1. Nessus : Premier UNIX vulnerability
assessment tool. Nessus was a popular free and open source vulnerability
scanner until they closed the source code in 2005 and removed the free
"registered feed" version in 2008. A limited ―Home Feed‖ is still available, though it is only licensed for
home network use.
2. Wireshark: Sniffing the
glue that holds the Internet together Wireshark (known as Ethereal until a
trademark dispute in Summer 2006) is a fantastic open source network protocol
analyzer for Unix and Windows. It allows you to examine data from a live
network or from a capture file on disk. You can interactively browse the
capture data, delving down into just the level of packet detail you need.
3. Snort : Everyone's favorite
open source IDS. This light weight network intrusion detection and prevention
system excels at traffic analysis and packet logging on IP networks. Through
protocol analysis, content searching, and various pre- processors, Snort
detects thousands of worms, vulnerability exploit attempts, port scans, and
other suspicious behavior.
Snort uses a flexible rule-
based language to describe traffic that it should collect or pass, and a
modular detection engine.
4. Netcat : The network Swiss
army knife This simple utility reads and writes data across TCP or UDP network
connections. It is designed to be a reliable back-end tool that can be used
directly or easily driven by other programs and scripts. At the same time, it
is a feature- rich network debugging and exploration tool, since it can create
almost any kind of connection you would need, including port binding to accept
incoming connections.
The original Netcat was released
by Hobbit in 1995, but it hasn't been maintained despite its immense
popularity.
5. Metasploit Framework :
Metasploit took the security world by storm when it was released in 2004. No
other new tool even broke into the top 15 list, yet Metasploit comes in at
number 5, ahead of many well-loved tools that have been developed for more than
a decade.It ships with hundreds of exploits, as you can see in their online
exploit building demo. This makes writing your own exploits easier, and it
certainly beats scouring the darkest corners of the Internet for illicit
shell-code of dubious quality.
6. Kismet : A powerful
wireless sniffer Kismet is an console (ncurses) based 802.11 layer2 wireless
network detector, sniffer, and intrusion detection system. It identifies
networks by passively sniffing (as opposed to more active tools such as
NetStumbler, and can even decloak hidden (non-beaconing) networks if they are
in use. It can automatically detect network IP blocks by sniffing TCP, UDP,
ARP, and DHCP packets, log traffic in Wireshark/ TCP-Dump compatible format,
and even plot detected networks and estimated ranges on downloaded maps.
No comments:
Post a Comment