Announcement

Collapse
No announcement yet.

Need Help Hacking? Check this

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Need Help Hacking? Check this

    OK, so no help hacking here, but if you got this far: Stop, think, then read on.

    Here is a list of tools that frequently come up as useful Windows Security Kits:
    (per http://isc.sans.org/diary.php?date=2005-06-01)

    Antivirus Tools
    |-- McAfee Stinger (updated routinely)
    |-- Symantec AV Corporate Edition v9 (soon to be v10)
    |-- Microsoft Malware Removal Tool (released monthly)
    |-- Current Symantec AV Intelligent Updater

    ResponseKit
    |-- NetCat (available now at SecurityFocus)
    |-- SysInternals AccessEnum
    |-- SysInternals AutoRuns
    |-- SysInternals Contig
    |-- SysInternals DiskView
    |-- SysInternals FileMon
    |-- SysInternals ListDLLs
    |-- SysInternals Page Defrag
    |-- SysInternals ProcessExplorer
    |-- SysInternals PS Tools
    |-- SysInternals RegMon
    |-- SysInternals Rootkit Revealer
    |-- SysInternals Sdelete
    |-- SysInternals ShareEnum
    |-- SysInternals Sync
    |-- SysInternals TCPView
    |-- SysInternals Miscellaneous tools
    |-- Heysoft LADS
    |-- myNetWatchman SecCheck
    |-- Inetcat.org NBTScan
    |-- FoundStone BinText
    |-- FoundStone Forensic Toolkit
    |-- FoundStone Fport
    |-- FoundStone Galleta
    |-- FoundStone Pasco
    |-- FoundStone Rifuti
    |-- FoundStone Vision
    |-- FoundStone ShoWin
    |-- FoundStone SuperScan
    |-- WinDump
    |-- Nmap
    |-- Tigerteam.se SBD (encrypted netcat)
    |-- GNU based unxutils (from unixutils.sourceforge.net)
    |-- Good copies of windows binaries (netstat, cmd, ipconfig, nbtstat)


    Spyware Tools
    |-- AdAware (updated defs in same directory)
    |-- CWShredder
    |-- Hijack This
    |-- MS AntiSpyWare Beta
    |-- Spybot Search and Destroy (updated defs in same directory)
    |-- BHO Demon

    Security Tools (this is my usual place to dump the .zip or .exe installers)
    |-- Heysoft LADS (list alternate data streams)
    |-- Inetcat.org NBTScan
    |-- MS Baseline Security Analyzer
    |-- MS IIS Lockdown tool
    |-- Sam Spade
    |-- SSH Client (SSH.com or Putty)
    |-- SysInternals Tools
    |-- Foundstone Tools
    |-- BlackIce PC Protection
    |-- Kerio Personal Firewall
    |-- Zone Alarm Personal Firewall
    |-- WinPcap
    |-- WinDump
    |-- Ethereal Installer
    |-- Nmap for windows (cli version)

    Utilities
    |-- Adobe Acrobat Reader Installer
    |-- CPU-Z
    |-- FireFox Installer
    |-- Macromedia Flash and ShockWave Installers
    |-- Quicktime Standalone Installer
    |-- VNC Installer
    |-- Winzip Installer
    |-- ISCAlert

    Service Packs ( on a 2nd CD )
    |-- Windows XP SP2
    |-- Windows 2000 SP4 (+rpc/lsass critical patches or SRP when released)
    |-- Windows 2003 Server SP1
    "Never Underestimate the Power of Stupid People in Large Groups"

  • #2
    A very good list, I think it should be a sticky.
    "There are no failed experiments, only more data"

    Comment


    • #3
      What tools can I use? Per the CEH (Certified Ethical Hacker page) http://www.eccouncil.org/EC-Council%...se-outline.htm

      Module 2: Footprinting
      * Whois
      * Nslookup
      * ARIN
      * Traceroute
      * NeoTrace
      * VisualRoute Trace
      * SmartWhois
      * Visual Lookout
      * VisualRoute Mail Tracker
      * eMailTrackerPro

