Date post: | 01-Jun-2018 |
Category: |
Documents |
Upload: | repentchristian |
View: | 222 times |
Download: | 3 times |
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 1/26
Hacking Tools RepositoryHere is a list of security tools that have been collected from the internet. These
tools are specifically aimed toward security professionals and
enthusiasts/hobbyists for testing and demonstrating security weaknesses.
These tools are created for the sole purpose of security awareness andeducation, they should not be used against systems that you do not have
permission to test/attack. You could end up in jail.
ost of the tools are open source/free with a couple of e!ceptions, before
using any tools, " recommend that you read the instructions/documentationavailable on each of the individual tool#s websites. $lthough some of the tools
could be listed in more than one category, they only appear in the list only
once, under its primary category.
"f you have suggestions or links to tools/scripts to submit, please do, you canfork, edit, send a pull re%uest or you can leave a comment on the wiki page
here, your name or github page will be credited.
https&//github.com/'e!os/hacking(tools(repository/wiki)*asswords )+canning )+niffer )numeration )-etworking Tools )ireless
)luetooth )eb +canners )0atabase )1uln +canners )1uln $pps )2ive 30
*asswords
3ain 4 $bel
3ain 4 $bel is a password recovery toolfor icrosoft 5perating +ystems. "tallows easy recovery of various kind of
passwords by sniffing the network.
3ache0ump
3ache0ump, licensed under the '*2,
demonstrates how to recover cache
entry information& username and+3$+H.
6ohn the Ripper
6ohn the Ripper is a fast password
cracker, currently available for manyflavors of 7ni! 899 are officially
supported, not counting different
architectures:, indows, 05+, e5+,and 5pen1+.
;+3rack '7" for 6ohn the Ripper. ;+3rack is a
front end for 6ohn the Ripper 86tR: thatprovides a graphical user interface
8'7": for access to most of 6tR<s
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 2/26
functions.
Hydra
$ very fast network logon cracker whichsupport many different services.-umber
one of the biggest security holes arepasswords, as every password security
study shows.
keimp!
keimp! is an open source tool, releasedunder a modified version of $pache
2icense 9.9. "t can be used to %uicklycheck for the usefulness of credentials
across a network over +.
edusa
edusa is intended to be a speedy,
massively parallel, modular, login brute(forcer. The goal is to support as many
services which allow remoteauthentication as possible.
-crack
-crack is a high(speed network
authentication cracking tool. "t was builtto help companies secure their networks
by proactively testing all their hosts and
networking devices for poor passwords.
5phcrack
5phcrack is a indows passwordcracker based on rainbow tables. "t is a
very efficient implementation ofrainbow tables done by the inventors of
the method.
Rainbow3rackRainbow3rack is a general proposeimplementation of *hilippe 5echslin#s
faster time(memory trade(off techni%ue.
phrasen=drescher
phrasen=drescher 8p=d: is a modularand multi processing pass phrase
cracking tool. "t comes with a number of
plugins but a simple plugin $*" allowsan easy development of new plugins.
23*
ain purpose of 23* program is useraccount passwords auditing andrecovery in indows
-T/>???/@*/>??A.
3runch
3runch is a wordlist generator whereyou can specify a standard character set
or a character set you specify. crunch
can generate all possible combinationsand permutations.
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 3/26
;crackBip
-aturally, programs are born out of anactual need. The situation with fcrackBip
was no different... "#m not using Bip verymuch, but recently " needed a password
cracker.
numia!
num"$@ is an "nter $sterisk !changeversion > 8"$@>: protocol username
brute(force enumerator. enum"$@ may
operate in two distinct modesC+e%uential 7sername 'uessing or
0ictionary $ttack.
yd
wyd.pl was born out of those two ofsituations& 9. $ penetration test should
be performed and the default wordlistdoes not contain a valid password. >.
0uring a forensic crime investigation a
password protected file must be openedwithout knowing the the password.
ruter
ruter is a parallel network login brute(
forcer on inA>. This tool is intended todemonstrate the importance of choosing
strong passwords. The goal of ruter is
to support a variety of services thatallow remote authentication.
The ssh
bruteforcer
"s a tool to perform dictionary attacks tothe ++H servers, it#s a simple tool, you
set the target server, target account,wordlist, port and wait..
2odowep
2odowep is a tool for analyBingpassword strength of accounts on a
2otus 0omino webserver system. Thetool supports both session( and basic(
authentication.
++Hatter
++Hatter uses a brute force techni%ue todetermine how to log into an ++H
server. "t rigorously tries eachcombination in a list of usernames andpasswords to determine which ones
successfully log in.
Top
+canning
$map $map is a ne!t(generation scanning tool,which identifies applications and services
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 4/26
even if they are not listening on thedefault port by creating a bogus(
communication and analyBing theresponses.
0r.orena
0r.orena is a tool to confirm the rule
configuration of a ;irewall. Theconfiguration of a ;irewall is done by
combining more than one rule.
;irewalk
;irewalk is an active reconnaissancenetwork security tool that attempts to
determine what layer D protocols a given
"* forwarding device will pass. ;irewalkworks by sending out T3* or 70* packets
with a TT2 one greater than the targetedgateway.
