모의해킹용 툴 모음

http://cafe.naver.com/solatech
http://www.twitter.com/ostoneo
http://solatech.tistory.com
by 김재벌

모의해킹용 툴 모음을 아래와 같이 간략하게 정리해 보았습니다.
대부분의 툴들이 기본적인 개념이 있어야만 사용이 가능한 도구 들 입니다.^^
정리 하시는 것도 도움이 되실 듯 합니다.

ARP Scanners:

 

arpscan  http://unx.ca/~jason/arpscan/

 

 

Brute forcing Tools:

 

Brutus  http://www.hoobie.net/brutus/

 

Hydra  http://thc.org/

 

OneSixtyOne  http://www.phreedom.org/solar/onesixtyone/

 

Crowbar  http://www.sensepost.com/research/crowbar/

 

Cisco Tools:

 

Cisco Torch  http://www.hackingciscoexposed.com/?link=tools

 

Cisco Global Exploiter  http://packetstormsecurity.org/0405-exploits/cge-13.tar.gz

 

Yersinia  http://www.yersinia.net/

 

 

Compliance Testing:

 

Security Expressions   http://www.altiris.com/Products/SecurityExpressions.aspx

 

 

DHCP Tools:

 

DHCPping  http://c3rb3r.openwall.net/dhcping/

 

 

Exploit Frameworks:

 

Metasploit Framework  http://www.metasploit.com/

 

Security Forest  http://www.securityforest.com/wiki/index.php/Main_Page

 

Canvas   http://www.immunitysec.com/

 

Core Impact   http://www.coresecurity.com/products/coreimpact/

 

 

Firewall Related Tools:

 

Firewalk  http://www.packetfactory.net/projects/firewalk/

 

IKE-Scan  http://www.nta-monitor.com/tools/ike-scan/

 

IKE-Probe  http://www.ernw.de/download/ikeprobe.zip

 

IKECrack  http://ikecrack.sourceforge.net/

 

 

IP Restriction Scanning:

 

IRS  http://www.oxid.it/irs.html

 

 

LDAP Tools:

 

LDAPenum  https://sourceforge.net/projects/ldapenum

 

ldapsearch  http://www.openldap.org/software/download

 

bf_ldap  http://examples.oreilly.com/networksa/tools/bf_ldap.tar.gz

 

jxplorer  http://sourceforge.net/projects/jxplorer

 

ldp.exe  Windows Server 2003 Support Tools

 

 

Man in the Middle Tools:

 

Ettercap  http://ettercap.sourceforge.net/

 

Dsniff  http://www.monkey.org/~dugsong/dsniff/

 

4G8  http://www.intrusense.com/software/forgate/

 

 

Database Scanners:

 

Metacortex  http://sourceforge.net/projects/metacoretex/

 

Metacoretex-ng  http://metacoretex-ng.sourceforge.net/index.php

 

NGSSQuirreL   http://www.ngssoftware.com/products/database-security/

 

AppDetective  http://www.appsecinc.com/products/appdetective/

 

 

Multipurpose Tools:

 

Netcat  http://netcat.sourceforge.net/

 

Solarwinds   http://www.solarwinds.net/

 

 

Network Mapping:

 

Cheops  http://www.marko.net/cheops/

 

Cheops-ng  http://cheops-ng.sourceforge.net/

 

 

Operating System Enumeration:

 

sinFP  http://www.gomor.org

 

p0f  http://lcamtuf.coredump.cx/p0f.shtml

 

 

Oracle Attack Tools:

 

OAT  http://www.cqure.net/wp/?page_id=2

 

Oscanner  http://www.cqure.net/wp/?page_id=3

 

tnscmd.pl  http://www.jammed.com/~jwa/hacks/security/

 

 

Packet Generation:

 

Hping  http://www.hping.org/

 

Packit  http://www.intrusense.com/software/packit/

 

Nemisis  http://www.packetfactory.net/projects/nemesis/

 

Sing  http://sourceforge.net/projects/sing/

 

Scapy  http://www.cartel-securite.fr/pbiondi/scapy.html

 

 

Terminal Services Tools:

 

TScrack  http://softlabs.spacebitch.com/tscrack/

 

 

