Si pinchas en el nombre de la herramienta, accederás a la web del proyecto.
Gracias por leerme, espero que os guste.
by Christopher Charles Taylor
0Trace | 0trace is a traceroute tool which can be run within an existing, open TCP connection - therefore bypassing some types of stateful packet filters with ease. |
driftnet | Listens to network traffic and picks out images. |
dsniff | Suite of tools for network auditing and penetration testing. |
ettercap-gtk | Multi purpose sniffer/interceptor/logger for switched LAN's. |
giskismet | GISKismet is a wireless recon visualisation tool to represent data gathered using Kismet in a flexible manner. |
hping3 | Command-line oriented TCP/IP packet assembler/analyser. |
maltego | Reconnaissance software. |
netdiscover | Active/passive address reconnaissance tool, mainly developed for wireless networks without dhcp server. |
skipfish | Fully automated, active web application security reconnaissance tool. |
tcpdump | Powerful command-line packet analyser. |
tcpflow | TCP flow recorder. |
tcptraceroute | Traceroute implementation using TCP packets. |
traceroute | Modern implementation of traceroute for Linux systems. |
voipong | Utility which detects all Voice Over IP calls on a pipeline. |
wireshark | Network "sniffer" - a tool that captures and analyses packets off the wire. |
arping | Broadcasts a who-has ARP packet on the network and outputs the answer. |
admsnmp | SNMP audit scanner. |
amap | AMAP is a next-generation scanning tool for assistingnetwork penetration testing. |
autoscan | Network scanner, useful for discovering and managing applications. |
cisco-ocs | Mass cisco scanner |
ciscos | Cisco Scanner will scan a range of IP address for Cisco routers that haven't changed their default password of "cisco". |
fierce | PERL script that quickly scans domains. |
fping | A ping-like program which uses the Internet Control Message Protocol (ICMP) echo request to determine if a host is up. |
grabber | Web application scanner. |
iputils-ping | Suite of tools to test the reachability of network hosts. |
iputils-tracepath | Tools to trace the network path to a remote host |
lanmap2 | Builds database/visualisations of LAN structure from passively sifted information. |
nbtscan | Program for scanning IP networks for NetBIOS name information. |
nmap | NMAP port and vulnerability scanner. |
onesixtyone | SNMP scanner and bruteforce tool. |
p0f | Passive OS fingerprinting tool. |
portmap | RPC port mapper. |
sipscan | Fast network scanner for UDP-SIP clients. |
smap | Simple scanner for SIP enabled devices. |
yersinia | Network tool designed to take advantage of some weakeness in different network protocols. |
ace | Automated Corporate Enumerator (ACE) is a VoIP enumeration tool that mimics the behavior of an IP Phone. |
asleap | Demonstrates a serious deficiency in proprietary Cisco LEAP networks. |
asp-auditor | Look for common misconfigurations and information leaks in ASP.NET applications. |
blindelephant | Attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes. |
braa | Braa is a tool for making SNMP queries. |
copy-router-config | Copies cisco router configuration files using SNMP. |
dirbuster | JAVA application designed to brute force directories and files names on web application servers. |
dns2tcp | Tool for relaying TCP connections over DNS. |
dnsenum | Script for enumerating DNS servers. |
dnsmap | Used for information gathering/enumeration phase of infrastructure assessments. |
dnsrecon | DNS enumeration script. |
dnstracer | Determines where a given Domain Name Server (DNS) gets its information from. |
ike-scan | Command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers. |
miranda | Python-based application designed to discover, query and interact with UPNP devices. |
httprint | Web server fingerprinting tool. |
os-prober | Utility to detect other operating systems on a set of drives. |
smtp-user-enum | Username guessing tool primarily for use against the default Solaris SMTP service. |
snmpcheck | Permits to enumerate information via SNMP protocol. |
snmpenum | Simple perl script to enumerate information on Machines that are running SNMP. |
theharvester | Tool for gathering e-mail accounts and subdomain names from different public sources. |
bed | Designed to check daemons for potential buffer overflows and format strings (as well as other issues). |
burpsuite | Integrated platform for performing security testing of web applications. |
cisco-auditing-tool | Perl script which scans cisco routers for common vulnerabilities. |
cms-explorer | Content Management System (CMS) explorer designed to reveal specific modules, plugins, components and themes of CMS web sites. |
mopest | PHP web vulnerability scanner. |
nessus | Vulnerability scanner by Tenable. |
nikto | Open Source (GPL) web server scanner which performs comprehensive tests against web servers. |
sipvicious | SIP based VoIP systems auditing tool. |
sqlmap | Testing tool that automates the process of detecting and exploiting SQL. |
videojak | IP Video security assessment tool. |
voiper | Allows for extensively and automatiion of testing for VoIP devices for vulnerabilities. |
warvox | Suite of tools for exploring, classifying, and auditing telephone systems. |