-etcat
-etcat is a featured networking utility
which reads and writes data acrossnetwork connections, using the T3*/"*protocol. "t is designed to be a reliable
Eback(endE tool that can be used directlyor easily driven by other programs and
scripts.
"ke +can
"ke(scan is a command(line tool that usesthe "F protocol to discover, fingerprint
and test "*+ec 1*- servers. "t is availablefor 2inu!, 7ni!, ac5+ and indows
under the '*2 license.
-map
-map 8#-etwork apper#: is a free open
source utility for network e!ploration orsecurity auditing. "t was designed to
rapidly scan large networks, although itworks fine against single hosts.
Genmap
Genmap is the official -map +ecurity
+canner '7". "t is a multi(platform 82inu!,indows, ac 5+ @, +0, etc.
5nesi!tyone
onesi!tyone is an +-* scanner which
utiliBes a sweep techni%ue to achieve very
high performance. "t can scan an entireclass network in under 9A minutes.
+uper+can D
*owerful T3* port scanner, pinger,
resolver. +uper+can D is an update of thehighly popular indows port scanning
tool, +uper+can
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 5/26
$utoscan
$uto+can(-etwork is a network scanner8discovering and managing application:.
-o configuration is re%uired to scan yournetwork. The main goal is to print the list
of connected e%uipments in your network.
Fnocker
Fnocker is a simple and easy to use T3*security port scanner written in 3 to
analyBe hosts and all of the different
services started on them.
-sat
-+$T is a robust scanner which is
designed for& 0ifferent kinds of wide(
ranging scans, keeping stable for days.+canning on multi(user bo!es 8local
stealth and non(priority scanningoptions:.
5utput*-6
*-6 is a suite of tools to monitor changes
on a network over time. "t does this bychecking for changes on the targetmachine8s:, which includes the details
about the services running on them aswell as the service state.
+can*-6
+can*-6 performs an -map scan and
then stores the results in a database. The+can*-6 stores information about the
machine that has been scanned. +can*-6stores the "* $ddress, 5perating +ystem,
Hostname and a localhost bit.
glypeahead
y default the 'lype pro!y script has few
restrictions on what hosts/ports can beaccessed through it. "n addition, the pro!y
script normally displays all c7R2(relatederror messages.
7nicornscan
7nicornscan is a new information
gathering and correlation engine built forand by members of the security research
and testing communities.
T3* ;ast +can
$ very very fast tcp port scanner for linu!.
Runs very %uickly. 3an scan a lot ofhosts / ports ranges at a time.
ulti ThreadedT3* *ort
+canner A.?
This tool could be used to scan ports of
certain "*. "t also could describe each portwith standard name 8well(known and
registered ports:.
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 6/26
ing+weeper
ing+weeper is a network reconnaissancetool designed to facilitate large address
space,high speed node discovery andidentification.
7map87*-*ap:
7map 87*-* ap: attempts to scan open
T3* ports on the hosts behind a 7*-*enabled "nternet 'ateway 0evice8"'0:
-$T.
+end"*
+end"* has a large number of commandline options to specify the content of every
header of a -T*, '*, R"*, R"*ng, T3*,
70*, "3* or raw "*vD and "*vI packet."t also allows any data to be added to the
packet.
*ort+entry
The +entry tools provide host(levelsecurity services for the 7ni! platform.
*ort+entry, 2ogcheck/2og+entry, andHost+entry protect against portscans,automate log file auditing, and detect
suspicious login activity on a continuousbasis.
3urr*orts
3urr*orts will display the list of all
currently opened T3*/"* and 70* portson your *3. ;or each port in the list,
information about the process that openedthe port is also displayed.
-scan
-+can itself is a port scanner, which uses
connect8: method to find the list of the
host#s open ports. The difference from themost of other portscanners is it#s
fle!ibility and speed.
-etwork$ctiv
+can
-etwork$ctiv *ort +canner is a networke!ploration and administration tool that
allows you to scan and e!plore internal2$-s and e!ternal $-s.
lues *ort+canner
$ good port scanner is just one of the
basic tools anyone who is seriously
interested in the internet needs. Thelues*ort+can is, i think, the fastest
scanner for A>it windows which you canfound in the net.
Gap Gap is an open(source network scanner
that enables researchers to easily perform"nternet(wide network studies. ith a
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 7/26
single machine and a well provisionednetwork uplink, Gap is capable of
performing a complete scan of the "*vDaddress space in under DJ minutes,
approaching the theoretical limit of gigabitthernet.
subdomain(bruteforcer
+ubdomain(bruteforcer is a multi(
threaded python tool for enumerating
subdomains from a dictionary file.*articularily useful for finding admin
panels or other dodgy web practices.
ircsnapshot
"rcsnapshot is a python tool that connectsa bot to a server in order to fetch users#
hostmasks, names, and channelaffiliationsC also supports the creation of a
world map using the scraped data. 7seful
for reconnaissance on a "R3 server full ofsuspected bots. +upports +53F+ and T5R.
