i+tumbler is the leading wireless discovery

tool for ac 5+ @, providing plugins forfinding $ir*ort networks, luetooth

devices, onjour services and 2ocationinformation with your ac.

Fis$3

Fis$3 is an open(source and free

sniffer/scanner application for ac 5+ @."t has an advantage over ac+tumbler /

i+tumbler / -et+tumbler in that it uses

monitor mode and passive scanning.

irelesson

irelesson is a software tool that allows

users to monitor the status of wireless

i;i adapter8s: and gather informationabout nearby wireless access points and

hot spots in real time.

1istumbler

1istumbler is a wireless network scannerwritten in $uto"T for 1ista, indows L,

and indows K. i;i0 is a database

written in php to store 1istumbler 1+9files. Feeps track of total access points

w/gps, maps to kml, signal graphs,statistics, and more.

ave+tumbler ave+tumbler is console based K?>.99

network mapper for 2inu!. "t reports thebasic $* stuff like channel, *, ++"0,

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 12/26

$3 etc.

@irrus i(;i"nspector

@irrus i(;i "nspector is a powerful toolfor managing and troubleshooting the i(

;i on a indows @* +*> or later, 1ista, orL laptop. uilt in tests enable you to

characteriBe the integrity andperformance of your i(;i connection.

$iragnet 1o;i$nalyBer

$iragnet 1o;i $nalyBer is the industry<s

only solution for troubleshooting voice(over(2$- problems in the field. 1o;i

$nalyBer provides full analysis of

encrypted 2$- traffic, scoring all calls interms of call %uality and proactively

identifying all types of problems includingphone issues, roaming issues, Mo+ issues,

and R;.

$irpwn

$irpwn is a framework for K?>.998wireless: packet injection. $irpwn listensto incoming wireless packets, and if the

data matches a pattern specified in theconfig files, custom content is injected

EspoofedE from the wireless access point.

;rom the perspective of the wirelessclient, airpwn becomes the server.

ifi+canner

ifi+canner is a tool that has beendesigned to discover wireless node 8i.e

access point and wireless clients:. "t isdistributed under the '*2 2icense. "t workwith 3"+35N card and prism card with

hostap driver or wlan(ng driver, prismJDg,Hermes/5rinoco, $theros, 3entrino, ... $n

"0+ system is integrated to detect

anomaly like $3 usurpation.

Top

luetooth

Haraldscan

$ luetooth +canner for 2inu! and ac 5+ @.Harald +can is able to determine ajor and

inor device class of device, as well as

attempt to resolve the device#s $3 addressto the largest known luetooth $3 address

1endor list.

;T+DT ;rontline ;T+DT luetooth *rotocol $nalyBer.

0evelopers and test engineers rely on ;T+DT

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 13/26

to get them through the design, debug, test,verify, and %ualification cycle.

lue+canner

lue+canner is a bash script that implements

a scanner for luetooth devices. "t#s a tooldesigned to e!tract as much information as

possible from luetooth devices without there%ueriment to pair.

looover ""

looover "" is a tool for audit based on 6ava

86>:. "t e!ists in version looover "" foraudit 6> mobiles and as a breeeder edition.

asy utility for vulnerability testing.

T+canner

T+canner for @* is a luetooth environment

auditing tool for icrosoft indows @*,implemented using the bluecove libraries 8an

open source implementation of the 6+R(K>luetooth $*" for 6ava:.

lue+pam

lue+pam searches for all discoverable

bluetooth devices and sends a file to them8spams them: if they support 5@. y

default a small te!t will be send. To

customiBe the message that should be sendyou need a palm with an +0/3 card, then

you create the directory/*$2/programs/lue+pam/+end/ and put

the file 8any type of file will work .jpg isallways fun: you would like to send into this

directory.

