Top 15 Security Utilities & Download Hacking Tools

Outsmart Malicious Hackers


This is a list of some of the most common hacking tools, security utilities with direct links for the most relevant (like ethereal hacking) and best to download hacking tools.

Download Hacking Tools


Download Hacking Tools Below

1. Nmap

I think everyone has heard of this one, recently evolved into the 4.x series.

Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.

Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.

Get Nmap Here

2. Nessus Remote Security Scanner

Recently went closed source, but is still essentially free. Works with a client-server framework.

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Get Nessus Here

Also see: OpenVAS – Open Vulnerability Assessment System (Nessus is Back!).


3. John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

You can get JTR Here

Also see – JTR (Password Cracking) – John the Ripper 1.7 Released – FINALLY.

4. Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).

Get Nikto Here

Also see – Nikto 2.1.0 Released – Web Server Security Scanning Tool.

5. SuperScan

Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.

If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.

Get SuperScan Here

Also see – Superscan v4.0 – Fast TCP & UDP Port Scanner for Windows.

6. p0f

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

– machines that connect to your box (SYN mode),
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.

Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.

Get p0f Here

Also see – p0f – Advanced Passive OS Fingerprinting Tool.


7. Wireshark (Formely Ethereal)

Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.

Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.

Get Wireshark Here

Also see – Wireshark 1.2.1 Released – Network Protocol Analyzer.

8. Yersinia

Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).

The best Layer 2 kit there is.

Get Yersinia Here

Also see – Yersinia 0.7 Released with 802.1x Support – Layer 2 Attack Framework.

9. Eraser

Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.

An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.

Get Eraser Here.

10. PuTTY

PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4x0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.

Get PuTTY Here.


11. LCP

Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.

A good free alternative to L0phtcrack.

LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article.

Get LCP Here

Also see – LCP – A Good FREE Alternative to L0phtcrack (LC5).

12. Cain and Abel

My personal favourite for password cracking of any kind.

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.

Get Cain and Abel Here

Also see – Cain & Abel – Download the Super Fast and Flexible Password Cracker with Network Sniffing.

13. Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

A good wireless tool as long as your card supports rfmon (look for an orinocco gold).

Get Kismet Here

Also see – Kismet – Wireless Network Hacking, Sniffing & Monitoring.

14. NetStumbler

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

  • Verify that your network is set up the way you intended.
  • Find locations with poor coverage in your WLAN.
  • Detect other networks that may be causing interference on your network.
  • Detect unauthorized “rogue” access points in your workplace.
  • Help aim directional antennas for long-haul WLAN links.
  • Use it recreationally for WarDriving.

Get NetStumbler Here

Also see – NetStumbler – Windows Freeware to Detects Insecure Wireless Networks.


15. hping

To finish off your download hacking tools mission, something a little more advanced if you want to test your TCP/IP packet monkey skills.

hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.

Get hping Here

Also see – hping3 – TCP/IP Packet Assembler & Analyser.

You can also check out the Top 10 Security Live CDs for Pen-Testing, Forensics and Recovery Here.

Posted in: Hacking Tools

, , , , , , , , , , , , , ,


Latest Posts:


Terabytes Of US Military Social Media Spying S3 Data Exposed Terabytes Of US Military Social Media Spying S3 Data Exposed
Once again the old, default Amazon AWS S3 settings are catching people out, the US Military has left terabytes of social media spying S3 data exposed.
SNIFFlab - Create Your Own MITM Test Environment SNIFFlab – Create Your Own MITM Test Environment
SNIFFlab is a set of scripts in Python that enable you to create your own MITM test environment for packet sniffing through a WiFi access point.
Skype Log Viewer Download - View Logs on Windows Skype Log Viewer Download – View Logs on Windows
Skype Log Viewer allows you to download and view the Skype history and log files, on Windows, without actually downloading the Skype client itself.
Ethereum Parity Bug Destroys Over $250 Million In Tokens Ethereum Parity Bug Destroys Over $250 Million In Tokens
If you are into cryptocurrency or blockchain at all, you will have heard about the Ethereum Parity Bug that has basically binned $280 Million + ETH.
WPSeku - Black-Box Remote WordPress Security Scanner WPSeku – Black-Box Remote WordPress Security Scanner
WPSeku is a black box WordPress Security scanner that can be used to scan remote WordPress installations to find security issues and vulnerabilities.
Malaysia Telco Hack - Corporations Spill 46 Million Records Malaysia Telco Hack – Corporations Spill 46 Million Records
The Malaysia Telco Hack has been blowing up in the news with over 42 Million Records being leaked including IMEI numbers, SIM details and home addresses.


