1. Nmap
I think everyone has heard of this one, recently evolved into the 4.x series.
Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works with a client-server framework.
Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
3. John the Ripper
Yes, JTR 1.7 was recently released!
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
4. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
5. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.
If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.
6. p0f
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
– machines that connect to your box (SYN mode),
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
7. Wireshark (Formely Ethereal)
Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.
Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
8. Yersinia
Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
The best Layer 2 kit there is.
9. Eraser
Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.
An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.
10. PuTTY
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.
11. LCP
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.
A good free alternative to L0phtcrack.
LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article.
12. Cain and Abel
My personal favourite for password cracking of any kind.
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
13. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
14. NetStumbler
Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
- Verify that your network is set up the way you intended.
- Find locations with poor coverage in your WLAN.
- Detect other networks that may be causing interference on your network.
- Detect unauthorized “rogue” access points in your workplace.
- Help aim directional antennas for long-haul WLAN links.
- Use it recreationally for WarDriving.
15. hping
To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills.
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.
Yah I’ve stayed away from commercial products in this article, perhaps I’ll cover those another day.
You can also check out the Top 10 Security Live CDs for Pen-Testing, Forensics and Recovery Here.
Subscribe to Darknet RSS Feed Stored in: Hacking Tools, Security Software
Related Posts:
- Happy 1 Year Anniversary to the Relaunch of Darknet
- Hack Tools/Exploits
- Pass-The-Hash Toolkit v1.1 Available for Download
- PowerShell – More than the command prompt
- eEye Binary Diffing Suite (EBDS)
- FireCAT 1.5 Released – Firefox Catalog of Auditing Extensions
| 1,065,836 views |
[...] read more | digg story [...]
Serious stuff mate…
Add Metasploit to the list.
website: http://metasploit.org
Nice set of tools.
I’d add the paros proxy since it’s is an absolutely critical, irreplaceable, must-have tool when doing web pen testing. It’s multiplatform (java) and distributed under the GPL.
Cheers,
toufeeq: Problem with metasploit is that is does everything all in one shot, not so great for learning, I recommend it once you already know how to do what it does manually, not before then!
Pedro: Yah it’s an excellent tool, the latest version was recently released, I do personally prefer Burp Suite, I will be featuring both in a future article about Applications for Web Testing.
[...] A good summary with a description and links of some of the top tools in the Hacking/Security arena. For old hands it will be a familiar list but most people will find a thing or two they didn’t know about.read more | digg story [...]
[...] Darknet.org offers a summary of their top 15 webhacking tools. If you’re not familiar with these, thi might give you cause for concern…. [...]
[...] Finally a great darknet.org.uk article that lists 15 Security and Hacking Tools & Utilities. Users who are working in the security field will recognize many if not all of them and beginners will have a great list of tools with explanation that they can work with. You find for instance the telnet and ssh tool putty in the list next to the tool Eraser which overwrites files on your windows system more than once to make sure it can´t be restored that easily. [...]
Great list of tools, I enjoyed reading your recommendations and suppose my visitors will also like them. Keep up the good work.
[...] An interesting list of the Top 15 Security/Hacking Tools & Utilities. I’ll bet there’s at least one or two tools you have not heard of before. Not all of the tools are for Linux, some are for windows, such as “eraser”, an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. [...]
[...] For those that have an interest, here is a blog entry to help bring all the hacking tools together into one space. – Sorry, they are mostly PC only. [...]
Nice i personally like them all but you can’t forget about the oldie but goodie BO2K
[...] [Via del.icio.us/popular] [...]
Martin: Thanks, I hope they do
Lord Arcane: Yah it’s not bad, there are much better RAT software out there now like Optix and Beast though.
[...] Top 15 Security/Hacking Tools & Utilities » [...]
[...] To better understand—and, consequently, to better ensure—network security, it always pays to understand the tools of the attackers. Darknet lists 15 essential hacking tools: [...]
I have personally used nmap before. However, I would prefer to use the following command:
nmap -v -sS -A xxx.xxx.xxx.xxxto provide a verbose of the result as well as stealth scanning together with the result of the operating system underlying the network.
Ethereal is only a tool to detect the presence of local LAN machine, and packet between your PC and that PC. Nothing much really.
I like Putty, as it is a portable application. You can run it wherever you go, as long as you store it on your USB thumb drive or even a floppy drive (aging device).