T3rawler

$n application used to to discover luetooth

devices and the services they provide. Runson 6> enabled devices supporting "0* >.?

and 6+R?K> 86ava $*" for luetooth:

luediving

luediving is a luetooth penetration testingsuite. "t implements attacks like luebug,

lue+narf, lue+narf, lue+mack, hasfeatures such as luetooth address spoofing,

an $T and a R;35 socket shell andimplements tools like carwhisperer, bss,2>3$* packetgenerator, 2>3$* connection

resetter, R;35 scanner and greenpla%uescanning mode 8using more than one hci

device:.

luesnarfer luesnarfer steals informations from a

wireless device through a luetoothconnection. The connection can be between

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 14/26

mobile phones, *0$s or 2aptops. You canaccess to a calendar, contact list, emails and

te!t messages.

Top

eb+canners

$rachni

$rachni is a fully automated system which

tries to enforce the fire and forget principle.

$s soon as a scan is started it will notbother you for anything nor re%uire further

user interaction.

urp +uiteurp +uite is an integrated platform forperforming security testing of web

applications.

3$2O???

3$2O??? is a collection of web applicationsecurity testing tools that complement the

feature set of current web pro!ies andautomated scanners. 3$2O??? gives you the

fle!ibility and functionality you need for

more effective manual testing efforts.

3$T

3$T is designed to facilitate manual web

application penetration testing for more

comple!, demanding application testingtasks.

3ookie0igger

3ookie0igger helps identify weak cookie

generation and insecure implementations ofsession management by web applications.

The tool works by collecting and analyBing

cookies issued by a web application formultiple users.

0"R

0"R is a eb 3ontent +canner. "t looks for

e!isting 8and/or hidden: eb 5bjects. "tbasically works by launching a dictionary

based attack against a web server andanaliBing the response.

;iddler

;iddler is a eb 0ebugging *ro!y which

logs all HTT*8+: traffic between your

computer and the "nternet. ;iddler allowsyou to inspect all HTT*8+: traffic, set

breakpoints, and #fiddle# with incoming oroutgoing data.

'amja 'amja will find @++83ross site scripting: 4

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 15/26

+M2 "njection weak point also 7R2parameter validation error. ho knows that

which parameter is weak parameterP 'amjawill be helpful for finding

vulnerabilityQ @++ , 1alidation rror , +M2"njection.

'rendel(+can

$ tool for automated security scanning of

web applications. any features are also

present for manual penetration testing.

HTTrack

HTTrack is a free and easy(to(use offline

browser utility. "t allows you to download a

orld ide eb site from the "nternet to alocal directory, building recursively all

directories, getting HT2, images, and otherfiles from the server to your computer.

2i2ith

2i2ith is a tool written in *erl to audit web

applications. This tool analyses webpagesand looks for html Sform tags, which oftenrefer to dynamic pages that might be

subject to +M2 injection or other flaws.

-ikto>

-ikto is an 5pen +ource 8'*2: web serverscanner which performs comprehensive

tests against web servers for multiple items,including over IJ?? potentially dangerous

files/3'"s.

*aros$ program called #*aros# for people whoneed to evaluate the security of their web

applications. "t is free of charge and

completely written in 6ava.

*owerfuBBer

*owerfuBBer is a highly automated and fully

customiBable web fuBBer 8HTT* protocol

based application fuBBer: based on manyother 5pen +ource fuBBers available and

information gathered from numeroussecurity resources and websites.

*ro!y+can.pl

pro!y+can.pl is a security penetration

testing tool to scan for hosts and ports

through a eb pro!y server. ;eaturesinclude various HTT* methods such as 'T,

35--3T, H$0 as well as host and portranges.

Ratpro!y $ semi(automated, largely passive web

application security audit tool, optimiBed foran accurate and sensitive detection, and

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 16/26

automatic annotation, of potential problemsand security(relevant design patterns based

on the observation of e!isting, user(initiatedtraffic in comple! web >.? environments.

+can!

This is a simple utility which runs against

target site and look for e!ternal referencesand cross domain malicious injections.

There are several vulnerable sites which get

manipulated with these types of injectionsand compromised.

+crawlr

+crawlr, developed by the H* eb +ecurity

Research 'roup in coordination with the+R3, is short for +M2 "njector and 3rawler.

