Awareness and Training Awareity MOAT
www.awareity.com
Birch Systems Privacy Posters
www.privacyposters.com
Greenidea Visible Statement
www.greenidea.com
Interpact, Inc. Awareness Resources
www.thesecurityawarenesscompany.com
NIST resources
http://csrc.nist.gov/ATE
SANS Security Awareness Program
www.sans.org/awareness/awareness.php
Security Awareness, Inc. Awareness Resources
www.securityawareness.com
Bluetooth BlueScanner
www.networkchemistry.com/products/bluescanner.php
Bluesnarfer
www.alighieri.org/tools/bluesnarfer.tar.gz
BlueSniper rifle
www.tomsnetworking.com/2005/03/08/how_to_bluesniper_pt
Blooover
http://trifinite.org/trifinite_stuff_blooover.html
Bluejacking community site
www.bluejackq.com
Detailed presentation on the various Bluetooth attacks
http://trifinite.org/Downloads/21c3_Bluetooth_Hacking.pdf
NIST Special Publication 800-48
http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf
Certifications Certified Ethical Hacker
www.eccouncil.org/CEH.htm
Dictionary Files and Word Lists ftp://ftp.cerias.purdue.edu/pub/dictftp://ftp.ox.ac.uk/pub/wordlists
http://packetstormsecurity.nl/Crackers/wordlists
www.outpost9.com/files/WordLists.html
Default vendor passwords
www.cirt.net/cgi-bin/passwd.pl
Exploit Tools CORE IMPACT
www.coresecurity.com
Metasploit
www.metasploit.com/projects/Framework
General Research Tools AfriNIC
www.afrinic.net
APNIC
www.apnic.net
ARIN
www.arin.net/whois/index.html
CERT/CC Vulnerability Notes Database
www.kb.cert.org/vuls
ChoicePoint
www.choicepoint.com
Common Vulnerabilities and Exposures
http://cve.mitre.org/cve
DNSstuff.com
www.DNSstuff.com
Google
www.google.com
Government domains
www.dotgov.gov
Hoover's business information
www.hoovers.com
LACNIC
www.lacnic.net
Military domains
www.nic.mil/dodnic
NIST National Vulnerability Database
http://nvd.nist.gov
RIPE Network Coordination Centre
www.ripe.net/whois
Sam Spade
www.samspade.org
SecurityTracker
http://securitytracker.com
Switchboard.com
www.switchboard.com
U.S. Patent and Trademark Office
www.uspto.gov
U.S. Search.com
www.ussearch.com
U.S. Securities and Exchange Commission
www.sec.gov/edgar.shtml
Whois.org
www.whois.org
Yahoo! Finance site
http://finance.yahoo.com
Hacker Stuff 2600 @@md The Hacker Quarterly magazine
www.2600.com
Blacklisted 411
www.blacklisted411.net
Computer Underground Digest
www.soci.niu.edu/~cudigest
Hacker T-shirts, equipment, and other trinkets
www.thinkgeek.com
Honeypots: Tracking Hackers
www.tracking-hackers.com
The Online Hacker Jargon File
www.jargon.8hz.com
PHRACK
www.phrack.org
Linux Amap
http://packages.debian.org/unstable/net/amap
Bastille Linux Hardening Program
www.bastille-linux.org
BackTrack
www.remote-exploit.org/index.php/BackTrack
Comprehensive listing of live bootable Linux toolkits
www.frozentech.com/content/livecd.php
Debian Linux Security Alerts
www.debian.org/security
Linux Administrator's Security Guide
www.seifried.org/lasg
Linux Kernel Updates
www.linuxhq.com
Linux Security Auditing Tool (LSAT)
http://usat.sourceforge.net
Metasploit
www.metasploit.com
Network Security Toolkit
www.networksecuritytoolkit.org
Red Hat Linux Security Alerts
www.redhat.com/securityupdates
Security Tools Distribution
http://s-t-d.org
Slackware Linux Security Advisories
www.slackware.com/security
SUSE Linux Security Alerts