      Module 3: Scanning
      * Nmap
      * XMAS Scan
      * Null Scan
      * Windows Scan
      * Idle Scan
      * Nessus
      * Retina
      * Saint
      * HPing2
      * Firewalk
      * NIKTO
      * GFI Languard
      * ISS Security Scanner
      * Netcraft
      * IPsec Scan
      * NetScan Tools pro 2003
      * THC Scan
      * Friendly Pinger
      * Cheops
      * Security Administrator’s Tool for Analyzing Network (SATAN)
      * SAFEsuite Internet Scanner
      * IdentTCPScan
      * PortScan Plus
      * Strobe
      * XPROBE2


      Module 4: Enumeration
      * DumpSec
      * Winfo
      * Solarwinds
      * Enum
      * SNScan
      * User2sid and Sid2user
      * UserInfo
      * GetAcct
      * DumpReg
      * Trout
      * Winfingerprint
      * PsTools (PSFile,PSLoggedOn,PSGetSid,PSInfo,PSService,PSLis t,PSKill,
      * PSSuspend, PSLogList, PSExec, PSShutdown)

      Module 5: System Hacking
      * NTInfoScan (CIS)
      * LOphtcrack
      * pwdump2 and pwdump3
      * KerbCrack
      * NBTdeputy
      * NBName
      * John the Ripper
      * LAN Manager Hash
      * SMBGrind
      * SMBDie
      * GetAdmin
      * hk.exe
      * IKS Software Keylogger
      * Ghost Keylogger
      * Hardware Key Logger
      * Spyware Spector
      * eBlaster
      * DiSi-Steganograph
      * EZStego
      * Gif-It-Up v1.0
      * Gifshuffle
      * Hide and Seek
      * JPEG-JSTEG
      * MandelSteg and GIFExtract
      * Mp3Stego
      * Nicetext
      * Pretty Good Envelope
      * OutGuess
      * SecurEngine
      * Stealth
      * Snow
      * Steganography Tools 4
      * Steganos
      * Steghide
      * Stegodos
      * Stegonosaurus
      * StegonoWav
      * wbStego
      * Image Hide
      * MP3Stego
      * StegonoWav
      * Snow.exe
      * Camera/Shy
      * elsave.exe
      * WinZapper
      * Fu
      * Vanquish
      * Patchfinder 2.0

      Module 6: Trojans and Backdoors
      * Beast 2.06
      * Phatbot
      * Senna Spy
      * CyberSpy
      * Remote Encrypted Callback UNIX Backdoor (RECUB)
      * Amitis
      * QAZ
      * Back Orifice
      * Back Orifice 2000
      * Tini
      * NetBus
      * SubSeven
      * Netcat
      * Subroot
      * Let me Rule 2.0 Beta 9
      * Donald Dick
      * Graffiti.exe
      * EliteWrap
      * IconPlus
      * Restorator
      * Whack-a-mole
      * Firekiller 2000
      * BoSniffer
      * Wrappers
      * Packaging Tool : Wordpad
      * Hard Disk Killer (HDKP 4.0)
      * Loki Countermeasures
      * fPort
      * TCP View
      * Tripwire
      * Trojan horse Construction Kit
      * Anti-Trojan
      * Evading Anti-Trojan/Anti-Virus using Stealth Tools v 2.0

      Module 7: Sniffers
      * Ethereal
      * Dsniff
      * Sniffit
      * Aldebaran
      * Hunt
      * NGSSniff
      * Ntop
      * pf
      * IPTraf
      * Etherape
      * Netfilter
      * Network Probe
      * Maa Tec Network Analyzer
      * Snort
      * Macof, MailSnarf, URLSnarf, WebSpy
      * Windump
      * Etherpeek
      * Ettercap
      * SMAC
      * Mac Changer
      * Iris
      *NetIntercept
      * WinDNSSpoof
      * NetIntercept
      * TCPDump
      * Gobbler
      * ETHLOAD
      * Esniff
      * Sunsniff
      * Linux_sniffer
      * Sniffer Pro