+crawlr will crawl a website whilesimultaneously analyBing the parameters of

each individual web page for +M2 "njection

vulnerabilities.

+pringenwerk

+pringenwerk is a free 3ross +ite +cripting8@++: security scanner written in *ython.

+%lmap

s%lmap is an open source penetration

testing tool that automates the process ofdetecting and e!ploiting +M2 injection flaws

and taking over of database servers.

+%lsuss%lsus is an open source y+M2 injectionand takeover tool, written in perl.

TH3++23heckindows tool that checks the remote sslstack for supported ciphers and version.

wAaf 

wAaf is a eb $pplication $ttack and $udit;ramework. The project<s goal is to create a

framework to help you secure your webapplications by finding and e!ploiting all

web application vulnerabilities.

apiti

apiti allows you to audit the security ofyour web applications. "t performs Eblack(

bo!E scans, i.e. it does not study the sourcecode of the application but will scans thewebpages of the deployed webapp, looking

for scripts and forms where it can injectdata.

ebfuBBer

ebfuBBer is a tool that can be useful for

both pen testers and web masters, it#s a

poor man web vulnerability scanner.

eb'oat eb'oat is a deliberately insecure 6> web

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 17/26

application maintained by 5$+* designedto teach web application security lessons.

ebsecurify

The ebsecurify +uite is a web application

security solution designed to run entirelyfrom your web browser.

eb+layer

eb+layer is a tool designed for

bruteforcing eb $pplications, it can beused for finding not linked resources

8directories, servlets, scripts, etc:,bruteforce 'T and *5+T parameters,

bruteforce ;orms parameters

87ser/*assword:, ;uBBing, etc. The toolshas a payload generator and a easy and

powerful results analyBer.

hateb

hateb identifies websites. "ts goal is toanswer the %uestion, Uhat is that

ebsitePV. hateb recognises webtechnologies including content managementsystems 83+:, blogging platforms,

statistic/analytics packages, 6ava+criptlibraries, web servers, and embedded

devices.

ikto

ikto is -ikto for indows ( but with acouple of fancy e!tra features including

;uBBy logic error code checking, a back(endminer, 'oogle assisted directory mining and

real time HTT* re%uest/responsemonitoring.

+0igger

+0igger is a free open source tooldesigned by c$fee ;oundstone to

automate black(bo! web services securitytesting 8also known as penetration testing:.

+0igger is more than a tool, it is a web

services testing framework.

@++ploit

@++ploit is a multi(platform 3ross(+ite

+cripting scanner and e!ploiter written in*ython. "t has been developed to helpdiscovery and e!ploitation of @++

vulnerabilities in penetration testingmissions.

;ireforce ;ireforce is a ;irefo! e!tension designed to

perform brute(force attacks on 'T and

*5+T forms. ;ireforce can use dictionariesor generate passwords based on several

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 18/26

character types.

-etsparker

-etsparker is a web application securityscanner, with support for both detection and

e!ploitation of vulnerabilities. "t aims to befalse positiveWfree by only reporting

confirmed vulnerabilities after successfullye!ploiting or otherwise testing them.

Havij

Havij is an automated +M2 "njection tool

that helps penetration testers to find ande!ploit +M2 "njection vulnerabilities on a

web page.

Top

0atabase

1ulnerabilities

erkeley 0

5racle erkeley 0 is a family of opensource, embeddable databases that

allows developers to incorporate withintheir applications a fast, scalable,

transactional database engine with

industrial grade reliability andavailability.

0atabase browser

0atabase browser is an universal table

editor. This easy to use tool allows userto connect to any database and browse

or modify data,run s%l scripts, e!portand print data.

0b>utils

db>utils is a small collection of db>

utilities. "t currently features three

different tools db>disco, db>fakesrvand db>getprofile.

5racle $uditingTools

The 5racle $uditing Tools is a toolkit

that could be used to audit securitywithin 5racle database servers.

5scanner

5scanner is an 5racle assessmentframework developed in 6ava. "t has aplugin(based architecture and comes

with a couple of plugins.