www.suse.com/us/business/security.html
Tiger
ftp://ftp.debian.org/debian/pool/main/t/tiger
VLAD the Scanner
www.bindview.com/Services/RAZOR/Utilities/Unix_Linux/vlad.cfm
Log Analysis ArcSight Enterprise Security Manager
www.arcsight.com/product.htm
GFI LANguard Security Event Log Monitor
www.gfi.com/lanselm
Internet Security Systems Managed Services
www.iss.net/products_services/managed_services
LogAnalysis.org system logging resources
www.loganalysis.org
Malware chkrootkit
www.chkrootkit.org
EICAR Anti-Virus test file
www.eicar.org/anti_virus_test_file.htm
The File Extension Source
http://filext.com
McAfee AVERT Stinger
http://vil.nai.com/vil/stinger
Rkdet
http://vancouver-webpages.com/rkdet
Wotsit's Format
www.wotsit.org
Messaging Abuse.net SMTP relay checker
www.abuse.net/relay.html
Brutus
http://securitylab.ru/_tools/brutus-aet2.zip
Cain and Abel
www.oxid.it/cain.html
DNSstuff.com relay checker
www.dnsstuff.com
GFI e-mail security test
www.gfi.com/emailsecuritytest
How to disable SMTP relay on various e-mail servers
www.mail-abuse.com/an_sec3rdparty.html
mailsnarf
www.monkey.org/~dugsong/dsniff or
www.datanerds.net/~mike/dsniff.html for the Windows version
Sam Spade for Windows
www.samspade.org/ssw
smtpscan
www.greyhats.org/?smtpscan
NetWare Adrem Freecon
www.adremsoft.com
Craig Johnson's BorderManager resources
http://nscsysop.hypermart.net
JRB Software
www.jrbsoftware.com
NCPQuery
www.bindview.com/resources/razor/files/ncpquery-1.2.tar.gz
NetServerMon
www.simonsware.com/Products.shtml
Novell Product Updates
http://support.novell.com/filefinder
Pandora
www.nmrc.org/project/pandora
Rcon program
http://packetstormsecurity.nl/Netware/penetration/rcon.zip
Remote
www.securityfocus.com/data/vulnerabilities/exploits/Remote.zip
UserDump
www.hammerofgod.com/download/userdump.zip
Networks Cain and Abel
www.oxid.it/cain.html
CommView
www.tamos.com/products/commview
dsniff
www.monkey.org/~dugsong/dsniff
Essential NetTools
www.tamos.com/products/nettools
Ethereal network analyzer
www.ethereal.com
EtherPeek
www.wildpackets.com/products/etherpeek/overview
ettercap
http://ettercap.sourceforge.net
Firewalk
www.packetfactory.net/firewalk
Getif
www.wtcs.org/snmp4tpc/getif.htm
GFI LANguard Network Scanner
www.gfi.com/lannetscan
GNU MAC Changer
www.alobbs.com/macchanger
IETF RFCs
www.rfc-editor.org/rfcxx00.html
LanHound
www.sunbelt-software.com/LanHound.cfm
MAC address vendor lookup
http://standards.ieee.org/regauth/oui/index.shtml
Nessus vulnerability scanner
www.nessus.org
Netcat
www.vulnwatch.org/netcat/nc111nt.zip
NetScanTools Pro all-in-one network testing tool
www.netscantools.com
Nmap port scanner
www.insecure.org/nmap
NMapWin
http://sourceforge.net/projects/nmapwin
Port number listing
www.iana.org/assignments/port-numbers
Port number lookup
www.cotse.com/cgi-bin/port.cgi
QualysGuard vulnerability assessment tool
www.qualys.com
SNMPUTIL
www.wtcs.org/snmp4tpc/FILES/Tools/SNMPUTIL/SNMPUTIL.zip
Sunbelt Network Security Inspector
www.sunbelt-software.com/SunbeltNetworkSecurityInspector.cfm
SuperScan port scanner
www.foundstone.com/resources/proddesc/superscan.htm
TrafficIQ Pro
www.karalon.com
WhatIsMyIP
www.whatismyip.com
Password Cracking BIOS passwords
http://labmice.techtarget.com/articles/BIOS_hack.htm
Brutus
http://securitylab.ru/_tools/brutus-aet2.zip
Cain and Abel
www.oxid.it/cain.html