websecurify | Advanced solution to accurately identify web application security issues. |
bkhive | Dumps the syskey bootkey from a Windows NT/2K/XP system hive. |
chntpw | Offline NT password editor. |
cmospwd | Decrypts password stored in Complementary Metal-Oxide Semi Conductor (CMOS) used to access BIOS SETUP. |
eapmd5pass | An implementation of an offline dictionary attack against the EAP-MD5 protocol. |
fcrackzip | ZIP password cracker, similar to fzc, zipcrack and others. |
hashcat | CPU based multihash cracker. |
hashcat-utils | Utilities for creating and manipulation wordlists. |
hydra | Network logon cracker which support many different services. |
john | Fast password cracker. |
medusa | parallel network login auditor |
ncrack | High-speed network authentication cracking tool. |
oclhashcat-lite | Very fast single hash GPU based password cracker. |
ophcrack | Windows password cracker using rainbow tables. |
pack | Password analys and cracking toolkit. |
samdump2 | Dumps Windows 2k/NT/XP password hashes. |
sipcrack | Suite for sniffing and cracking the digest authentification used in the Session Intiation Protocol (SIP) protocol. |
thc-pptp-bruter | Brute force program against PPTP VPN endpoints (tcp port 1723). |
autopsy | Graphical interface to The Sleuth Kit (TSK). |
beef-ng | Browser Exploitation Framework (BEEF) focuses on leveraging browser vulnerabilities to assess the security posture of a target. |
cisco-global-exploiter | Cisco Global Exploiter (CGE) is an advanced, simple and fast security testing tool. |
cymothoa | Stealth backdoor tool that injects shellcode into an existing process. |
darkmysqli | MySQL injection tool. |
framework3 | Metasploit Exploitation Framework |
mantra | Security framework which can be very helpful in performing all phases of penetration testing. |
perl-cisco-copyconfig | Provides methods for manipulating the running-config of devices running IOS via SNMP directed TFTP. |
sapyto | SAP Penetration Testing Framework |
set | Social-Engineer Toolkit (SET) is a python driven attack framework. |
sqlninja | Exploits SQL Injection vulnerabilities on web applications using Microsoft SQL. |
thc-ipv6 | Framework to attack the inherent protocol weaknesses of IPV6. |
w3af | Web application attack and audit Framework. |
wapiti | Web application vulnerability scanner and security auditor. |
webslayer | Designed for bruteforcing web applications. |
bluediving | Bluediving is a Bluetooth penetration testing suite. |
bluemaho | BlueMaho is GUI-shell (interface) for suite of tools for testing security of bluetooth devices. |
bluez-hcidump | Analyses Bluetooth Host Controller Interface (HCI) packets. |
btscanner | BTScanner is designed specifically to extract as much information as possible from a Bluetooth device. |
air | AIR is a GUI front-end to dd/dc3dd - designed for easily creating forensic images. |
bulk-extractor | C++ program that scans a disk image (or any other file) extracting useful information. |
dcfldd | Enhanced version of dd for forensics and security. |
ddrescue | Similar to dd in that it copies data from one file or block device to another. |
fatback | *NIX tool for recovering files from FAT file systems. |
galleta | Internet Explorer cookie forensic analysis tool. |
pasco | Internet Explorer cache forensic analysis tool. |
ptk | Computer forensic framework for the command line tools in the SleuthKit. |
rkhunter | Scans for rootkits, backdoors and local exploits. |
sleuthkit (TSK) | The Sleuth Kit (TSK) is a collection of forensic command line tools. |
vinetto | Forensics tool to examine Thumbs.db files. |
fragrouter | Network Intrusion Detection (NID) evasion toolkit. |
ftester | Firewall filtering and Intrusion Detection System (IDS) testing. |
snort | Flexible Network Intrusion Detection System (NIDS). |
snort-rules-default | Flexible Network Intrusion Detection System (NIDS) ruleset. |
snort-common-libraries | Flexible Network Intrusion Detection System (NIDS) ruleset. |
3Proxy | 3Proxy is a lightweight proxy server. |
chkrootkit | Designed to check locally for signs of a rootkit. |
cpu-checker | Evaluates certain CPU (or BIOS) features. |
cryptcat | Standard NETCAT enhanced with twofish encryption. |
dnswalk | DNS debugger. |
gpsd | Global Positioning System - daemon |
gpshell | GPshell for Globalplatform |
netcat-traditional | TCP/IP swiss army knife. |
ohrwurm | Real-Time Transport Protocol (RTP) fuzzer. |
sbd | Secure backdoor NETCAT clone. |
socat | Alllows for a bi-directional data relay between two independent data channels. |
sqlite3 | Command line interface for SQLite 3. |
stegdetect | Automated tool for detecting steganographic content in images. |
truecrypt | Disk encryption software. |
aircrack-ng | Aircrack-ng wireless exploitation and enumeration suite. |
cowpatty | Cowpatty attacks the WPA/WPA2-PSK exchanges. |
freeradius-wpe | A patch for FreeRADIUS implementation to demonstrate RADIUS impersonation. |
kismet | 802.11 layer2 wireless network detector, sniffer, and intrusion detection system (IDS). |
mdk3 | Proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses using the oslib of aircrack-ng. |
rfidiot | Python library for exploring RFID devices. |
wepcrack | Open source tool for breaking 802.11 WEP secret keys. |
wifitap | Wi-Fi injection tool through tun/tap devices. |