89 Responses to Top 15 Security Utilities & Download Hacking Tools

  1. Ivan Minic April 17, 2006 at 6:42 am #

    Serious stuff mate…

  2. toufeeq April 17, 2006 at 7:00 am #

    Add Metasploit to the list.
    website: http://metasploit.org

  3. Pedro Venda April 17, 2006 at 7:15 am #

    Nice set of tools.
    I’d add the paros proxy since it’s is an absolutely critical, irreplaceable, must-have tool when doing web pen testing. It’s multiplatform (java) and distributed under the GPL.

    Cheers,

  4. Darknet April 17, 2006 at 7:17 am #

    toufeeq: Problem with metasploit is that is does everything all in one shot, not so great for learning, I recommend it once you already know how to do what it does manually, not before then!

    Pedro: Yah it’s an excellent tool, the latest version was recently released, I do personally prefer Burp Suite, I will be featuring both in a future article about Applications for Web Testing.

  5. Martin April 17, 2006 at 8:37 am #

    Great list of tools, I enjoyed reading your recommendations and suppose my visitors will also like them. Keep up the good work.

  6. Lord Arcane April 17, 2006 at 12:21 pm #

    Nice i personally like them all but you can’t forget about the oldie but goodie BO2K

  7. Darknet April 17, 2006 at 12:33 pm #

    Martin: Thanks, I hope they do :)

    Lord Arcane: Yah it’s not bad, there are much better RAT software out there now like Optix and Beast though.

  8. Keith April 17, 2006 at 1:13 pm #

    I have personally used nmap before. However, I would prefer to use the following command:

    nmap -v -sS -A xxx.xxx.xxx.xxx

    to provide a verbose of the result as well as stealth scanning together with the result of the operating system underlying the network.

    Ethereal is only a tool to detect the presence of local LAN machine, and packet between your PC and that PC. Nothing much really.

    I like Putty, as it is a portable application. You can run it wherever you go, as long as you store it on your USB thumb drive or even a floppy drive (aging device).

    From all these, Linux will provide the most hacking tools if you want to know, compared to Windows.

    This is just a simple first step to learn to hack, not really hack to learn. Actualy, it’s not even hacking!!

  9. eedahs April 17, 2006 at 1:41 pm #

    You forgot netcat, netwag and metasploit

  10. Jeff Schroeder April 17, 2006 at 4:05 pm #

    You included some excellent tools, but you forgot the 2nd most important one. dsniff or hunt for doing man in the middle attacks. I would rate both of those tools right below nmap and way above hping. If you update this, you might check out those tools.

    Great post btw.

  11. mcsr April 18, 2006 at 6:05 am #

    does any body cracked password and login of this site

  12. reN_hat April 18, 2006 at 12:50 pm #

    hi… im just a newbie… and i wanna know which software to use… to crack yahoo e-mail passwords…. tnx…. i need my friendster pass too….. pls. anyone? tnx would the cain and abel work for that one?

  13. Luther Blissett April 18, 2006 at 1:51 pm #

    Just a couple of things.

    “Nmap uses raw IP packets in novel ways to determine what hosts are available on the network”. Thats not necessarely true. Many times nmap uses ethernet frames to tell if a host is up or down. This is much more effective than sending IP paquets and it also prevents Intrusion Detection Systems from being suspicious about your intentions.

    When u talk about Yersinia: “[…]weakeness in different Layer 2 protocols[…].” and you include DHCP in it. DHCP is encapsulated in UDP packets(layer 4) which are also encapsulated in IP datagrams (layer 3). So UDP is not a layer 2 protocol at all. I’d say its an application layer protocol.

    Please, let me know if im wrong. I’d just wanted to correct 2 little mistakes. Anyway, good post. It’s nice that someone writes about this kind of stuff.

  14. Darknet April 20, 2006 at 8:13 am #

    Luther Blissett: Thanks for your input! Those phrases you quote were abstracted from the actual authors of the tools, so I’m sure they know what their tools do! As for using Ethernet frames it quites rare for nmap, if you use the –packet_trace option in nmap you can see the communications send and received during a typical scan. AFAIK nmap has only supported ethernet frames since version 4 mainly to get around the limitations imposed on Windows XP in SP2, so nmap can now send at a lower level in the stack, thus bypassing these restrictions (–send-eth switch), raw socket generation is still the best option for *nix based systems. As for Yersinia, that’s debatable, but it’s considered DHCP is application layer, but DHCP delivery must be via layer 2.