Top
+niffer
ireshark
ireshark is used by network professionals
around the world for troubleshooting,analysis, software and protocol
development, and education.
3haosreader
$ freeware tool to trace T3*/70*/...sessions and fetch application data from
snoop or tcpdump logs. This is a type of
Eany(snarfE program, as it will fetch telnetsessions, ;T* files, HTT* transfers 8HT2,
'";, 6*', ...:, +T* emails, ... from thecaptured data inside network traffic logs.
dsniff
dsniff is a collection of tools for network
auditing and penetration testing. dsniff,
filesnarf, mailsnarf, msgsnarf, urlsnarf, and
webspy passively monitor a network forinteresting data.
ttercap
ttercap is a suite for man in the middle
attacks on 2$-. "t features sniffing of live
connections, content filtering on the fly andmany other interesting tricks.
-etworkine
r
-etworkiner is a -etwork ;orensic
$nalysis Tool 8-;$T: for indows.-etworkiner can be used as a passive
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 8/26
network sniffer/packet capturing tool inorder to detect operating systems, sessions,
hostnames, open ports etc.
Raw3apRaw3ap is a free command line networksniffer for indows that uses raw sockets.
+pike pro!y
-ot all web applications are built in the
same ways, and hence, many must beanalyBed individually. +*"F *ro!y is a
professional(grade tool for looking forapplication(level vulnerabilities in web
applications.
Tcpdump
Tcpdump prints out the headers of packets
on a network interface that match theboolean e!pression.
Tcpreplay
Tcpreplay is a suite of +0 licensed tools
written by $aron Turner for 7-"@ 8andinA> under 3ygwin: operating systems
which gives you the ability to use previouslycaptured traffic in libpcap format to test a
variety of network devices
*irni +niffer
*irni is the worlds first native network
sniffer for i*hone. The i*hone#s wifi hassome major drawbacks in it#s hardware
design, thus we can not properly set thedevice in promiscious mode.
7fasoft +nif
7fasoft +nif is a network sniffer, designedfor capturing and analysis of the packetsgoing through the network. 7sing the
packet driver, it re%uests all the packetsfrom the network card driver 8even the
packets not addressed to this computer:.
Top
numeration
dnsenumThe purpose of 0nsenum is to gather asmuch information as possible about adomain.
0ump+ec+omar+oft#s 0ump+ec is a security auditing
program for icrosoft indows -T/@*/>??!.
20$*
rowser
20$* rowser is a premier indows!plorer(like 20$* 0irectory client available
for inA> platforms.
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 9/26
-Tnum
-et"5+ numeration 7tility 8-Tnum: is autility for indows that can be used to
enumerate -et"5+ information from onehost or a range of hosts.
nbtscan
This tool that scans for open -T"5+
nameservers on a local or remote T3*/"*network, and this is a first step in finding of
open shares.
wmi client
This 035/" client implementation isbased on +ambaD sources. "t uses
R*3/035 mechanisms to interact with "
services on indows >???/@*/>??Amachines.
0nsmap
0nsmap is mainly meant to be used by
pentesters during the informationgathering/enumeration phase of
infrastructure security assessments.
0nsrecon
" wrote this tool back in late >??I and it hasbeen my favorite tool for enumeration thru
0-+, in great part because " wrote it and it
gives the output in a way that " canmanipulate it in my own style. 5ne of the
features that " used the most and gave mee!cellent results is the +R1 record
enumeration.
0nstracer0nstracer determines where a given 0omain-ame +erver 80-+: gets its information
from, and follows the chain of 0-+ servers
back to the servers which know the data.
Top
-etworkingTools
fragroutefragroute intercepts, modifies, and rewrites
egress traffic destined for a specified host.
hpinghping is a command(line oriented T3*/"*packet assembler/analyBer.
+capy
+capy is a powerful interactive packet
manipulation program. "t is able to forge ordecode packets of a wide number of
protocols, send them on the wire, capturethem, match re%uests and replies, and much
more.
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 10/26
+tunnel
The stunnel program is designed to work asan ++2 encryption wrapper between remote
client and local 8inetd(startable: or remoteserver.
tcptraceroute
tcptraceroute is a traceroute
implementation using T3* packets. Themore traditional traceroute8K: sends out
either 70* or "3* 3H5 packets with a TT2
of one, and increments the TT2 until thedestination has been reached.
tracetcp
tracetcp is a command line traceroute utility
for "-A> that uses T3* +Y- packets ratherthan "3*/70* packets that the usual
implementations use, thus bypassinggateways that block traditional traceroute
packets.
Yersinia
Yersinia is a network tool designed to takeadvantage of some weakeness in differentnetwork protocols. "t pretends to be a solid
framework for analyBing and testing thedeployed networks and systems.
-emesis
-emesis is a command(line network packet
crafting and injection utility for 7-"@(likeand indows systems. -emesis, is well
suited for testing -etwork "ntrusion0etection +ystems, firewalls, "* stacks and
a variety of other tasks. $s a command(linedriven utility, -emesis is perfect forautomation and scripting.
