Tools

Sometimes, you are only as good as your tools. In security that isn’t always the case, a bit of intelligence will go a long way, however, good tools, scripts, programs, hardware, etc. sure will make things easier. To this end, and in an effort to simulate some of the preexisting concentrated awesomeness that is SecTools.Org and SecurityDistro, we share our lists of helpful tools in the following categories.
 
Distros & OSes
Programs
Resources
Hardware
 
Please note that only the most helpful or interesting tools have been listed due to brevity, and that the resources section contains links to additional tools and list of tools. As always, please contact us with comments, concerns, questions, etc. about security related tools. Especially if you don’t see your favorite/most helpful gem or if you have a new (working) POC that you’d like to share.
 
 
 

Distros & OSes

There exist a surprising number of security centric Linux distributions (or Distros) and OSes. Since many have come and gone, the following enumeration contains free distributions published on or after January first 2013. SecurityDistro, which helped inspire this section, contains additional versions, many of which are obscure, dilapidated, or otherwise inactive.

Name Description
BlackArch Arch Linux-based distro for pen testers and security researchers; has 1196 tools.
BlackBox Ubuntu-based distro for pen testing and security assessments; minimal yet complete desktop env.
blackbuntu Ubuntu-based (ver 10.10) pen testing distro for security training students and practitioners of infosec.
Bugtraq Based on the 3.2 and 3.4 kernel, 32 Bits & 64 Bits, has penetration, forensic and laboratory tools.
CAINE Live Computer Aided INvestigative Environment, an Italian GNU/Linux live distro for Digital Forensics.
deft GNU-based Digital Evidence & Forensics Toolkit purposed to run on live systems.
Frenzy FreeBSD-based LiveCD for HW tests, file sys check, security check and network setup and analysis.
grml Debian-based LiveCD, contains a collection of GNU/Linux software especially for sys admins.
Helix3 Ubuntu-based LiveCD focusing on incident response and computer forensics.
Kali “The most advanced and versatile penetration testing distribution ever created.”
Katana Multi-boot package intended for security and ethical hacking via USB.
Matriux Debian-based distro for pen testing, ethical hacking, forensics and vulnerability analysis.
NST Fedora-based Network Security Toolkit, LiveCD/DVD for Open Source Network Sec Applications.
NodeZero Ubuntu-based “complete system” that can be used for penetration testing.
Ophcrack LiveCD of a rainbow tables based Windows password cracker.
OSWA Assistant Organizational System Wireless Auditor LiveCD for a wireless-auditing toolkit.
Samurai LiveCD a Linux pre-configured web pen-testing environment.
SANS SIFT Ubuntu-based distro for the SANS Investigative Forensic Toolkit Workstation.
WEAKERTH4N Debian Squeeze-based pen testing distro with emphasis on WiFi hacking.

 
 

Programs

In addition to OSes specially compiled for security, there are great programs, executables, and scripts (some of which weren’t even intended to be used as a ‘security tool’) that are very helpful with many of the task associated with CTFs, pen testing, and during exploit development. Similar to the security oriented distros listed above, the following list contains only tools that are offered free of charge (well, in some form, i.e., free trial, older versions, etc…).