      Module 8: Denial of Service
      * Smurf
      * Teardrop
      * Jolt2
      * Bubonic.c
      * Land and LaTierra
      * Targa
      * Trin00
      * Tribe Flow Network (TFN)
      * TFN2K
      * Stacheldraht
      * Shaft
      * Trinity
      *Knight
      *Mstream
      * Kaiten
      * ipgrep
      * tcpdstat
      * findoffer
      * DDoS Countermeasures
      * Defensive Tool: Zombie Zapper
      * Worms: Slammer and MyDoom.B
      "Never Underestimate the Power of Stupid People in Large Groups"

      Comment


      • #4
        Agreed, this should be sticky. Heres my contribution

        http://new.remote-exploit.org/index.php/Auditor_tools

        Its a live CD with a lot of the tools hackajar mentioned on it, plus a lot more. Useful for those that dont have their own toolkit or need something on the fly. I just like it because its got just about every public tool thats worth a crap on it. So i can use that and keep my personal/private tools on another disc.

        Also, it took some time for these guys to put this all together in order to save you time tracking these tools down from different sources, so make a donation if you like it (I'm not affiliated with this project, nor do I even know the people who are, I just am a firm believer in positive reinforcement)

        I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me

        Comment


        • #5
          better search

          ran a search on the forum looking for inputs on zone alarm security Suite, didn't find much, guess no one here uses such animal.
          Just flying the net keeping the mind a float, no old info please as in pre 05.

          Out Of The Inner Circle
          Hap
          Out Of The Inner Circle

          Comment


          • #6
            Originally posted by Pathogen
            ran a search on the forum looking for inputs on zone alarm security Suite, didn't find much, guess no one here uses such animal.
            Just flying the net keeping the mind a float, no old info please as in pre 05.

            Out Of The Inner Circle
            Hap
            The only thing I got was that astcell hates it.

            As far as "input", I assume you mean people's advice about it. Search for "Zone Alarm" and you will see many users, including moderators recommend using it in addition to other applications.
            Answering easy questions since 1987
            Si Dieu est pour moi, qui peut être contre moi?

            Comment


            • #7
              My meager contribution is a couple of steganography/steganalysis tools:

              JPHide
              JPSeek/JPFind
              Camouflage

              Also, I've found a pretty good ENIGMA simulator which might be of some use (coupled, for example, with a good steg tool) here: http://users.telenet.be/d.rijmenants/en/enigmasim.htm

              I don't know if there are any ENIGMA simulators for other operating systems, but I believe that JPSeek, JPFind, and JPHide all have *NIX binaries.
              (We now return you to your regularly scheduled programming. Please, feel free to ignore this post if you so desire.)

              Comment


              • #8
                Originally posted by noid
                Agreed, this should be sticky. Heres my contribution

                http://new.remote-exploit.org/index.php/Auditor_tools
                Nice cd. I've always been partial to the Knoppix STD, but after reading this thread starting looking for other options. One I've always wanted was a similar security cd but one that fit on a credit card cd. It would be just one more tool used in analysis.

                For instance, a site has extreme physical security measures and includes items like bag checking, policies concerning no USB keyfobs, no cds from home (recognizable by the bulky carrier), etc, etc. I haven't seen them open up a wallet and go through contents.
                Last edited by spahkle; July 18, 2005, 12:17. Reason: content
                “Bigamy is having one wife too many. Monogamy is the same.”

                Comment


                • #9
                  Originally posted by spahkle
                  Nice cd. I've always been partial to the Knoppix STD, but after reading this thread starting looking for other options. One I've always wanted was a similar security cd but one that fit on a credit card cd. It would be just one more tool used in analysis.