Top
ireless
$ircrack(ng
$ircrack is an K?>.99 * and *$(*+F
keys cracking program that can recover
keys once enough data packets have been
captured.
Fismet
Fismet is an K?>.99 layer> wirelessnetwork detector, sniffer, and intrusion
detection system. Fismet will work with
any wireless card which supports rawmonitoring 8rfmon: mode, and can sniff
K?>.99b, K?>.99a, and K?>.99g traffic.
-et+tumbler -et+tumbler delivers a tool that helps youdetect K?>.99 a/b/g 2$- standards.
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 11/26
hile wardriving is its main use, theapplication also facilitates the verifying of
network configurations.
$ir'rab i;i
Radar
$ir'rab i;i Radar is a tool to displayinformation about $pple $irport base
stations and other i;i 8K?>.99b/g/n:wireless access points.
$irobile agent
3lient application is downloaded in to your
*0$ or indows cellular *hone where itwill run in %uite mode in the background.
"f the application finds a rouge access
point it will investigate the $* and see if itposed a direct threat to your network.
$irRadar >
$irRadar allows you to scan for open
networks and tag them as favourites orfilter them out. 1iew detailed network
information, graph network signalstrength, and automatically join the bestopen network in range.
i+tumbler
i+tumbler is the leading wireless discovery
tool for ac 5+ @, providing plugins forfinding $ir*ort networks, luetooth
devices, onjour services and 2ocationinformation with your ac.
Fis$3
Fis$3 is an open(source and free
sniffer/scanner application for ac 5+ @."t has an advantage over ac+tumbler /
i+tumbler / -et+tumbler in that it uses
monitor mode and passive scanning.
irelesson
irelesson is a software tool that allows
users to monitor the status of wireless
i;i adapter8s: and gather informationabout nearby wireless access points and
hot spots in real time.
1istumbler
1istumbler is a wireless network scannerwritten in $uto"T for 1ista, indows L,
and indows K. i;i0 is a database
written in php to store 1istumbler 1+9files. Feeps track of total access points
w/gps, maps to kml, signal graphs,statistics, and more.
ave+tumbler ave+tumbler is console based K?>.99
network mapper for 2inu!. "t reports thebasic $* stuff like channel, *, ++"0,
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 12/26
$3 etc.
@irrus i(;i"nspector
@irrus i(;i "nspector is a powerful toolfor managing and troubleshooting the i(
;i on a indows @* +*> or later, 1ista, orL laptop. uilt in tests enable you to
characteriBe the integrity andperformance of your i(;i connection.
$iragnet 1o;i$nalyBer
$iragnet 1o;i $nalyBer is the industry<s
only solution for troubleshooting voice(over(2$- problems in the field. 1o;i
$nalyBer provides full analysis of
encrypted 2$- traffic, scoring all calls interms of call %uality and proactively
identifying all types of problems includingphone issues, roaming issues, Mo+ issues,
and R;.
$irpwn
$irpwn is a framework for K?>.998wireless: packet injection. $irpwn listensto incoming wireless packets, and if the
data matches a pattern specified in theconfig files, custom content is injected
EspoofedE from the wireless access point.
;rom the perspective of the wirelessclient, airpwn becomes the server.
ifi+canner
ifi+canner is a tool that has beendesigned to discover wireless node 8i.e
access point and wireless clients:. "t isdistributed under the '*2 2icense. "t workwith 3"+35N card and prism card with
hostap driver or wlan(ng driver, prismJDg,Hermes/5rinoco, $theros, 3entrino, ... $n
"0+ system is integrated to detect
anomaly like $3 usurpation.
Top
luetooth
Haraldscan
$ luetooth +canner for 2inu! and ac 5+ @.Harald +can is able to determine ajor and
inor device class of device, as well as
attempt to resolve the device#s $3 addressto the largest known luetooth $3 address
1endor list.
;T+DT ;rontline ;T+DT luetooth *rotocol $nalyBer.
0evelopers and test engineers rely on ;T+DT
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 13/26
to get them through the design, debug, test,verify, and %ualification cycle.
lue+canner
lue+canner is a bash script that implements
a scanner for luetooth devices. "t#s a tooldesigned to e!tract as much information as
possible from luetooth devices without there%ueriment to pair.
looover ""
looover "" is a tool for audit based on 6ava
86>:. "t e!ists in version looover "" foraudit 6> mobiles and as a breeeder edition.
asy utility for vulnerability testing.
T+canner
T+canner for @* is a luetooth environment
auditing tool for icrosoft indows @*,implemented using the bluecove libraries 8an
open source implementation of the 6+R(K>luetooth $*" for 6ava:.
lue+pam
lue+pam searches for all discoverable
bluetooth devices and sends a file to them8spams them: if they support 5@. y
default a small te!t will be send. To
customiBe the message that should be sendyou need a palm with an +0/3 card, then
you create the directory/*$2/programs/lue+pam/+end/ and put
the file 8any type of file will work .jpg isallways fun: you would like to send into this
directory.