From all these, Linux will provide the most hacking tools if you want to know, compared to Windows.
This is just a simple first step to learn to hack, not really hack to learn. Actualy, it’s not even hacking!!
[...] Take a look at the article, written by Darknet, here: Top 15 Security/Hacking Tools & Utilities [...]
[...] read more | digg story [...]
15 Important Network & Security Tools…
From darknet.org in the UK, this is a well done list of 15 of the top security/hacking/network Tools and Utilities.Even if you are only 30% geek, some of these can be useful..Top 15 Security/Hacking……
You forgot netcat, netwag and metasploit
[...] Top 15 Security/Hacking Tools & Utilities » From Digg [...]
[...] Top 15 Security/Hacking Tools & Utilities [...]
[...] Link: Top 15 Security/Hacking Tools & Utilities [...]
You included some excellent tools, but you forgot the 2nd most important one. dsniff or hunt for doing man in the middle attacks. I would rate both of those tools right below nmap and way above hping. If you update this, you might check out those tools.
Great post btw.
[...] read more | digg story [...]
[...] Keeping with that tradition, I’ve stumbled on a nice digg post – Top 15 Security/Hacking Tools & Utilities. It’s a good summary for the most popular security tools. In addition, one of the digg comments directed me to an equally cool article: Top 75 Security Tools, which extends this list even further. [...]
[...] Top 15 Security/Hacking Tools & Utilities » [...]
[...] Top 15 Security/Hacking Tools & Utilities [...]
[...] GW Bush’s iPod contains “illegal” (according to RIAA) music Riya – Web 2.0 face recognition Top 15 Security/Hacking tools Surfing MySpace.com helps cops crack the case BitTorrent battles over bandwidth Google Calendar US Lags Behind in High-Speed Internet Access A high-tech way to defrost Vince McMahon vs. God Easter Turducken Cadbury creme egg cake [...]
[...] Top 15 Security/Hacking Tools & Utilities Related Entries: Top 75 Security Tools security tools distribution [...]
[...] Top 15 Security/Hacking Tools & Utilities » fette liste an tools die man vielleicht mal braucht (tags: software tools wissen brauchbar merkwuerdig) Filed in throwing decoy No Comments » [...]
does any body cracked password and login of this site
[...] Top 15 Security/Hacking Tools & Utilities » (tags: security tools reference) [...]
[...] Recientemente he visto en Digg un enlace muy interesante que habla de las 15 herramientas más importantes que un administrador de sistemas tendrÃa que conocer al dedillo para controlar los posibles ataques que cada dÃa suceden en la red. Aquà está la traducción de dicho artÃculo al castellano. Espero que os sea útil. [...]
[...] Top 15 Security/Hacking Tools & Utilities » (tags: security) [...]
[...] Darknet – Security Hacking Utilities [...]
[...] Top 15 Security/Hacking Tools & Utilities » (tags: tools security) [...]
hi… im just a newbie… and i wanna know which software to use… to crack yahoo e-mail passwords…. tnx…. i need my friendster pass too….. pls. anyone? tnx would the cain and abel work for that one?
Just a couple of things.
“Nmap uses raw IP packets in novel ways to determine what hosts are available on the network”. Thats not necessarely true. Many times nmap uses ethernet frames to tell if a host is up or down. This is much more effective than sending IP paquets and it also prevents Intrusion Detection Systems from being suspicious about your intentions.
When u talk about Yersinia: “[...]weakeness in different Layer 2 protocols[...].” and you include DHCP in it. DHCP is encapsulated in UDP packets(layer 4) which are also encapsulated in IP datagrams (layer 3). So UDP is not a layer 2 protocol at all. I’d say its an application layer protocol.
Please, let me know if im wrong. I’d just wanted to correct 2 little mistakes. Anyway, good post. It’s nice that someone writes about this kind of stuff.
[...] Top 15 Security/Hacking Tools & Utilities » It makes sense for anyone who is responsible for a web based service to know what people with bad intentions are doing to abuse that service. If you run Apache, as I do, you know that it is a great tool for publishing, but it is also known the world over, (tags: tools_utilities) [...]
Top 15 Security and Hacking Tools …
…
[...] There is yet another list o security/hacking tools that are must haves over at Darknet. Another list that I have referred people to in the past is Fyodor’s Top 75 list. Here’s the short form of the 15: [...]