Hash Grabbing tools:

 

pwdump6  http://www.foofus.net/fizzgig/pwdump/

 

pwdumpx  http://reedarvin.thearvins.com/tools.html

 

fgdump  http://www.foofus.net/fizzgig/fgdump/

 

 

Password Cracking:

 

Cain  http://www.oxid.it/cain.html

 

John the Ripper  http://www.openwall.com/john/

 

Lophtcrack  No longer sold/supported, but available from many sources 

 

 

Port Enumeration:

 

Amap  http://www.thc.org/releases.php

 

 

Port Scanners:

 

Nmap  http://insecure.org/nmap/

 

Superscan  http://www.foundstone.com/resources/proddesc/superscan.htm

 

 

Port Redirection Tools:

 

Fpipe  http://www.foundstone.com/resources/proddesc/fpipe.htm

 

Netcat  http://netcat.sourceforge.net/

 

 

Sniffing Tools:

 

Wireshark  http://www.wireshark.org/

 

Dsniff  http://www.monkey.org/~dugsong/dsniff/

 

Driftnet  http://www.ex-parrot.com/~chris/driftnet/

 

Windump  http://www.winpcap.org/windump/

 

 

SNMP Tools:

 

Net-SNMP http://net-snmp.sourceforge.net/

 

OneSixtyOne  http://www.phreedom.org/solar/onesixtyone/

 

SNMPcheck  http://www.nothink.org/perl/snmpcheck/

 

 

SQL Injection Tools:

 

Absinthe  http://www.0x90.org/releases/absinthe/

 

SQL Power Injector  http://www.sqlpowerinjector.com/

 

SQL Ninja  http://sqlninja.sourceforge.net/

 

SQLiX   http://www.owasp.org/index.php/Category:OWASP_SQLiX_Project

 

 

SSH Clients:

 

Putty  http://www.chiark.greenend.org.uk/~sgtatham/putty/

 

Tunnelier   http://www.bitvise.com/tunnelier

 

 

TFTP Servers:

 

Solarwinds  http://www.solarwinds.net/products/freetools/

 

 

VOIP Tools:

 

Vomit  http://vomit.xtdnet.nl/

 

Sipsak  http://sipsak.org/

 

SiVuS  http://www.vopsecurity.org/index.php?name=Downloads (account required)

 

Cain  http://www.oxid.it/cain.html

 

NastySIP  http://phoenix.labri.fr/documentation/sip/Documentation/Material/Clients/Tools/Test/NastySIP/SX%20Design.htm

 

SIPp  http://sipp.sourceforge.net/

 

VOIpong  http://www.enderunix.org/voipong/index.php

 

Various Tools  http://skora.net/voip/

 

Misc VOIP Tools  http://www.voipsa.org/Resources/tools.php

 

 

Vulnerability Scanners:

 

Nessus  http://www.nessus.org/

 

GFI Languard  http://www.gfi.com/lannetscan/

 

xscan  http://www.xfocus.org/

 

SAINT http://www.saintcorporation.com/index.html

 

SARA  http://www.www-arc.com/sara/

 

 

Web Application Testing:

 

Pantera  http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project

 

 

Web Crawl/Cloners:

 

HTTrack  http://www.httrack.com/

 

Teleport Pro  http://www.tenmax.com/teleport/pro/home.htm

 

 

Web Enumeration:

 

HTTprint  http://net-square.com/httprint/

 

 

Web Vulnerability Scanners:

 

Nikto  http://www.cirt.net/code/nikto.shtml

 

Wikto  http://www.sensepost.com/research/wikto/

 

Whisker  http://www.wiretrip.net/rfp/

 

WSdigger  http://www.foundstone.com/resources/s3i_tools.htm

 

Nstalker Free Edition  http://www.nstalker.com/

 

Appscan   http://www.watchfire.com/

 

Acunetix   http://www.acunetix.com/

 

Webinspect  http://www.spidynamics.com/

 

 

Web Proxies:

 

Paros  http://www.parosproxy.org

 

Web Scarab  http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

 

Burp Proxy  http://www.portswigger.net/proxy/

 

Suru   http://www.sensepost.com/research/suru/

 

Achilles  http://www.mavensecurity.com/achilles