T3rawler
$n application used to to discover luetooth
devices and the services they provide. Runson 6> enabled devices supporting "0* >.?
and 6+R?K> 86ava $*" for luetooth:
luediving
luediving is a luetooth penetration testingsuite. "t implements attacks like luebug,
lue+narf, lue+narf, lue+mack, hasfeatures such as luetooth address spoofing,
an $T and a R;35 socket shell andimplements tools like carwhisperer, bss,2>3$* packetgenerator, 2>3$* connection
resetter, R;35 scanner and greenpla%uescanning mode 8using more than one hci
device:.
luesnarfer luesnarfer steals informations from a
wireless device through a luetoothconnection. The connection can be between
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 14/26
mobile phones, *0$s or 2aptops. You canaccess to a calendar, contact list, emails and
te!t messages.
Top
eb+canners
$rachni
$rachni is a fully automated system which
tries to enforce the fire and forget principle.
$s soon as a scan is started it will notbother you for anything nor re%uire further
user interaction.
urp +uiteurp +uite is an integrated platform forperforming security testing of web
applications.
3$2O???
3$2O??? is a collection of web applicationsecurity testing tools that complement the
feature set of current web pro!ies andautomated scanners. 3$2O??? gives you the
fle!ibility and functionality you need for
more effective manual testing efforts.
3$T
3$T is designed to facilitate manual web
application penetration testing for more
comple!, demanding application testingtasks.
3ookie0igger
3ookie0igger helps identify weak cookie
generation and insecure implementations ofsession management by web applications.
The tool works by collecting and analyBing
cookies issued by a web application formultiple users.
0"R
0"R is a eb 3ontent +canner. "t looks for
e!isting 8and/or hidden: eb 5bjects. "tbasically works by launching a dictionary
based attack against a web server andanaliBing the response.
;iddler
;iddler is a eb 0ebugging *ro!y which
logs all HTT*8+: traffic between your
computer and the "nternet. ;iddler allowsyou to inspect all HTT*8+: traffic, set
breakpoints, and #fiddle# with incoming oroutgoing data.
'amja 'amja will find @++83ross site scripting: 4
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 15/26
+M2 "njection weak point also 7R2parameter validation error. ho knows that
which parameter is weak parameterP 'amjawill be helpful for finding
vulnerabilityQ @++ , 1alidation rror , +M2"njection.
'rendel(+can
$ tool for automated security scanning of
web applications. any features are also
present for manual penetration testing.
HTTrack
HTTrack is a free and easy(to(use offline
browser utility. "t allows you to download a
orld ide eb site from the "nternet to alocal directory, building recursively all
directories, getting HT2, images, and otherfiles from the server to your computer.
2i2ith
2i2ith is a tool written in *erl to audit web
applications. This tool analyses webpagesand looks for html Sform tags, which oftenrefer to dynamic pages that might be
subject to +M2 injection or other flaws.
-ikto>
-ikto is an 5pen +ource 8'*2: web serverscanner which performs comprehensive
tests against web servers for multiple items,including over IJ?? potentially dangerous
files/3'"s.
*aros$ program called #*aros# for people whoneed to evaluate the security of their web
applications. "t is free of charge and
completely written in 6ava.
*owerfuBBer
*owerfuBBer is a highly automated and fully
customiBable web fuBBer 8HTT* protocol
based application fuBBer: based on manyother 5pen +ource fuBBers available and
information gathered from numeroussecurity resources and websites.
*ro!y+can.pl
pro!y+can.pl is a security penetration
testing tool to scan for hosts and ports
through a eb pro!y server. ;eaturesinclude various HTT* methods such as 'T,
35--3T, H$0 as well as host and portranges.
Ratpro!y $ semi(automated, largely passive web
application security audit tool, optimiBed foran accurate and sensitive detection, and
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 16/26
automatic annotation, of potential problemsand security(relevant design patterns based
on the observation of e!isting, user(initiatedtraffic in comple! web >.? environments.
+can!
This is a simple utility which runs against
target site and look for e!ternal referencesand cross domain malicious injections.
There are several vulnerable sites which get
manipulated with these types of injectionsand compromised.
+crawlr
+crawlr, developed by the H* eb +ecurity
Research 'roup in coordination with the+R3, is short for +M2 "njector and 3rawler.
+crawlr will crawl a website whilesimultaneously analyBing the parameters of
each individual web page for +M2 "njection
vulnerabilities.
+pringenwerk
+pringenwerk is a free 3ross +ite +cripting8@++: security scanner written in *ython.
+%lmap
s%lmap is an open source penetration
testing tool that automates the process ofdetecting and e!ploiting +M2 injection flaws
and taking over of database servers.
+%lsuss%lsus is an open source y+M2 injectionand takeover tool, written in perl.