                  For instance, a site has extreme physical security measures and includes items like bag checking, policies concerning no USB keyfobs, no cds from home (recognizable by the bulky carrier), etc, etc. I haven't seen them open up a wallet and go through contents.
                  What about deep/cargo pockets on pants - would they search those, or would pants with that kind of pocket be banned from the site?

                  Just a thought - if pants with deep/cargo pockets aren't banned/searched, that might be another way to go (with the credit card CD as a backup).
                  (We now return you to your regularly scheduled programming. Please, feel free to ignore this post if you so desire.)

                  Comment


                  • #10
                    Originally posted by Macavity
                    What about deep/cargo pockets on pants - would they search those, or would pants with that kind of pocket be banned from the site?

                    Just a thought - if pants with deep/cargo pockets aren't banned/searched, that might be another way to go (with the credit card CD as a backup).
                    If you are going to a site where they do a pat down in addition to a metal detector, you might also be subject to a hard object scan where any type of solid object will flag the scanner.

                    Of course, if you are going through that much security, it's not out of the question for them to just take your clothes and gear, and issue you clothes to wear while on site along with whatever approved equipment.
                    Aut disce aut discede

                    Comment


                    • #11
                      Originally posted by AlxRogan
                      If you are going to a site where they do a pat down in addition to a metal detector, you might also be subject to a hard object scan where any type of solid object will flag the scanner.

                      Of course, if you are going through that much security, it's not out of the question for them to just take your clothes and gear, and issue you clothes to wear while on site along with whatever approved equipment.
                      Makes sense that really high-security places would do that sort of thing (like the Wildfire complex in Michael Crichton's The Andromeda Strain - good book, that).

                      Myself, I used to work at a tax-processing centre (until they renegotiated the payroll contract, and agreed to the "new background checks through ChoicePoint" clause even though they knew about ChoicePoint's shitty data security - and I do mean shitty, they should have been running background checks on their customers, not just for their customers, which likely would have stopped about half the identity thieves who conned ChoicePoint into giving them the data they needed to commit more identity thefts), and the security . . .

                      Well, let's just say that I wasn't terribly impressed, yeah?
                      (We now return you to your regularly scheduled programming. Please, feel free to ignore this post if you so desire.)

                      Comment


                      • #12
                        Originally posted by Macavity
                        Makes sense that really high-security places would do that sort of thing (like the Wildfire complex in Michael Crichton's The Andromeda Strain - good book, that).

                        Myself, I used to work at a tax-processing centre
                        At this point in the post, I expected something relevant, something from experience entering hardened facilities with possible physical penetration testing, or even something relevant to Security tools used in auditing. Instead...
                        Originally posted by Macavity
                        (until they renegotiated the payroll contract, and agreed to the "new background checks through ChoicePoint" clause even though they knew about ChoicePoint's shitty data security - and I do mean shitty, they should have been running background checks on their customers, not just for their customers, which likely would have stopped about half the identity thieves who conned ChoicePoint into giving them the data they needed to commit more identity thefts), and the security . . .

                        Well, let's just say that I wasn't terribly impressed, yeah?
                        Is there anything from your 'work' at the a tax-processing center that would be relevant to the current topic? I truly am interested what kind of controls a financial center with critical data like that might have (considering of course that they are subjected already to the normal federal 'policies' and such).
                        “Bigamy is having one wife too many. Monogamy is the same.”

                        Comment


                        • #13
                          These are really good lists of most penetration testers..Nice one
                          Fight for what you think is Right

                          Comment


                          • #14
                            Nice tools im just wondering where can i get this tools. Some of the auditing tools and security tools are in the freebsd ports some are not so do you guys mind telling us where to get this tools
                            Fight for what you think is Right

                            Comment


                            • #15
                              I know this is a no-brainer but this *is*a newbie type thread...
                              http://www.insecure.org/tools.html
                              A meager contribution.

                              Al
                              "Are my pants...threatening you?"

                              Comment

                              Working...
                              X