+M2 $uditingTools

+M2$T is a suite of tools which could beusefull for pentesting a + +M2 +erver.

The tools are still in development buttend to be %uite stable. The tools do

dictionary attacks, upload files, read

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 19/26

registry and dump the +$.

TH3(5R$32

TH3 presents a crypto paper analyBingthe database authentication

mechansim used by oracle. TH3 furtherreleases practical tools to sniff and

crack the password of an oracledatabase within seconds.

thc(

orakelcrackert99g

5rakel3rackert is an 5racle 99g

database password hash cracker usinga weakness in the 5racle password

storage strategy. ith 5racle 99g, case

sensitive +H$9 based hashing isintroduced.

0*w$udit

0*w$udit is a 6ava tool that allows

you to perform online audits ofpassword %uality for several database

engines. The application design allowsfor easy adding of additional databasedrivers by simply copying new 603

drivers to the jdbc directory.

Y+M2$udit*ython +cript for basic auditing ofcommon security misconfigurations in

y+M2.

s%lininja

s%lininja e!ploits web applications thatuse icrosoft +M2 +erver as a database

backend. "ts focus is on getting arunning shell on the remote host.

s%lninja doesn#t find an +M2 injection in

the first place, but automates thee!ploitation process once one has been

discovered.

'reen+%l

'reen+M2 is an 5pen +ource databasefirewall used to protect databases from

+M2 injection attacks. 'reen+M2 worksas a pro!y and has built in support for

y+M2 and *ostgre+M2.Top

1uln +canners

etasploit;ramework

The etasploit ;ramework is an advanced

open(source platform for developing,testing, and using e!ploit code.

5pen1$+ 5pen1$+ is a framework of several

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 20/26

services and tools offering acomprehensive and powerful vulnerability

scanning and vulnerability managementsolution.

-essus

-essus detects, scans, and profiles

numerous devices and resources toincrease security and compliance across

your network.

*orkbind

*orkbind is a multi(threaded nameserverscanner that can recursively %uery

nameservers of subdomains for version

strings. 8i.e. sub.host.dom#s nameserversthen host.dom#s nameservers:

3anvas

"mmunity#s 3$-1$+ makes available

hundreds of e!ploits, an automatede!ploitation system, and a comprehensive,

reliable e!ploit development framework topenetration testers and securityprofessionals worldwide.

+ocial(

ngineerToolkit 8+T:

The +ocial(ngineer Toolkit 8+T: is

specifically designed to perform advancedattacks against the human element. +T

was designed to be released with thehttp&//www.social(engineer.org launch

and has %uickly became a standard tool in apenetration testers arsenal.

$cuneti!

$cuneti! web vulnerability scanner is a tool

designed to discover security holes in your

web applications that an at(tacker wouldlikely abuse to gain illicit access to your

systems and data. "t looks for multiplevulnerabilities including+M2 injection, cross

site scripting, and weak passwords.

R"*+R"*+ is a tool written in *H* to findvulnerabilities in *H* applications using

static code analysis.

RapidL-e@pose

RapidL -e@pose is a vulnerability scanner

which aims to support the entirevulnerability management lifecycle,

including discovery, detection, verification,risk classification, impact analysis,

reporting and mitigation. "t integrates with

RapidL#s etasploit for vulnerabilitye!ploitation

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 21/26

1uln0etector

1uln0etector is a project aimed to scan awebsite and detect various web based

security vulnerabilities in the website.3urrently, 1uln0etector can detect 3ross

+ite +cripting 8@++: and +M2 "njection8+M2": vulnerabilities on a web based

script, but has no easy to use interface.

0amn +mall+M2i +canner

0+++ supports blind/error +M2i tests,

depth 9 crawling and advanced comparisonof different attributes to distinguish blind

responses 8titles, HTT* status codes,filtered te!t only lengths and fuBBy

comparison of contents itself:. "f you are

satisfied with your commercial toolscanning results then " believe that you

could even be more satisfied with this one.

