November 30, 2015

Master List

Here is a non-exhaustive list of tools for every occasion:

Information Gathering

Information Gathering via DNS

Information Gathering via Website Recon

Information Gathering of Hosts

  • Angry IP Scanner
  • BatCom (aka Battalion Commander) – 2010 Gingsoft – Windows CLI
  • HPing – 2006
  • HTTPrint
  • Network Scan Tools
  • Nmap – 1997 Fyodor – Linux
  • P0f – passive fingerprinting
  • Ping – obviously
  • SuperScan – 2003 FoundStone
  • WinFingerPrint
  • WS_Ping_ProPack
  • Xprobe2

Information Gathering on Linux Hosts

  • enum4linux
  • finger
  • rpcclient
  • rpfinfo
  • showmount

Information Gathering on Windows Hosts

  • GetUserInfo
  • Ldp
  • NBTstat
  • Net Use – command
  • Net View – command
  • SuperScan
  • User2sid

Information Gathering via Network

  • ARIN.net – If all you have is an IP address, this tells you know owns it and size of the subnet.
  • TCPTraceroute – Use if ICMP and UDP are blocked
  • Traceroute – Linux CLI
  • Tracert – Windows CLI
  • Trout – Parallel pings for speed during traceroute
  • VisualRoute – old and costs about $59

Information Gathering via Ports

  • HPing – Windows CLI and Linux CLI – 2006, on github now with latest update June 2012
  • Nmap – Linux CLI
  • Scanrand – Linux – Parallel port scanner
  • SuperScan – Windows
  • THC-Amap – Linux scanner and banner grabber
  • ZenMap (GUI for Nmap)

Information Gathering via NTP

  • LAN Time Analyzer
  • ntpdc – command
  • ntpdate – command
  • ntptrace – command
  • ntpq – command
  • NTP Server Scanner
  • PresenTense Time Server

Information Gathering via SMTP

  • NetCat

Information Gathering via SNMP

  • IP Network Browser
  • LoriotPro
  • Snmpwalk
  • SNScan

Physical Access

  • LAN Turtle
  • USB Rubber Ducky
  • Bash Bunny

Vulnerability Assessment

Web Application Analysis

Database Assessment

  • RED TEAM : bbqsql
  • RED TEAM : hexorbase
  • RED TEAM : jsql
  • RED TEAM : mdb-sql
  • RED TEAM : oscanner
  • RED TEAM : sidguesser
  • RED TEAM : sqldict
  • RED TEAM : sqlmap
  • RED TEAM : sqlninja
  • RED TEAM : sqlsus
  • RED TEAM : tnscmd10g

Password Attacks

  • RED TEAM : Password sniffing – Pass-The-Hash.
  • RED TEAM : Password sniffing – ScoopLM.
  • RED TEAM : Password sniffing – KerbCrack.
  • RED TEAM : Cain and Abel
  • RED TEAMCisco Password Decoder
  • RED TEAM : iBeast: iBeast

Wireless Attacks

War Dialing

  • RED TEAM : ToneLoc
  • RED TEAM : TeleSweep Secure
  • RED TEAM : THC-Scan

Buffer Overflows

  • RED TEAM : Buffer Overflow utility (BOU)
  • BLUE TEAM : Return Address Defender (RAD)
  • BLUE TEAM : StackGuard
  • BLUE TEAM : BufferSheild
  • BLUE TEAM : TIED
  • BLUE TEAM : Immunix

Reverse Engineering

  • RED TEAM : apktool
  • RED TEAM : BinText
  • RED TEAM : clang / clang++
  • RED TEAM : dex2jar
  • RED TEAM : edb-debugger
  • RED TEAM : flasm
  • RED TEAM : IDA Pro
  • RED TEAM : jad
  • RED TEAM : javasnoop
  • RED TEAM : JoeSandbox
  • RED TEAM : Olly Dbg
  • RED TEAM : PEiD
  • RED TEAM : ThreatExpert
  • RED TEAM : UPX

Exploitation Tools

Post Exploitation

  • RED TEAM : backdoor-factory
  • RED TEAM : bdfproxy
  • RED TEAM : intersect
  • RED TEAM : nishang
  • RED TEAM : powersploit
  • RED TEAM : proxychains
  • RED TEAM : weevely

Forensics

  • RED TEAM : autopsy
  • RED TEAM : binwalk
  • RED TEAM : bulk_extractor
  • RED TEAM : chkrootkit
  • RED TEAM : dff / dff GUI
  • RED TEAM : foremost
  • RED TEAM : galleta
  • RED TEAM : md5deep
  • RED TEAM : volafox
  • RED TEAM : volatility
  • BLUE TEAM : Where is this IP address from use ip-tracker.org

Reporting Tools

  • RED TEAM : casefile
  • RED TEAM : cutycapt
  • RED TEAM : dradis
  • RED TEAM : keepnote
  • RED TEAM : magictree
  • RED TEAM : pipal
  • RED TEAM : recordmydesktop

Covert Channels

  • RED TEAM : Loki
  • RED TEAM : IcmpSend