[...] There is yet another list of security/hacking tools that are must haves over at Darknet. Another list that I have referred people to in the past is Fyodor’s Top 75 list. Here’s the short form of the 15: [...]
THE Top 15 Security/Hacking Tools & Utilities…
A good summary with a description and links of some of the top tools in the Hacking/Security arena. For old ……
[...] Top 15 Security/Hacking Tools & Utilities (tags: security hacking) [...]
[...] Top 15 Security Hacking Utilities [...]
Luther Blissett: Thanks for your input! Those phrases you quote were abstracted from the actual authors of the tools, so I’m sure they know what their tools do! As for using Ethernet frames it quites rare for nmap, if you use the –packet_trace option in nmap you can see the communications send and received during a typical scan. AFAIK nmap has only supported ethernet frames since version 4 mainly to get around the limitations imposed on Windows XP in SP2, so nmap can now send at a lower level in the stack, thus bypassing these restrictions (–send-eth switch), raw socket generation is still the best option for *nix based systems. As for Yersinia, that’s debatable, but it’s considered DHCP is application layer, but DHCP delivery must be via layer 2.
Apartment = New Storage Facility…
Top 15 Security and Hacking tools. Must have on that neat Flash drive.
[...] Second is a list of security/hacking tools. This list is for a much more highly specialized set of folks than the first list, but I happen to know lots of my readers fit into that set. There is some overlap with the previous list, with ethereal, PuTTY, and Eraser(everyone could use this) being on both lists. [...]
Limk della settimana…
Design and Implementation of an Anomaly Detection System: an Empirical ApproachJeff Dixon, "Wireless Intrusion Detection Systems"Open Source Intrusion Detection and Prevention: Tools for Today’s Corporate Market?Security Myths and PasswordsT…
[...] Top 15 Security/Hacking Tools & Utilities – Una lista delle migliori/maggiori utility di sicurezza. [...]
[...] A few short techy links: know more about MS Word, here’s a great list of hacking-tools (be nice, now) and thanks to this site you’re using man freely again – or just use their Firefox search-engine. [...]
[...] read more | digg story [...]
[...] THE Top 15 Security/Hacking Tools & Utilities [...]
where can i get zipped hacking softwares & tools
[...] Top 15 Security/Hacking Tools & Utilities. Еще один рейтинг лучших программ Ð´Ð»Ñ Ð²Ð·Ð»Ð¾Ð¼Ð° и Ð¿Ð¾Ð²Ñ‹ÑˆÐµÐ½Ð¸Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑти компьютерных ÑиÑтем. Предлагаю, не глÑÐ´Ñ Ð² цитатник и не Ñ…Ð¾Ð´Ñ Ð¿Ð¾ ÑÑылке, угадать — кто на первом меÑте. Nmap (â€Network Mapperâ€) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source. [...]
[...] THE Top 15 Security/Hacking Tools & Utilities A good summary with a description and links of some of the top tools in the Hacking/Security arena. For old hands it will be a familiar list but most people will find a thing or two they didn’t know about. http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/ [...]
Hai,
This article is mind blowing and exellect on hacking for newbies and for beigners those is new in the field of Hacking.
thanks a lot for this valuable tools download links
i want to hack a runescape account
[...] Top 15 Security Hacking Utilities [...]
[...] A good summary with a description and links of some of the top tools in the Hacking/Security arena. For old hands it will be a familiar list but most people will find a thing or two they didn’t know about.read more | digg story [...]
Great list! Thanks alot!
this is a very useful wesbite. thanks
Question. When your chatting in a chat room such as yahoo, and people come in under diffrent names there use to be a program that enabled you to type in that persons name while they were IN THE SAME ROOM you were in, to find out what there ISP number is, and what state they are in, what is this sort of program called, and is it available still. Dont want nothing harmful just would like to know who’s impish. Please let me know
and thank you in advance for your time
Anita
If you are able to see that persons IP address (I never used any of those chat rooms), you can use dnsstuff.com to find more information about that IP.
Hey Gouki,
Thank you for helping me out. That was very nice of you.
Regards
Anita
No problem Anita.