  15. sunny April 29, 2006 at 3:04 am #

    where can i get zipped hacking softwares & tools

  16. Vipin Kumar May 3, 2006 at 6:29 am #

    Hai,
    This article is mind blowing and exellect on hacking for newbies and for beigners those is new in the field of Hacking.

    thanks a lot for this valuable tools download links

  17. Beast aryan May 12, 2006 at 5:20 pm #

    i want to hack a runescape account

  18. Marc June 2, 2006 at 5:59 pm #

    Great list! Thanks alot!

  19. Ibrahim June 4, 2006 at 11:46 am #

    this is a very useful wesbite. thanks

  20. Anita June 15, 2006 at 4:19 am #

    Question. When your chatting in a chat room such as yahoo, and people come in under diffrent names there use to be a program that enabled you to type in that persons name while they were IN THE SAME ROOM you were in, to find out what there ISP number is, and what state they are in, what is this sort of program called, and is it available still. Dont want nothing harmful just would like to know who’s impish. Please let me know
    and thank you in advance for your time
    Anita

  21. Gouki June 15, 2006 at 5:21 pm #

    If you are able to see that persons IP address (I never used any of those chat rooms), you can use dnsstuff.com to find more information about that IP.

  22. anita June 18, 2006 at 4:18 am #

    Hey Gouki,
    Thank you for helping me out. That was very nice of you.
    Regards
    Anita

  23. Gouki June 18, 2006 at 6:35 pm #

    No problem Anita.

  24. Sami July 4, 2006 at 5:44 pm #

    i want u to help me retrieve my email (william_shakespeasre911@hotmail.com)

  25. nishi July 15, 2006 at 2:42 pm #

    hi!
    i m nishi. i want to learn heck. so how can i started

  26. pöö July 20, 2006 at 10:55 am #

    ï dont understand any fuckin word!

  27. ronke July 24, 2006 at 8:54 pm #

    i wont to hack to learn……………. and i see this site as a very nice site that can provide me with all i wont about hacking and programming. kindly send me details on how ot get thingd down . thank you……………hope to hear from you soonest.
    ronke.

  28. Jay Sam July 25, 2006 at 5:27 pm #

    Very good info. for beginners… But they are not “Top 15″…

    Thanks.

    Jay

  29. nishi July 27, 2006 at 12:46 pm #

    i wont to hack to learn……………. and i see this site as a very nice site that can provide me with all i wont about hacking and programming. kindly send me details on how ot get thingd down . thank you……………hope to hear from you soonest.
    ronke.

  30. Blight July 29, 2006 at 12:07 am #

    nice list of hacking tools.. But somewhat hard to learn for beginners like me.. But I’ll try to work on your tools..

  31. Nurreg August 2, 2006 at 1:23 pm #

    LCP is trojan-tastic!

  32. seller September 10, 2006 at 3:14 pm #

    hello i wanna get host scanner and mailer scammer cos am a spammer here this is my 1st time coming to this site pls
    help me. i i need new mailer injections and ftp host injections and explct pls help me mail me back any one that can help me
    i like this site cos and i wanna leacn how to hack well .thanks
    thanks
    i love this site
    best regard
    seller

  33. stuartb4u September 18, 2006 at 11:58 am #

    Hello Masters,

    can any one tellme how to get yahoo passwords throug editing messenger regisrty. and we get id password as offline message

    please let me know if any one really know it

  34. vinesh September 28, 2006 at 3:30 pm #

    theres must be some software like free phone calls all games download virus creation mobile phone software download a bit of all small things but which r very useful to play with u see hacking is not just breaking law but to play with it whithout being behind bars?

  35. sadiq November 6, 2006 at 2:47 pm #

    thanking u for for site but ,am a begginer i would like to be tutored please.

  36. anthony_dordines November 27, 2006 at 3:13 am #

    I want to learn how to hack, an advanced tutorials surfing and hacking on the internet can you please send me a advanced installer for hacking on my email….Thanks a lot that top 15 hacking utilities is nice

  37. Anthony_ November 27, 2006 at 7:39 am #

    what about hacking windows vista?