Chknull
www.phreak.org/archives/exploits/novell/chknull.zip
Crack
ftp://coast.cs.purdue.edu/pub/tools/unix/pwdutils/crack
Elcomsoft Distributed Password Recovery
www.elcomsoft.com/edpr.html
John the Ripper
www.openwall.com/john
Ophcrack
www.objectif-securite.ch/ophcrack
Proactive Password Auditor
www.elcomsoft.com/ppa.html
Proactive System Password Recovery
www.elcomsoft.com/pspr.html
pwdump3
www.openwall.com/passwords/dl/pwdump/pwdump3v2.zip
NetBIOS Auditing Tool
www.securityfocus.com/tools/543
NTAccess
www.mirider.com/ntaccess.html
RainbowCrack
www.antsight.com/zsl/rainbowcrack
RainbowCrack-Online
www.rainbowcrack-online.com
Rainbow tables
http://rainbowtables.shmoo.com
TSGrinder
www.hammerofgod.com/download/tsgrinder-2.03.zip
WinHex
www.winhex.com
Patch Management BigFix Enterprise Suite Patch Management
www.bigfix.com/products/patch.html
Ecora Patch Manager
www.ecora.com/ecora/products/patchmanager.asp
GFI LANguard Network Security Scanner
www.gfi.com/lannetscan
HFNetChkPro from Shavlik Technologies
www.shavlik.com/product_cat_patch_mang.aspx
Patch Authority Plus
www.scriptlogic.com/products/patchauthorityplus
PatchLink
www.patchlink.com
SysUpdate
www.securityprofiling.com
UpdateEXPERT from St. Bernard Software
www.stbernard.com/products/updateexpert/products_updateexpert.asp
Windows Server Update Services from Microsoft
www.microsoft.com/windowsserversystem/updateservices/default.mspx
Source Code Analysis Compuware
www.compuware.com/products/devpartner/securitychecker.htm
Fortify Software
www.fortifysoftware.com
Klocwork
www.klocwork.com
Ounce Labs
www.ouncelabs.com
SPI Dynamics
www.spidynamics.com/products/devinspect/index.html
Security Standards Center for Internet Security's Benchmarks/Scoring Tools
www.cisecurity.org
NIST Special Publications
http://csrc.nist.gov/publications/nistpubs/index.html
Open Source Security Testing Methodology Manual
www.isecom.org/osstmm
SANS Step-by-Step Guides
http://store.sans.org
Security Education Kevin Beaver's Security on Wheels podcasts and information security training resources
www.securityonwheels.com
Privacy Rights Clearinghouse's Chronology of Data Breaches Reported Since the ChoicePoint Incident
www.privacyrights.org/ar/ChronDataBreaches.htm
Storage CHAP Password Tester
www.isecpartners.com/tools.html#CPT
CIFSShareBF
www.isecpartners.com/SecuringStorage/CIFShareBF.zip
GrabiQNs
www.isecpartners.com/SecuringStorage/GrabiQNs.zip
NASanon
www.isecpartners.com/SecuringStorage/NASanon.zip
StorScan
www.isecpartners.com/tools.html#StorScan
Risk Analysis and Threat Modeling SecureITree
www.amenaza.com
Software Engineering Institute's OCTAVE methodology
www.cert.org/octave
Voice over IP Cain and Abel
www.oxid.it/cain.html
NIST's SP800-58 document
http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf
PROTOS
www.ee.oulu.fi/research/ouspg/protos
SearchVoIP.com
http://searchvoip.techtarget.com
SIP Forum Test Framework
www.sipfoundry.org/sftf/index.html
sipsak
http://sipsak.org
SiVuS
www.vopsecurity.org/html/tools.html
vomit
http://vomit.xtdnet.nl
War Dialing Sandstorm Enterprises PhoneSweep
www.sandstorm.net/products/phonesweep
Sandstorm Enterprises Sandtrap wardialing honepot
www.sandstorm.net/products/sandtrap
THC-Scan
http://packetstormsecurity.org/groups/thc/thc-ts201.zip
ToneLoc
