Blogger Widgets

Wednesday, 14 August 2013

Top 5 tools you should know about. #Hacking #Infosec





1. Nessus : Premier UNIX vulnerability assessment tool. Nessus was a popular free and open source vulnerability scanner until they closed the source code in 2005 and removed the free "registered feed" version in 2008. A limited Home Feed is still available, though it is only licensed for home network use.

2. Wireshark: Sniffing the glue that holds the Internet together Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need.

3. Snort : Everyone's favorite open source IDS. This light weight network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre- processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior.
Snort uses a flexible rule- based language to describe traffic that it should collect or pass, and a modular detection engine.




4. Netcat : The network Swiss army knife This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature- rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections.
The original Netcat was released by Hobbit in 1995, but it hasn't been maintained despite its immense popularity.

5. Metasploit Framework : Metasploit took the security world by storm when it was released in 2004. No other new tool even broke into the top 15 list, yet Metasploit comes in at number 5, ahead of many well-loved tools that have been developed for more than a decade.It ships with hundreds of exploits, as you can see in their online exploit building demo. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shell-code of dubious quality.

6. Kismet : A powerful wireless sniffer Kismet is an console (ncurses) based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing (as opposed to more active tools such as NetStumbler, and can even decloak hidden (non-beaconing) networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/ TCP-Dump compatible format, and even plot detected networks and estimated ranges on downloaded maps.



No comments:

Post a Comment