  38. leoz December 8, 2006 at 9:04 am #

    i was wondering if any of you kind people would teach me how to steal internet off my next door neighbour
    his wireless connection is encrypted i need to bypass that some how or break it
    i got a net work stumbler … im confused and do not know what to do
    please help me
    feel free to email me comments @
    helmut.godofgods@gmail.com
    thx alot

  39. leoz December 9, 2006 at 1:10 am #

    i still dont understand i downloaded yersina but it is just a bunch of files what do i do can u guide me step by step please im a complete idiot at this

  40. Gouki December 9, 2006 at 1:46 am #

    If you’re a “complete iditot”, I don’t recommend using Yersinia. It’s a complex tool which involves knowledge of several things, low level protocols included.

    Just to clear it up to you, you downloaded the source. In order to use the application you will have to compile it. Try searching for a binary package for your GNU/Linux distribution (you are using Linux, right!?).

    I’m currently working on a Debian package, but that will still take a while.

  41. leoz December 9, 2006 at 8:46 am #

    i aint using linux im using windows xp
    please help i can hear my neighbours encrypted wireless internet service crying for my use
    i dont no jack about hacking, all i know about is ip adresses
    i have ablel and cain i also have a net stumbler

  42. evans December 22, 2006 at 8:38 am #

    pls i need different types of softwares for hacking and resolving problems on computer/network.also need an extensive coaching on how to be an hacker.i will be glad if this can be granted assp.i will be looking forward to your reply.
    Thanks in advance.

    Regards

  43. Gerald Combs January 8, 2007 at 10:28 pm #

    Ethereal’s name changed a few months ago. Due to trademark issues, we switched to Wireshark last May.

  44. Darknet January 10, 2007 at 4:47 am #

    Thanks Gerald, I’ve updated the post to reflect that.

  45. allyshen January 21, 2007 at 5:04 pm #

    nice work..

  46. dan February 8, 2007 at 4:59 am #

    hi im looking to see if i can find program which will help me obtain peoples passwords on http://www.runescape.com is it possible with all the security the site has and if so can someone help me? Thanks

  47. Derek March 7, 2007 at 1:19 pm #

    Hi,

    im after a keylogger which can be remotely installed, attched to a program or pic… and is undetectable by avast,avg, whatever… Please help ahave looked everwhere and this is my last resort…

  48. afandina March 8, 2007 at 2:02 pm #

    hi
    this agood site i think, and please i wanna know everything in the computers connecting with me in my networking

    wanna know which they explore….wanna know every thing when someone from them put his ass in his disk until he raise it…..my email is…marhab_1001@yahoo.com……and thanks alot for allllll………

  49. qwe April 7, 2007 at 6:53 am #

    alert (“hi to all”)

  50. Adi May 22, 2007 at 9:01 pm #

    Awesome stuff

  51. jean June 12, 2007 at 10:16 am #

    This is an awesome article! nice

  52. s1n June 13, 2007 at 12:09 pm #

    no one said ettercap!? Craziness…

  53. backbone June 13, 2007 at 3:36 pm #

    s1n ettercap was already mentioned := wireshark

  54. Rob July 9, 2007 at 12:42 pm #

    I would like to get superscan but all of the downloads i have tried dont work also whenever i try to use nmap the screen just flashes all f the command in command and then quits. Suggestions?

  55. backbone July 9, 2007 at 8:34 pm #

    nmap is a command line utility, run cmd.exe and after that start nmap…. about superscan try harder (way to simple) with google.

  56. Darknet July 10, 2007 at 4:13 am #

    I have Superscan, I’ll try and hook it up later.

  57. Rob July 11, 2007 at 8:56 pm #

    i looked for superescan for about 45 minutes and found nothing except dead links if you say its so easy fing and give me the link and thanks for the nmap thing it worked.
    I was also wondering when i try to download .zip file why my browser displays a little X and does not let me download it also was shouli use to open files that aren’t .exe those do not work either
    Suggestions?

  58. backbone July 11, 2007 at 9:45 pm #

    1. click here
    2. i used google “superscan download” and the 5th link is above
    3. install firefox
    4. if firefox, reinstall because you possibly mis configured it

  59. backbone July 11, 2007 at 9:47 pm #

    previously i said at the second point that I searched on google “superscan download”, in fact i searched “download superscan”.

    if I would have searched for the first time “superscan download”, I would have found the link I gave you in the first position, not 5th

  60. TheRealDonQuixote August 9, 2007 at 10:20 pm #

    Hey you left out tools to find software based exploits, including cracking and debugging.

    I have one to add, the old OllyDBG has been replace by Immunity Debugger. Its a free piece of software created by Immunity, a pentesting company and its purportedly From my latest tests its a great free alternative to IDA Pro.