TH3++23heckindows tool that checks the remote sslstack for supported ciphers and version.
wAaf
wAaf is a eb $pplication $ttack and $udit;ramework. The project<s goal is to create a
framework to help you secure your webapplications by finding and e!ploiting all
web application vulnerabilities.
apiti
apiti allows you to audit the security ofyour web applications. "t performs Eblack(
bo!E scans, i.e. it does not study the sourcecode of the application but will scans thewebpages of the deployed webapp, looking
for scripts and forms where it can injectdata.
ebfuBBer
ebfuBBer is a tool that can be useful for
both pen testers and web masters, it#s a
poor man web vulnerability scanner.
eb'oat eb'oat is a deliberately insecure 6> web
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 17/26
application maintained by 5$+* designedto teach web application security lessons.
ebsecurify
The ebsecurify +uite is a web application
security solution designed to run entirelyfrom your web browser.
eb+layer
eb+layer is a tool designed for
bruteforcing eb $pplications, it can beused for finding not linked resources
8directories, servlets, scripts, etc:,bruteforce 'T and *5+T parameters,
bruteforce ;orms parameters
87ser/*assword:, ;uBBing, etc. The toolshas a payload generator and a easy and
powerful results analyBer.
hateb
hateb identifies websites. "ts goal is toanswer the %uestion, Uhat is that
ebsitePV. hateb recognises webtechnologies including content managementsystems 83+:, blogging platforms,
statistic/analytics packages, 6ava+criptlibraries, web servers, and embedded
devices.
ikto
ikto is -ikto for indows ( but with acouple of fancy e!tra features including
;uBBy logic error code checking, a back(endminer, 'oogle assisted directory mining and
real time HTT* re%uest/responsemonitoring.
+0igger
+0igger is a free open source tooldesigned by c$fee ;oundstone to
automate black(bo! web services securitytesting 8also known as penetration testing:.
+0igger is more than a tool, it is a web
services testing framework.
@++ploit
@++ploit is a multi(platform 3ross(+ite
+cripting scanner and e!ploiter written in*ython. "t has been developed to helpdiscovery and e!ploitation of @++
vulnerabilities in penetration testingmissions.
;ireforce ;ireforce is a ;irefo! e!tension designed to
perform brute(force attacks on 'T and
*5+T forms. ;ireforce can use dictionariesor generate passwords based on several
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 18/26
character types.
-etsparker
-etsparker is a web application securityscanner, with support for both detection and
e!ploitation of vulnerabilities. "t aims to befalse positiveWfree by only reporting
confirmed vulnerabilities after successfullye!ploiting or otherwise testing them.
Havij
Havij is an automated +M2 "njection tool
that helps penetration testers to find ande!ploit +M2 "njection vulnerabilities on a
web page.
Top
0atabase
1ulnerabilities
erkeley 0
5racle erkeley 0 is a family of opensource, embeddable databases that
allows developers to incorporate withintheir applications a fast, scalable,
transactional database engine with
industrial grade reliability andavailability.
0atabase browser
0atabase browser is an universal table
editor. This easy to use tool allows userto connect to any database and browse
or modify data,run s%l scripts, e!portand print data.
0b>utils
db>utils is a small collection of db>
utilities. "t currently features three
different tools db>disco, db>fakesrvand db>getprofile.
5racle $uditingTools
The 5racle $uditing Tools is a toolkit
that could be used to audit securitywithin 5racle database servers.
5scanner
5scanner is an 5racle assessmentframework developed in 6ava. "t has aplugin(based architecture and comes
with a couple of plugins.
+M2 $uditingTools
+M2$T is a suite of tools which could beusefull for pentesting a + +M2 +erver.
The tools are still in development buttend to be %uite stable. The tools do
dictionary attacks, upload files, read
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 19/26
registry and dump the +$.
TH3(5R$32
TH3 presents a crypto paper analyBingthe database authentication
mechansim used by oracle. TH3 furtherreleases practical tools to sniff and
crack the password of an oracledatabase within seconds.
thc(
orakelcrackert99g
5rakel3rackert is an 5racle 99g
database password hash cracker usinga weakness in the 5racle password
storage strategy. ith 5racle 99g, case
sensitive +H$9 based hashing isintroduced.
0*w$udit
0*w$udit is a 6ava tool that allows
you to perform online audits ofpassword %uality for several database
engines. The application design allowsfor easy adding of additional databasedrivers by simply copying new 603
drivers to the jdbc directory.
Y+M2$udit*ython +cript for basic auditing ofcommon security misconfigurations in
y+M2.
s%lininja
s%lininja e!ploits web applications thatuse icrosoft +M2 +erver as a database
backend. "ts focus is on getting arunning shell on the remote host.
s%lninja doesn#t find an +M2 injection in
the first place, but automates thee!ploitation process once one has been
discovered.
'reen+%l
'reen+M2 is an 5pen +ource databasefirewall used to protect databases from
+M2 injection attacks. 'reen+M2 worksas a pro!y and has built in support for
y+M2 and *ostgre+M2.Top
1uln +canners
etasploit;ramework
The etasploit ;ramework is an advanced
open(source platform for developing,testing, and using e!ploit code.
5pen1$+ 5pen1$+ is a framework of several
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 20/26
services and tools offering acomprehensive and powerful vulnerability
scanning and vulnerability managementsolution.
-essus
-essus detects, scans, and profiles
numerous devices and resources toincrease security and compliance across
your network.