Tool Name $$$$ Platform Description
7zip Free Win Mac Nix An open source file archiver with a high compression ratio, GUI, and command line options
acunetix Trial Win Website vulnerability scanner (i.e., SQLi, XSS, etc…).
Aircrack-ng Free Win Mac Nix 802.11 WEP & WPA-PSK keys cracking program for auditing WiFi and networks.
android-apktool Free Java A tool for reverse engineering 3rd party, closed, binary Android apps.
arachni Free Mac Nix A Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
Burp Suite Free Java An integrated platform for performing security testing of web applications; from mapping and analysis of the attack surface, to finding and exploiting security vulnerabilities.
Cain & Abel Free Win A password recovery tool for MS OSes via sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
BeEF Free Win Mac Nix BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
CrypTool Free Win “The well-known e-learning platform for cryptography and cryptanalysis.”
CurrPorts Free Win A network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on a Windows machine.
dex2jar Free Java Tools to work with android .dex and java .class files.
dotPeek Free Win .NET Decompiler and Assembly Browser
Dradis Free Mac Nix A collaboration and reporting platform for IT security experts; self-contained web application that provides a centralized repository of information.
dsniff Free Nix A collection of tools for network auditing and penetration testing.
Ettercap Free Mac Nix A comprehensive suite for man in the middle attacks.
FOCA Free Win A Network Infrastructure Mapping Tool.
GetIf Free Win An SNMP MIB Browser and Network Utility.
GrabItAll Free Win A traffic redirection tool that uses spoofed ARP replies.
HconSTF Free Win Nix A Web Application Security Analysis & Penetration Testing Framework made of Mozilla technologies.
Hping Free Nix A command-line oriented TCP IP packet assembler and analyzer.
Hydra Free Mac Nix A very fast network logon cracker which supports many different services.
hash-identifier Free Python Used to identify the different types of hashes used to encrypt data and especially passwords.
IBM AppScan Trial Win Automated (dynamic) application security testing by scanning applications, identifying vulns, and generating reports.
IDA Free Win Nix Mac THE multi-processor disassembler and debugger.
ILSpy Free Win An open-source .NET assembly browser and decompiler.
incognito2
IronWASP Free Win A web security scanner.
JD-GUI Free Win Mac Nix Java Decompiler. A standalone graphical utility that displays Java source codes of “.class” files.
Kismet Free Nix An 802.11 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic (devices and drivers permitting).
John the Ripper Free Win Mac Nix A password cracker with the primary purpose to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
LSASecretDumps Free Win An application that extract the LSA secrets from the Registry, decrypt them, and dump them into the console window.
Maltego Free Win Mac Nix An open source intelligence and forensics application.
metasploit Free Win Nix “World’s most used penetration testing software.”
Nagios Free Nix Monitors and alerts for servers, switches, applications, and services.
Nessus Free Win Mac Nix A proprietary comprehensive vulnerability scanner. According to surveys done by sectools.org, Nessus is the world’s most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey.
Ncat Free Win Mac Nix A Unix utility which reads and writes data across network connections, using TCP or UDP protocol.
netsparker Demo Win A false-positive-free web application security scanner.
Nikto2 Free Perl A web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers.
OpenSSH Free Win Mac Nix SSH connectivity tools.
OpenSSL Free Win Mac Nix A collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a full-strength general purpose cryptography library.
OpenVAS Free Nix A framework offering a vulnerability scanning and vulnerability management solution.
PunkSPIDER Free Web A global web application vulnerability search engine.
imageforensic.org Free Web Automated image forensics analysis.
PsTools Free Win A Resource Kit with a number of command-line tools to administer Windows machines.
PuTTY Free Win A SSH and Telnet Client.
pwdump7 Free Win A password dumper that runs by extracting the binary SAM and SYSTEM File from the Filesystem, then the hashes are extracted.
Scalpel-2.0 Free Win Nix A file carving and indexing application
SearchDiggity Free Win The primary attack tool of the Google Hacking Diggity Project.
SET Free Python Social-Engineer Toolkit, an open source tool aimed at penetration testing around Social-Engineering.
SHODAN Free Web Python(API) a search engine to find specific computers (routers, servers, etc.) using filters; a public port scan directory or a search engine of banners.
smali Free Java An assembler & disassembler for the dex format used by dalvik, Android’s JVM implementation.
snoopy-ng Free Nix A distributed, sensor, data collection, interception, analysis, and visualization framework.
Snort Free Win Nix An open source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and OS fingerprinting attempts.
sqlmap Free Python A open source pen testing tool that automates detecting and exploiting SQL injection flaws.
sqlninja Free Mac Nix A SQL Server injection & takeover tool.
SSLScan Free Mac Nix Queries SSL services, such as HTTPS and SMTP that supports STARTTLS, to determine the supported ciphers.
SQLPing Free Win Performs active and passive scans of your network to identify all of the SQL Server/MSDE installs.
tcc Free Win Tiny C Compiler.
TCPDUMP Free Win Mac Nix A powerful command-line packet analyzer (available with libpcap a portable C/C++ library for network traffic capture).
TweakPNG Free Win A low-level utility for examining and modifying PNG image files.
USBDeviceForensics Free Python A script to extract numerous bits of information regarding USB devices.
VNCViewer Free Win Mac Nix A graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer.
Volatility Free Python An open collection of tools for the extraction of digital artifacts from volatile memory (RAM) samples.
w3af Free Nix A Web Application Attack and Audit Framework.
WebScarab NG Free Java A framework for analyzing applications that communicate using the HTTP and HTTPS protocols.
WeeChat Free Win Mac Nix A fast, light, and extensible chat client (i.e., IRC).
Wireshark Free Win Mac Nix “The world’s foremost network protocol analyzer.”
wxMEdit Free Win Mac Nix A cross-platform Text/Hex Editor written in C++ & wxWidgets.
Zed Attack Proxy Free Win Mac Nix An easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
ZMap Free Mac Nix An open-source network scanner that enables researchers to easily perform Internet-wide network studies.

 
 

Resources

Security tool-related resources, list, and otherwise interesting pages are listed within this section.
 
SecTools
ToolWar
Mafia Hacking Team I
RedOracle
Wikipedia – List of digital forensics tools.
ForensicsWiki Tools
37 Powerful Penetration Testing Tools For Every Penetration Tester
The LiveCD List
The Hacker’s Choice

 
 

Hardware

The hardware needed for security related endeavors can be as minimal as a $1 AT&T shirt from a thrift shop (say, for social engineering) to the highly classified and technologically advanced government machines being controlled by three letter agencies…
 
Hammer – The last and certainly not the least tool one can have in their tool kit. As the late philosopher Clarksonious, third century BC, once queried “have you got a hammer”?

Leave a Reply