[...] Comenzamos con un listado de quince herramientas, entre las que destacan el revienta contraseñas John The Ripper o los clásico del análisis de redes Ethereal y stumbler. Otro clásico contra las contraseñas de Windows: Ophcrack 2 (para una mayor comodidad, disponible hasta como Live CD). Y hasta tenemos un análisis de diferentes opciones para reventar la contraseña en Forgot the Administrator’s Password?. [...]
i want u to help me retrieve my email (william_shakespeasre911@hotmail.com)
hi!
i m nishi. i want to learn heck. so how can i started
ï dont understand any fuckin word!
i wont to hack to learn……………. and i see this site as a very nice site that can provide me with all i wont about hacking and programming. kindly send me details on how ot get thingd down . thank you……………hope to hear from you soonest.
ronke.
Very good info. for beginners… But they are not “Top 15″…
Thanks.
Jay
i wont to hack to learn……………. and i see this site as a very nice site that can provide me with all i wont about hacking and programming. kindly send me details on how ot get thingd down . thank you……………hope to hear from you soonest.
ronke.
nice list of hacking tools.. But somewhat hard to learn for beginners like me.. But I’ll try to work on your tools..
LCP is trojan-tastic!
hello i wanna get host scanner and mailer scammer cos am a spammer here this is my 1st time coming to this site pls
help me. i i need new mailer injections and ftp host injections and explct pls help me mail me back any one that can help me
i like this site cos and i wanna leacn how to hack well .thanks
thanks
i love this site
best regard
seller
Hello Masters,
can any one tellme how to get yahoo passwords throug editing messenger regisrty. and we get id password as offline message
please let me know if any one really know it
theres must be some software like free phone calls all games download virus creation mobile phone software download a bit of all small things but which r very useful to play with u see hacking is not just breaking law but to play with it whithout being behind bars?
thanking u for for site but ,am a begginer i would like to be tutored please.
I want to learn how to hack, an advanced tutorials surfing and hacking on the internet can you please send me a advanced installer for hacking on my email….Thanks a lot that top 15 hacking utilities is nice
what about hacking windows vista?
i was wondering if any of you kind people would teach me how to steal internet off my next door neighbour
his wireless connection is encrypted i need to bypass that some how or break it
i got a net work stumbler … im confused and do not know what to do
please help me
feel free to email me comments @
helmut.godofgods@gmail.com
thx alot
i still dont understand i downloaded yersina but it is just a bunch of files what do i do can u guide me step by step please im a complete idiot at this
If you’re a “complete iditot”, I don’t recommend using Yersinia. It’s a complex tool which involves knowledge of several things, low level protocols included.
Just to clear it up to you, you downloaded the source. In order to use the application you will have to compile it. Try searching for a binary package for your GNU/Linux distribution (you are using Linux, right!?).
I’m currently working on a Debian package, but that will still take a while.
i aint using linux im using windows xp
please help i can hear my neighbours encrypted wireless internet service crying for my use
i dont no jack about hacking, all i know about is ip adresses
i have ablel and cain i also have a net stumbler
pls i need different types of softwares for hacking and resolving problems on computer/network.also need an extensive coaching on how to be an hacker.i will be glad if this can be granted assp.i will be looking forward to your reply.
Thanks in advance.
Regards
Ethereal’s name changed a few months ago. Due to trademark issues, we switched to Wireshark last May.
Thanks Gerald, I’ve updated the post to reflect that.
nice work..
[...] Top 15 Security/Hacking Tools & Utilities – 201,122 Views [...]
hi im looking to see if i can find program which will help me obtain peoples passwords on http://www.runescape.com is it possible with all the security the site has and if so can someone help me? Thanks
Hi,
im after a keylogger which can be remotely installed, attched to a program or pic… and is undetectable by avast,avg, whatever… Please help ahave looked everwhere and this is my last resort…
hi
this agood site i think, and please i wanna know everything in the computers connecting with me in my networking
wanna know which they explore….wanna know every thing when someone from them put his ass in his disk until he raise it…..my email is…marhab_1001@yahoo.com……and thanks alot for allllll………
alert (”hi to all”)
Awesome stuff
This is an awesome article! nice
no one said ettercap!? Craziness…
s1n ettercap was already mentioned := wireshark
[...] A good summary with a description and links of some of the top hacking tools in the Hacking/Security arena. For old hands it will be a familiar list but most people will find a thing or two they didn’t know about it. You can review on this site : http://www.darknet.org [...]
I would like to get superscan but all of the downloads i have tried dont work also whenever i try to use nmap the screen just flashes all f the command in command and then quits. Suggestions?
nmap is a command line utility, run cmd.exe and after that start nmap…. about superscan try harder (way to simple) with google.