3$T.-T

3$T.-T is a binary code analysis tool thathelps identify common variants of certain

prevailing vulnerabilities that can give riseto common attack vectors such as 3ross(

+ite +cripting 8@++:, +M2 "njection and

@*ath "njection.

*each ;uBBer

*each is a +mart;uBBer that is capable ofperforming both generation and mutation

based fuBBing. *each re%uires the creationof *each*it files that define the structure,

type information, and relationships in thedata to be fuBBed.

';" 2an'uard

';" 2an'uard is a network security and

vulnerability scanner designed to help withpatch management, network and software

audits, and vulnerability assessments. The

price is based on the number of "*addresses you wish to scan. $ free trial

version 8up to J "* addresses: is available.

+$

icrosoft aseline +ecurity $nalyBer

8+$: is an easy(to(use tool designed forthe "T professional that helps small and

medium(siBed businesses determine theirsecurity state in accordance with icrosoft

security recommendations and offersspecific remediation guidance.

Top

1uln $pps

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 22/26

0amn

1ulnerable eb$pplication

801$:

0amn 1ulnerable eb $pp 801$: is a*H*/y+M2 web application that is damn

vulnerable. "ts main goals are to be anaid for security professionals to test their

skills and tools in a legal environment,help web developers better understand

the processes of securing web

applications and aid teachers/studentsto teach/learn web application security

in a class room environment.

0amn1ulnerable 2inu!

0amn 1ulnerable 2inu! 8012: iseverything a good 2inu! distribution

isn<t. "ts developers have spent hours

stuffing it with broken, ill(configured,outdated, and e!ploitable software that

makes it vulnerable to attacks. 012 isn<tbuilt to run on your desktop W it<s a

learning tool for security students

etasploitable

etasploitable is an intentionallyvulnerable 2inu! virtual machine. This

1 can be used to conduct security

training, test security tools, and practicecommon penetration testing techni%ues.

Fioptri!

This Fioptri! 1 "mage are easy

challenges. The object of the game is toac%uire root access via any means

possible 8e!cept actually hacking the 1server or player:. The purpose of these

games are to learn the basic tools and

techni%ues in vulnerability assessmentand e!ploitation.

Honey0rive

Honey0rive is a virtual appliance 851$:

with @ubuntu 0esktop 9>.?D A>(bitedition installed. "t contains various

honeypot software packages such asFippo ++H honeypot, 0ionaea malware

honeypot, Honeyd low(interactionhoneypot, 'lastopf web honeypot alongwith ordpot, Thug honeyclient and

more.

adstore

adstore.net is dedicated to helping youunderstand how hackers prey on eb

application vulnerabilities, and to

showing you how to reduce youre!posure.

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 23/26

5$+* "nsecure

eb $pp *roject

"nsecureeb$pp is a web applicationthat includes common web application

vulnerabilities. "t is a target forautomated and manual penetration

testing, source code analysis,vulnerability assessments and threat

modeling.

1uln$pp

1uln$pp, is a +0 licensed $+*.net

application implementing some of themost common applications we come

across on our penetration testingengagements.

5$+* 1icnum

1icnum is an 5$+* project consisting

of vulnerable web applications based ongames commonly used to kill time. These

applications demonstrate common web

security problems such as cross sitescripting, s%l injections, and session

management issues.

5$+* rokeneb

$pplications

*roject

The roken eb $pplications 8$:*roject produces a 1irtual achine

running a variety of applications with

known vulnerabilities

2$*+ecurity

2$*+ecurity training is designed to be a

series of vulnerable virtual machineimages along with complementary

documentation designed to teachlinu!,apache,php,mys%l security.

1irtual Hacking2ab

$ mirror of deliberately insecureapplications and old softwares with

known vulnerabilities. 7sed for proof(of(concept /security training/learning

purposes. $vailable in either virtual

images or live iso or standalone formats.

$1+*

The eb $pplication 1ulnerability

+canner valuation *roject, is avulnerable web application designed tohelp assessing the features, %uality and

accuracy of web application vulnerabilityscanners. This evaluation platform

contains a collection of uni%ue vulnerable

web pages that can be used to test thevarious properties of web application

scanners.