www.securityfocus.com/data/tools/auditing/pstn/tl110.zip
Web Applications and Databases 2600's Hacked Pages
www.2600.com/hacked_pages
Acunetix Web Vulnerability Scanner
www.acunetix.com
AppDetective
www.appsecinc.com/products/appdetective
Brutus
http://securitylab.ru/_tools/brutus-aet2.zip
HTTrack Website Copier
www.httrack.com
Foundstone's Hacme Tools
http://www.foundstone.com/resources/s3i_tools.htm
Google Hacking Database
http://johnny.ihackstuff.com/index.php?module=prodreviews
Netcraft
www.netcraft.com
NGSSquirrel
www.ngssoftware.com/software.htm
N-Stealth Security Scanner
www.nstalker.com/eng/products/nstealth
Paros Proxy
www.parosproxy.org
Pete Finnigan's listing of Oracle scanning tools
www.petefinnigan.com/tools.htm
Port 80 Software's ServerMask
www.port80software.com/products/servermask
Port 80 Software's Custom Error
www.port80software.com/products/customerror
SiteDigger
www.foundstone.com/resources/proddesc/sitedigger.htm
SQLPing2 and SQLRecon
www.sqlsecurity.com/Tools/FreeTools/tabid/65/Default.aspx
WebInspect
www.spidynamics.com/products/webinspect/index.html
WebGoat
www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Windows CORE IMPACT
www.coresecurity.com
DumpSec
www.somarsoft.com
Effective File Search
www.sowsoft.com/search.htm
FileLocator Pro
www.mythicsoft.com/filelocatorpro
Legion
http://packetstormsecurity.nl/groups/rhino9/legionv21.zip
Metasploit
www.metasploit.com
Microsoft Baseline Security Analyzer
www.microsoft.com/technet/security/tools/mbsahome.mspx
Microsoft TechNet Security Center
www.microsoft.com/technet/security/Default.asp
Network Users
www.optimumx.com/download/netusers.zip
Rpcdump
www.bindview.com/Services/RAZOR/Utilities/Windows/rpctools1.0-readme.cfm
SMAC MAC address changer
www.klcconsulting.net/smac
Vision
www.foundstone.com/knowledge/proddesc/vision.html
Walksam
www.bindview.com/Services/RAZOR/Utilities/Windows/rpctools1.0-readme.cfm
Winfo
www.ntsecurity.nu/toolbox/winfo
Wireless Networks Aircrack
http://freshmeat.net/projects/aircrack
AirMagnet Laptop Analyzer
www.airmagnet.com/products/laptop.htm
AiroPeek SE
www.wildpackets.com/products/airopeek/airopeek_se/overview
AirSnort
http://airsnort.shmoo.com
Cantenna war-driving kit
http://mywebpages.comcast.net/hughpep
CommView for Wi-Fi
www.tamos.com/products/commwifi
Digital Hotspotter
www.canarywireless.com
Homebrew WiFi antenna
www.turnpoint.net/wireless/has.html
KisMAC
http://kismac.binaervarianz.de
Kismet
www.kismetwireless.net
Lucent Orinoco Registry Encryption/Decryption program
www.cqure.net/tools.jsp?id=3
NetStumbler
www.netstumbler.com
OmniPeek
www.wildpackets.com/products/omni/overview/omnipeek_analyzers
RFprotect Mobile
www.networkchemistry.com/products/rfprotectmobile.php
SeattleWireless HardwareComparison page
www.seattlewireless.net/index.cgi/HardwareComparison
Security of the WEP Algorithm
www.isaac.cs.berkeley.edu/isaac/wep-faq.html
The Unofficial 802.11 Security Web Page
www.drizzle.com/~aboba/IEEE
Wellenreiter
www.wellenreiter.net
WiGLE database of wireless networks at
www.wigle.net
www.wifimaps.com
www.wifinder.com
WinAirsnort
http://winairsnort.free.fr/
Wireless Vulnerabilities and Exploits
www.wirelessve.org
WPA Cracker
www.tinypeap.com/html/wpa_cracker.html
Selasa, 11 Maret 2008
Draft Hacking
Langganan:
Posting Komentar (Atom)
0 coment-ar:
Posting Komentar