I have Superscan, I’ll try and hook it up later.
i looked for superescan for about 45 minutes and found nothing except dead links if you say its so easy fing and give me the link and thanks for the nmap thing it worked.
I was also wondering when i try to download .zip file why my browser displays a little X and does not let me download it also was shouli use to open files that aren’t .exe those do not work either
Suggestions?
1. click here
2. i used google “superscan download” and the 5th link is above
3. install firefox
4. if firefox, reinstall because you possibly mis configured it
previously i said at the second point that I searched on google “superscan download”, in fact i searched “download superscan”.
if I would have searched for the first time “superscan download”, I would have found the link I gave you in the first position, not 5th
Hey you left out tools to find software based exploits, including cracking and debugging.
I have one to add, the old OllyDBG has been replace by Immunity Debugger. Its a free piece of software created by Immunity, a pentesting company and its purportedly From my latest tests its a great free alternative to IDA Pro.
BTW- I wish I had a job with Immunity, but I don’t, so I’m not selling snake oil here.
TRDQ: This is an old post dude, although it’s still incredibly popular – I have been planning to do an update for 2007 – I have the Immunity Debugger post in draft already – cool tool
SWEET!! Something I mentioned is gonna be in an article. Unless … you found it before I mentioned it didn’t you
Of course we found it before you mentioned it
Darn! Hey, you said “WE found it” are there more than one of you?
TRDQ: I cloned myself to more efficiently scour the web for cool stuff to post here
Darn, I told my Mom I needed a clone, but she was all “Blah Blah affront to nature Etc.”. I am so not going to help her when she loses her shoes next time.
nice collection of tools.but what about a starter.
can any one teach me how to hack??????
I’ve been reading all of these posts and many of them deal with wanting to learn how to hack. If you have searched google with “How to hack,” I’m sure you have stumbled upon many short and confusing answers.
Just some advice for those that this applies to. Look at many definitons of what hacking is (hint). When you understand what those definitions are all about, start learning more about how computers work; start with the very basics of controlling computers (programming).
You are not going to find a simple answer and instruction booklet giving you lessons to become a 1337 hax0r. You have to have the motivation and build the skills to teach yourself. Hacking is not just something you learn to do overnight. It involves years of hard work and dedication.
I first searched google with “How to hack” about 10 years ago. It brought me to page after page of things I didn’t understand. Now after going for a degree in computer science and mathematics, as well as spending years researching as much as I can about how electronics work, I understand a lot more, but still there is so much for me to learn.
If you don’t know binary, html (or any language for that matter), how the internet works, or what hacking really means, don’t fret. Just put in the time to understand these things. You won’t see the beauty of hacking until you understand the world of language of computers.
You should look at w3af the web auditing and attack frame work. I have a tutorial on its uses to audit web applications at http://pentesterconfessions.blogspot.com/2007/10/how-to-use-w3af-to-audit-web.html
Check it out…
Yes ascetik, you are right.. w3af is worth checking out… and darknet posted this article on it:
http://www.darknet.org.uk/2007/08/w3af-web-application-attack-and-audit-framework/
Darknet is always a step ahead
[...] 15 Security/Hacking Tools and Utilities Darknet has a great list of tools that you might use if you were trying to check the vulnerability of your [...]
Anyone else found the Win version of p0f doesn’t run (asked for missing dll’s which I provided, then found another executable problem which I can’t remember the exact details of now) – or is it just because I tried using it on XP sp1?
I would try updating to SP2 and applying all the new window updates as well as updating drivers for stuff like .Net (I know there’s no correlation but never hurts), etc.
If I have some free time I’ll look into it. What DLL is failing to load if you don’t mind me asking?
It’s not my OS / machine so I wouldn’t update it; was just wondering if anyone else had found the win binary didn’t run.
I suppose a better way of phrasing that would’ve been: anyone try it on XP SP2 and found it worked ok.
One of them was packet.dll, I forget what the other one was. The executable problems exact details similarly escape me.
p0f requires winpcap get that one here:
http://www.mirrorservice.org/sites/ftp.wiretapped.net/pub/security/packet-capture/winpcap/
Ran perfect after extracting the zip file (Win XP SP2)
huh.. still fighting with OS XP ..?? get over it.. switch to Vista now it also works fine after 1st SP released..
Thanks Pantagruel, I hadn’t noticed you posted that until now – it’s hard keeping track of what’s been commented on here.