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 24/26

oth

oth is a 1ware image with a set ofvulnerable eb $pplications and scripts,

that you may use for, testing eb$pplication +ecurity +canners, testing

+tatic 3ode $nalysis tools 8+3$:, givingan introductory course to eb

$pplication +ecurity

+ecuriench

+tanford +ecuriench is a set of open

source real(life programs to be used as atesting ground for static and dynamic

security tools. Release .O9a focuses oneb(based applications written in 6ava.

-Tin1

-Tin1 is a single 1ware or

1irtualo! virtual machine image thatcontains, ready to run, a series of 7ser(

mode 2inu! 872: virtual machines

which, when started, conform a wholecomputer network inside the 1ware or

1irtualo! virtual machine.

Top

2ive 30

ackTrack

ackTrack is a 2inu!(based penetrationtesting arsenal that aids security

professionals in the ability to perform

assessments in a purely native environment

dedicated to hacking.

Fali 2inu!

Fali 2inu! 8formerly known as ackTrack: is

a 0ebian(based distribution with a collectionof security and forensics tools. "t features

timely security updates, support for the $Rarchitecture, a choice of four popular

desktop environments, and seamless

upgrades to newer versions.

acko!

acko! is a 2inu! distribution based on

7buntu. "t has been developed to performpenetration tests and security assessments.0esigned to be fast, easy to use and provide

a minimal yet complete desktop

environment, thanks to its own softwarerepositories, always being updated to the

latest stable version of the most used andbest known ethical hacking tools.

+amurai The +amurai eb Testing ;ramework is a

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 25/26

live linu! environment that has been pre(configured to function as a web pen(testing

environment. The 30 contains the best ofthe open source and free tools that focus on

testing and attacking websites.

Fatana

Fatana is a portable multi(boot securitysuite which brings together many of today#s

best security distributions and portable

applications to run off a single ;lash 0rive."t includes distributions which focus on *en(

Testing, $uditing, ;orensics, +ystemRecovery, -etwork $nalysis, and alware

Removal. Fatana also comes with over 9??

portable indows applicationsC such asireshark, etasploit, -$*, 3ain 4 $bel,

and many more.

blackbuntu

*enetration Testing 0istribution based on7buntu 9?.9? which was specially designed

for security training students andpractitioners of information security.

ugtra%

ugtra% is a distribution based on the >.I.AK

kernel has a wide range of penetration and

forensic tools. ugtra% can install from a2ive 010 or 7+ drive, the distribution is

customiBed to the last package, configuredand updated the kernel and the kernel has

been patched for better performance and torecogniBe a variety of hardware, including

wireless injection patches pentesting other

distributions do not recogniBe.

-etwork+ecurity

Toolkit 8-+T:

This bootable "+5 live 30/010 8-+T 2ive: is

based on ;edora. The toolkit was designed

to provide easy access to best(of(breed5pen +ource -etwork +ecurity $pplications

and should run on most !KI/!KIXIDplatforms.

*entoo

*entoo is a penetration testing 2ive30distribution based on 'entoo. "t features a

lot of tools for auditing and testing anetwork, from scanning and discovering to

e!ploiting vulnerabilities

lack$rch lack$rch is an $rch(based securitydistribution. There are over I?? tools in

lack$rch#s package repository. Thelack$rch live "+5 comes with multiple

8/9/2019 Hacking Tools Repository.docx

http://slidepdf.com/reader/full/hacking-tools-repositorydocx 26/26

window managers, including dwm,$wesome, ;lu!bo!, 5penbo!, wmii, iA, and

+pectrwm. The lack$rch packagerepository is compatible with e!isting $rch

installs.

Tophttp://gexos.github.io/Hacking-Tools-Repository/

Pastebin Alternatives

http://gist.github.com/

http://dpaste.org/

http://fpaste.org/

http://codepad.org/

http://pastie.org/

http://jsddle.net/

http://rafb.me/

http://ideone.com/

http://tinypaste.com/

http://i2p2.de

h // /