    BTW- I wish I had a job with Immunity, but I don’t, so I’m not selling snake oil here.

  61. Darknet August 10, 2007 at 4:44 am #

    TRDQ: This is an old post dude, although it’s still incredibly popular – I have been planning to do an update for 2007 – I have the Immunity Debugger post in draft already – cool tool :)

  62. TheRealDonQuixote August 10, 2007 at 7:22 pm #

    SWEET!! Something I mentioned is gonna be in an article. Unless … you found it before I mentioned it didn’t you :(

  63. Darknet August 11, 2007 at 5:23 am #

    Of course we found it before you mentioned it :)

  64. TheRealDonQuixote August 11, 2007 at 8:01 pm #

    Darn! Hey, you said “WE found it” are there more than one of you?

  65. Darknet August 13, 2007 at 8:53 am #

    TRDQ: I cloned myself to more efficiently scour the web for cool stuff to post here :D

  66. TheRealDonQuixote August 14, 2007 at 1:06 am #

    Darn, I told my Mom I needed a clone, but she was all “Blah Blah affront to nature Etc.”. I am so not going to help her when she loses her shoes next time.

  67. ashish August 18, 2007 at 11:54 am #

    nice collection of tools.but what about a starter.
    can any one teach me how to hack??????

  68. cueva.quebrada August 21, 2007 at 6:52 am #

    I’ve been reading all of these posts and many of them deal with wanting to learn how to hack. If you have searched google with “How to hack,” I’m sure you have stumbled upon many short and confusing answers.

    Just some advice for those that this applies to. Look at many definitons of what hacking is (hint). When you understand what those definitions are all about, start learning more about how computers work; start with the very basics of controlling computers (programming).

    You are not going to find a simple answer and instruction booklet giving you lessons to become a 1337 hax0r. You have to have the motivation and build the skills to teach yourself. Hacking is not just something you learn to do overnight. It involves years of hard work and dedication.

    I first searched google with “How to hack” about 10 years ago. It brought me to page after page of things I didn’t understand. Now after going for a degree in computer science and mathematics, as well as spending years researching as much as I can about how electronics work, I understand a lot more, but still there is so much for me to learn.

    If you don’t know binary, html (or any language for that matter), how the internet works, or what hacking really means, don’t fret. Just put in the time to understand these things. You won’t see the beauty of hacking until you understand the world of language of computers.

  69. ascetik October 18, 2007 at 2:26 am #

    You should look at w3af the web auditing and attack frame work. I have a tutorial on its uses to audit web applications at http://pentesterconfessions.blogspot.com/2007/10/how-to-use-w3af-to-audit-web.html

    Check it out…

  70. Sandeep Nain October 18, 2007 at 12:30 pm #

    Yes ascetik, you are right.. w3af is worth checking out… and darknet posted this article on it:

    https://www.darknet.org.uk/2007/08/w3af-web-application-attack-and-audit-framework/

    Darknet is always a step ahead :)

  71. zupakomputer February 19, 2008 at 6:29 pm #

    Anyone else found the Win version of p0f doesn’t run (asked for missing dll’s which I provided, then found another executable problem which I can’t remember the exact details of now) – or is it just because I tried using it on XP sp1?

  72. eM3rC February 20, 2008 at 2:59 am #

    I would try updating to SP2 and applying all the new window updates as well as updating drivers for stuff like .Net (I know there’s no correlation but never hurts), etc.

    If I have some free time I’ll look into it. What DLL is failing to load if you don’t mind me asking?

  73. zupakomputer February 20, 2008 at 6:10 pm #

    It’s not my OS / machine so I wouldn’t update it; was just wondering if anyone else had found the win binary didn’t run.
    I suppose a better way of phrasing that would’ve been: anyone try it on XP SP2 and found it worked ok.

    One of them was packet.dll, I forget what the other one was. The executable problems exact details similarly escape me.

  74. Pantagruel February 20, 2008 at 10:53 pm #

    p0f requires winpcap get that one here:
    http://www.mirrorservice.org/sites/ftp.wiretapped.net/pub/security/packet-capture/winpcap/

    Ran perfect after extracting the zip file (Win XP SP2)

  75. BoYRuLeZ March 20, 2008 at 2:27 pm #

    huh.. still fighting with OS XP ..?? get over it.. switch to Vista now it also works fine after 1st SP released..

  76. zupakomputer March 20, 2008 at 3:49 pm #

    Thanks Pantagruel, I hadn’t noticed you posted that until now – it’s hard keeping track of what’s been commented on here.