BoYRuLeZ – it’d seem not everyone shares that view of Vista’s recent service pack update; at any rate I don’t know if p0f has a Vista version anyway.
Must be a lonely place that one – the ‘don’t use XP Pro SP2, use Vista instead’ area. My tastes don’t run into the only apps that would really benefit (moreso in the future since there’s still some Nvidia issues) from a Vista upgrade over XP – namely DivX10 games. Certainly, going the Vista route isn’t worth it unless you go 64 bit. And I think you have to make sure you get an OEM (the more expensive version?) cause otherwise it locks to whatever motherboard it’s installed on! Secure yes, but an issue if you want to upgrade or if anything goes wrong with the board.
‘Nother thing some folks were complaining about was the user-unauthorised updates, some of which turn off vital firewall settings, and apparently report back on user activity to the vendor. Yikes.
That said, it’ll be nice to see what the game coders are going to do with all the extra multicore and more RAM, and the 64 bit, capabilities Vista has. The hardware is available but the software isn’t really making use of it as yet. Scalable parallel coding is a good place to start.
with zupakomputer
There is little use in Vista except the much heralded but badly supported DX10. 64bit is an option but driver support (as with 64 bit XP) is lacking. Honestly I see little need for a perfectly working XP-SP2 setup to be ‘upgraded’ to Vista-SP1 for merely some eye candy and the performance loss suffered. The one reason might be 4+ GB of RAM support, but for now 2GB works well enough.
DX10 – that’s what I meant. Not sure where that ‘v’ came from..
I see no use for vista. Personally I consider it the new windows millennium edition the filling between XP and Windows 7 (aka Blackcomb, Vienna or whatever there calling it now). Just like millennium edition was the filling between win98SE and XP.
@ James C
True Vista feels more like plastic surgery than a real improvement.
The adition of user account control sound great but tin the real world it’s turned off quick enough since nearly everyone expects to be the local superuser by default (partially a problem due to badly written 3rd party software not being able to function properly under UAC.
Hopefully the new Windows version will finale sport all the things Vista was supposed to have but ended up doing without (file system for instance)
hi im brand new to hacking, i should probably learn c++ and stuff before i get going on hard stuff but for now im trying to use LCP a lot of the spaces i have to enter info in are complete 0110111011 to me and cant really guess it in cause of my noobness, any tutorials?
Ok, I know… I am a bit « marginal » here but my preferred tool remains well … WIN XP SP2!
Think about that:
Plain cheap! Instead of this expensive hardware protocol analyzer, this digital scope or this data generator/logger… That piece of “MotherCode” allows me to run all the mentioned software plus a myriad of nevertless usefull apps.
Embeded in each WIN OS is this IExplorer – for free >;-) I am the doctor!
A few Gb of manuals and downloads. An exotic NIC. And I could list more of that stuff. Also, if you setup small home network like for Bob, Mary and Junior, sure you’ll find an XP around.
So now: Do you think XP should have his entry in this “Top 15 Security/Hacking Tools & Utilities” ?
@ZaD MoFo
This list is the of the “Top 15 Security/Hacking Tools & Utilities” . XP SP2 is an OS not a tool or utility for hacking(all be it the best Microsoft OS at the minute). XP SP2 provides only the environment in which a hacking/Security tool can run, as can any other OS.
So to answer your question “Do you think XP should have his entry in this “Top 15 Security/Hacking Tools & Utilities” ?”
For me, I say No, as you would have to include every other OS, which would take away from the main propose of the list.
@James C
I think Zad MoFo is making fun of the recent ‘me’s too dumb ass to read howto’s and wants quick cracking skillz for yahoo/gmail/facebook/etc.’ postings. I must admit they are getting a tad annoying those ‘ I want to crack but without any effort spend’ calls for help.
all good tools to have in your collection.
Excellent list of tools, NMAP definitely deserves to be number 1.
thanks for information , i just search from Google about hacking software and i found top-15-security hacking tools utilities from impcompfacts.blogspot.com. so , i want to share information and sorry if i mistake about article source.
“I Hacker but not Cracker”
This is really a great list of tools to fill the gaps, even I haven’t played with a fair few in this list, glad I found it while trawling through the old posts. One of my favourites that was recently ported to Linux is AngryIP scanner, it can scan a whole /24 in about a minute through its multi-threaded approach.
Nice information, thanks dude!!