Tools of the trade

These are some tools that are extremely useful, But remember i am providing the knowledge and how you use them is up to you. Also if you don't know how to you these you should decently do some research, There is no tool that will just Hack for you, find exploits on your own is half the fun. these tools if not used properly can get you n a lot of trouble.

› Tools of the trade.

DeCSS 1.2b
 is used as a cracking tool, is highly engineered software that has been designed in order to modify the other software with an intention to remove the usage restriction. A worth mentioning instance is a "patch generator", which replaces bytes at specific location of a file, giving it a licensed version. The DeCSS 1.2b was originated in the year 1999, October and requires storage of minimum 253 KB. Coldlife 4.0is another tool for website hacking that falls in the category of flooder. This is a program that has been designed to overload the connection by certain mechanisms like a fast pinging that causes a sudden DoS attack.

  • Cain and Able The top password recovery tool for Windows UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

  • Wireshark : Sniffing the glue that holds the Internet together
    Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).

  • Aircrack : The fastest available WEP/WPA cracking tool
    Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

  • Metasploit Framework : Hack the Planet
    Metasploit took the security world by storm when it was released in 2004. No other new tool even broke into the top 15 of this list, yet Metasploit comes in at #5, ahead of many well-loved tools that have been developed for more than a decade. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their online exploit building demo. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. Similar professional exploitation tools, such as Core Impactand Canvas already existed for wealthy users on all sides of the ethical spectrum. Metasploit simply brought this capability to the masses.

  • NMAP THIS IS PROBABLY THE MOST IMPORTANTOF ALL This is a Port scanner, a very good one, it will do too many things to list i suggest you check it out.

  • There are many tools around.

    let me give u some real direct links


    These tools can be used for good and bad. They are all readily available on the Web. So,
    if you're one of the good guys : find out how long your passwords will resist a dictionary or brute force attack, see what information your computers would reveil when asked the right way, and check your network before the bad guys do ... 
    network tools Password tools Get some practise
    Online DNS lookup, Whois, a.o.KLOTH Services
    WWW implementations of common network tools such as whois and nslookup / dig. Although they're in fact network troubleshooting tools, services / tools like these are often used to gather information about a 'target' or 'victim' (re. Hacking Exposed : a mini howto). Which goes to show that toold can be used for good and for bad ...E
    simply the best port scanner, with some added functionality (e.g. remote OS guess)E
    extremely complete vulnarability checker / security audit : scans a remote system for open ports (using nmap), then attempts to exploit the services listening at those ports and returns a detailed report. Open Source Quality.E
    when ping and traceroute return timeouts because you can't trace 'behind' a router or firewall, hping might help.E
    client for multiple protocols and integrated network query tool for Windows 95, 98, NT & Windows 2000E
    freeware network enumeration and monitoring toolE
    NBTEnum, NetBIOS User Enumartion Tool,copy available
    nbtenum and other enumeration tools should be available at , but that site is apparently offlineE
    Hacking Exposed : the tools

    the tools discussed in the book "Hacking Exposed"E
    Arne Vidstrom : The Toolbox - Freeware security tools for, Arne Vidstrom
    collection of freeware security tools, written by Arne Vidstrom, including a.o. a key logger, ping sweep, a tool to enumerate user accounts on a Windows system, a Microsoft SQL Server dictionary attack...E
    Wireless Security softwareHideaway.Net
    tools that can locate, audit, and even sniff wireless networksE
    Unix Penetration RootkitsPacket Storm
    a collection of UNIX / Linux penetration rootkitsE
    Windows NT Penetration ToolsPacket Storm
    a collection of Windows NT (2000, XP, etc.) penetration toolsE
    Astalavista Tool BoxAstalavista Secutity Group
    An extensive collection of enumeration, sniffing cracking and exploiting tools.E
    Oreilly Network tools

    Collection of network hack and crack tools, mainly tar archivesE, of nmap fame, also caries extensive lists and (links to) forums on exploits, penetration testing, (exploitable) bugs, know security holes etcE

    Password cracker for HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet servers. Originally created to check routers for default passwords. Brute Force / Dictionary approachE
    HydraThe Hacker's Choice
    THC-Hydra - login hacker for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is included in Nessus.E

    Once the best tool for Windows NT cracking, and freely available. Now commercialized by Symantec. You may want to try and get a copy from astalavista :-)E
    John The Ripper

    The famous John The Ripper password crackerE
    Cain and Able

    finds passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocolsE

    Password Cracker for Windows Terminal Server. TSCrack is said to use Artificial Intelligence / Artificial Neural Networks to be able to interprete de bitmaps sent by the terminal server and generate an appropriate response.E
    "I forgot the Administrator password"

    'Linux on a floppy' boot disk that allows to blank out the administrator password and reset accounts on Windows NT systemsE
    SIW - System Information for Windows

    Not a password cracker per se, but a tool to collect system information on Windows systems. As it happens, this system information includes cached credentials, product keys and other 'secrets'E
    Default Passwords

    Who says you need to crack anything ? Lot's of network devices are installed without any configuration, so they still have the user name / passwords that the vendor put there. And these passwords are very well known ...E

    one of my favourite links for thr SQL injection

    click here [ open dis window on a new page]