    BoYRuLeZ – it’d seem not everyone shares that view of Vista’s recent service pack update; at any rate I don’t know if p0f has a Vista version anyway.

    Must be a lonely place that one – the ‘don’t use XP Pro SP2, use Vista instead’ area. My tastes don’t run into the only apps that would really benefit (moreso in the future since there’s still some Nvidia issues) from a Vista upgrade over XP – namely DivX10 games. Certainly, going the Vista route isn’t worth it unless you go 64 bit. And I think you have to make sure you get an OEM (the more expensive version?) cause otherwise it locks to whatever motherboard it’s installed on! Secure yes, but an issue if you want to upgrade or if anything goes wrong with the board.

    ‘Nother thing some folks were complaining about was the user-unauthorised updates, some of which turn off vital firewall settings, and apparently report back on user activity to the vendor. Yikes.

    That said, it’ll be nice to see what the game coders are going to do with all the extra multicore and more RAM, and the 64 bit, capabilities Vista has. The hardware is available but the software isn’t really making use of it as yet. Scalable parallel coding is a good place to start.

  77. Pantagruel March 21, 2008 at 1:11 pm #

    with zupakomputer

    There is little use in Vista except the much heralded but badly supported DX10. 64bit is an option but driver support (as with 64 bit XP) is lacking. Honestly I see little need for a perfectly working XP-SP2 setup to be ‘upgraded’ to Vista-SP1 for merely some eye candy and the performance loss suffered. The one reason might be 4+ GB of RAM support, but for now 2GB works well enough.

  78. zupakomputer March 21, 2008 at 3:35 pm #

    DX10 – that’s what I meant. Not sure where that ‘v’ came from..

  79. James C March 21, 2008 at 4:09 pm #

    I see no use for vista. Personally I consider it the new windows millennium edition the filling between XP and Windows 7 (aka Blackcomb, Vienna or whatever there calling it now). Just like millennium edition was the filling between win98SE and XP.

  80. Pantagruel March 21, 2008 at 7:40 pm #

    @ James C
    True Vista feels more like plastic surgery than a real improvement.
    The adition of user account control sound great but tin the real world it’s turned off quick enough since nearly everyone expects to be the local superuser by default (partially a problem due to badly written 3rd party software not being able to function properly under UAC.
    Hopefully the new Windows version will finale sport all the things Vista was supposed to have but ended up doing without (file system for instance)

  81. me April 3, 2008 at 9:48 pm #

    hi im brand new to hacking, i should probably learn c++ and stuff before i get going on hard stuff but for now im trying to use LCP a lot of the spaces i have to enter info in are complete 0110111011 to me and cant really guess it in cause of my noobness, any tutorials?

  82. ZaD MoFo April 4, 2008 at 5:01 am #

    Ok, I know… I am a bit

  83. James C April 4, 2008 at 5:42 pm #

    @ZaD MoFo
    This list is the of the “Top 15 Security/Hacking Tools & Utilities” . XP SP2 is an OS not a tool or utility for hacking(all be it the best Microsoft OS at the minute). XP SP2 provides only the environment in which a hacking/Security tool can run, as can any other OS.

    So to answer your question “Do you think XP should have his entry in this

  84. Pantagruel April 4, 2008 at 10:07 pm #

    @James C

    I think Zad MoFo is making fun of the recent ‘me’s too dumb ass to read howto’s and wants quick cracking skillz for yahoo/gmail/facebook/etc.’ postings. I must admit they are getting a tad annoying those ‘ I want to crack but without any effort spend’ calls for help.

  85. fever April 8, 2008 at 7:52 pm #

    all good tools to have in your collection.

  86. billy June 18, 2008 at 7:36 am #

    Excellent list of tools, NMAP definitely deserves to be number 1.

  87. dery pratama July 22, 2008 at 12:30 am #

    thanks for information , i just search from Google about hacking software and i found top-15-security hacking tools utilities from impcompfacts.blogspot.com. so , i want to share information and sorry if i mistake about article source.
    “I Hacker but not Cracker”
    ;-)

  88. Morgan Storey August 16, 2008 at 10:07 am #

    This is really a great list of tools to fill the gaps, even I haven’t played with a fair few in this list, glad I found it while trawling through the old posts. One of my favourites that was recently ported to Linux is AngryIP scanner, it can scan a whole /24 in about a minute through its multi-threaded approach.

  89. Ridwan December 13, 2008 at 12:49 pm #

    Nice information, thanks dude!!