*orkbind
*orkbind is a multi(threaded nameserverscanner that can recursively %uery
nameservers of subdomains for version
strings. 8i.e. sub.host.dom#s nameserversthen host.dom#s nameservers:
3anvas
"mmunity#s 3$-1$+ makes available
hundreds of e!ploits, an automatede!ploitation system, and a comprehensive,
reliable e!ploit development framework topenetration testers and securityprofessionals worldwide.
+ocial(
ngineerToolkit 8+T:
The +ocial(ngineer Toolkit 8+T: is
specifically designed to perform advancedattacks against the human element. +T
was designed to be released with thehttp&//www.social(engineer.org launch
and has %uickly became a standard tool in apenetration testers arsenal.
$cuneti!
$cuneti! web vulnerability scanner is a tool
designed to discover security holes in your
web applications that an at(tacker wouldlikely abuse to gain illicit access to your
systems and data. "t looks for multiplevulnerabilities including+M2 injection, cross
site scripting, and weak passwords.
R"*+R"*+ is a tool written in *H* to findvulnerabilities in *H* applications using
static code analysis.
RapidL-e@pose
RapidL -e@pose is a vulnerability scanner
which aims to support the entirevulnerability management lifecycle,
including discovery, detection, verification,risk classification, impact analysis,
reporting and mitigation. "t integrates with
RapidL#s etasploit for vulnerabilitye!ploitation
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 21/26
1uln0etector
1uln0etector is a project aimed to scan awebsite and detect various web based
security vulnerabilities in the website.3urrently, 1uln0etector can detect 3ross
+ite +cripting 8@++: and +M2 "njection8+M2": vulnerabilities on a web based
script, but has no easy to use interface.
0amn +mall+M2i +canner
0+++ supports blind/error +M2i tests,
depth 9 crawling and advanced comparisonof different attributes to distinguish blind
responses 8titles, HTT* status codes,filtered te!t only lengths and fuBBy
comparison of contents itself:. "f you are
satisfied with your commercial toolscanning results then " believe that you
could even be more satisfied with this one.
3$T.-T
3$T.-T is a binary code analysis tool thathelps identify common variants of certain
prevailing vulnerabilities that can give riseto common attack vectors such as 3ross(
+ite +cripting 8@++:, +M2 "njection and
@*ath "njection.
*each ;uBBer
*each is a +mart;uBBer that is capable ofperforming both generation and mutation
based fuBBing. *each re%uires the creationof *each*it files that define the structure,
type information, and relationships in thedata to be fuBBed.
';" 2an'uard
';" 2an'uard is a network security and
vulnerability scanner designed to help withpatch management, network and software
audits, and vulnerability assessments. The
price is based on the number of "*addresses you wish to scan. $ free trial
version 8up to J "* addresses: is available.
+$
icrosoft aseline +ecurity $nalyBer
8+$: is an easy(to(use tool designed forthe "T professional that helps small and
medium(siBed businesses determine theirsecurity state in accordance with icrosoft
security recommendations and offersspecific remediation guidance.
Top
1uln $pps
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 22/26
0amn
1ulnerable eb$pplication
801$:
0amn 1ulnerable eb $pp 801$: is a*H*/y+M2 web application that is damn
vulnerable. "ts main goals are to be anaid for security professionals to test their
skills and tools in a legal environment,help web developers better understand
the processes of securing web
applications and aid teachers/studentsto teach/learn web application security
in a class room environment.
0amn1ulnerable 2inu!
0amn 1ulnerable 2inu! 8012: iseverything a good 2inu! distribution
isn<t. "ts developers have spent hours
stuffing it with broken, ill(configured,outdated, and e!ploitable software that
makes it vulnerable to attacks. 012 isn<tbuilt to run on your desktop W it<s a
learning tool for security students
etasploitable
etasploitable is an intentionallyvulnerable 2inu! virtual machine. This
1 can be used to conduct security
training, test security tools, and practicecommon penetration testing techni%ues.
Fioptri!
This Fioptri! 1 "mage are easy
challenges. The object of the game is toac%uire root access via any means
possible 8e!cept actually hacking the 1server or player:. The purpose of these
games are to learn the basic tools and
techni%ues in vulnerability assessmentand e!ploitation.
Honey0rive
Honey0rive is a virtual appliance 851$:
with @ubuntu 0esktop 9>.?D A>(bitedition installed. "t contains various
honeypot software packages such asFippo ++H honeypot, 0ionaea malware
honeypot, Honeyd low(interactionhoneypot, 'lastopf web honeypot alongwith ordpot, Thug honeyclient and
more.
adstore
adstore.net is dedicated to helping youunderstand how hackers prey on eb
application vulnerabilities, and to
showing you how to reduce youre!posure.
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 23/26
5$+* "nsecure
eb $pp *roject
"nsecureeb$pp is a web applicationthat includes common web application
vulnerabilities. "t is a target forautomated and manual penetration
testing, source code analysis,vulnerability assessments and threat
modeling.
1uln$pp
1uln$pp, is a +0 licensed $+*.net
application implementing some of themost common applications we come
across on our penetration testingengagements.
5$+* 1icnum
1icnum is an 5$+* project consisting
of vulnerable web applications based ongames commonly used to kill time. These
applications demonstrate common web
security problems such as cross sitescripting, s%l injections, and session
management issues.
5$+* rokeneb
$pplications
*roject
The roken eb $pplications 8$:*roject produces a 1irtual achine
running a variety of applications with
known vulnerabilities
2$*+ecurity
2$*+ecurity training is designed to be a
series of vulnerable virtual machineimages along with complementary
documentation designed to teachlinu!,apache,php,mys%l security.
1irtual Hacking2ab
$ mirror of deliberately insecureapplications and old softwares with
known vulnerabilities. 7sed for proof(of(concept /security training/learning
purposes. $vailable in either virtual
images or live iso or standalone formats.
$1+*
The eb $pplication 1ulnerability
+canner valuation *roject, is avulnerable web application designed tohelp assessing the features, %uality and
accuracy of web application vulnerabilityscanners. This evaluation platform
contains a collection of uni%ue vulnerable
web pages that can be used to test thevarious properties of web application
scanners.
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 24/26
oth
oth is a 1ware image with a set ofvulnerable eb $pplications and scripts,
that you may use for, testing eb$pplication +ecurity +canners, testing
+tatic 3ode $nalysis tools 8+3$:, givingan introductory course to eb
$pplication +ecurity
+ecuriench
+tanford +ecuriench is a set of open
source real(life programs to be used as atesting ground for static and dynamic
security tools. Release .O9a focuses oneb(based applications written in 6ava.
-Tin1
-Tin1 is a single 1ware or
1irtualo! virtual machine image thatcontains, ready to run, a series of 7ser(
mode 2inu! 872: virtual machines
which, when started, conform a wholecomputer network inside the 1ware or
1irtualo! virtual machine.
Top
2ive 30
ackTrack
ackTrack is a 2inu!(based penetrationtesting arsenal that aids security
professionals in the ability to perform
assessments in a purely native environment
dedicated to hacking.
Fali 2inu!
Fali 2inu! 8formerly known as ackTrack: is
a 0ebian(based distribution with a collectionof security and forensics tools. "t features
timely security updates, support for the $Rarchitecture, a choice of four popular
desktop environments, and seamless
upgrades to newer versions.
acko!
acko! is a 2inu! distribution based on
7buntu. "t has been developed to performpenetration tests and security assessments.0esigned to be fast, easy to use and provide
a minimal yet complete desktop
environment, thanks to its own softwarerepositories, always being updated to the
latest stable version of the most used andbest known ethical hacking tools.
+amurai The +amurai eb Testing ;ramework is a
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 25/26
live linu! environment that has been pre(configured to function as a web pen(testing
environment. The 30 contains the best ofthe open source and free tools that focus on
testing and attacking websites.
Fatana
Fatana is a portable multi(boot securitysuite which brings together many of today#s
best security distributions and portable
applications to run off a single ;lash 0rive."t includes distributions which focus on *en(
Testing, $uditing, ;orensics, +ystemRecovery, -etwork $nalysis, and alware
Removal. Fatana also comes with over 9??
portable indows applicationsC such asireshark, etasploit, -$*, 3ain 4 $bel,
and many more.
blackbuntu
*enetration Testing 0istribution based on7buntu 9?.9? which was specially designed
for security training students andpractitioners of information security.
ugtra%
ugtra% is a distribution based on the >.I.AK
kernel has a wide range of penetration and
forensic tools. ugtra% can install from a2ive 010 or 7+ drive, the distribution is
customiBed to the last package, configuredand updated the kernel and the kernel has
been patched for better performance and torecogniBe a variety of hardware, including
wireless injection patches pentesting other
distributions do not recogniBe.
-etwork+ecurity
Toolkit 8-+T:
This bootable "+5 live 30/010 8-+T 2ive: is
based on ;edora. The toolkit was designed
to provide easy access to best(of(breed5pen +ource -etwork +ecurity $pplications
and should run on most !KI/!KIXIDplatforms.
*entoo
*entoo is a penetration testing 2ive30distribution based on 'entoo. "t features a
lot of tools for auditing and testing anetwork, from scanning and discovering to
e!ploiting vulnerabilities
lack$rch lack$rch is an $rch(based securitydistribution. There are over I?? tools in
lack$rch#s package repository. Thelack$rch live "+5 comes with multiple
8/9/2019 Hacking Tools Repository.docx
http://slidepdf.com/reader/full/hacking-tools-repositorydocx 26/26
window managers, including dwm,$wesome, ;lu!bo!, 5penbo!, wmii, iA, and
+pectrwm. The lack$rch packagerepository is compatible with e!isting $rch
installs.
Tophttp://gexos.github.io/Hacking-Tools-Repository/
Pastebin Alternatives
http://gist.github.com/
http://dpaste.org/
http://fpaste.org/
http://codepad.org/
http://pastie.org/
http://jsddle.net/
http://rafb.me/
http://ideone.com/
http://tinypaste.com/
http://i2p2.de
h // /