The following is a list of tools we have collected over the years. Each of the tools below are discussed in "Hacking Exposed: Network Security Secrets and Solutions". Both defensive and hacking tools and web sites are presented here as a summary of those discussed in the book. Any tools used that are part of the default operating system are not included here. Also, any Tools discussed in the book which that are not on this list may be found in the Windows NT Resource Kit and/or in the Supplement II. ------------------------------------------------------------------------ General Security Tool Sites Hackersclub http://www.hackersclub.com NewOrder http://neworder.box.sk Security-Focus http://www.securityfocus.com Technotronic http://www.technotronic.com Countermeasure Tools BlackICE by NetworkICE http://www.networkice.com CyberCop Monitor by Network Associates Inc. http://www.nai.com Hidden Object Locator http://www.netwarefiles.com/utils/hobjloc.zip Ippl http://www.via.ecp.fr/~hugo/ippl/ ITA from Axent http://www.axent.com Kane Security Monitor http://www.intrusion.com Netguard http://www.Genocide2600.com/~tattooman/unix-loggers/netguard-1.0.0.tar.gz Network Flight Recorder http://www.nfr.net Perro (formerly Protolog) http://www.grigna.com/diego/linux/protolog/index.html Psionic Portsentry from the Abacus project http://www.psionic.com/abacus/ RealSecure by Internet Security Systems (ISS) http://www.iss.net Scanlogd ftp://ftp.technotronic.com/unix/protocol-loggers/scanlogd.c.gz Secured by Memco http://www.memco.com Secure Shell (SSH) http://www.ssh.fi http://www.datafellows.com SessionWall-3 by Abirnet/Platinum Technology http://www.abirnet.com Denial of Service Land and Latierra http://www.rootshell.com/archive-j457nxiqi3gq59dv/199711/land.c.html http://www.rootshell.com/archive-j457nxiqi3gq59dv/199711/latierra.c.html Portfuck http://www.stargazer.net/~flatline/filez/portfuck.zip Smurf & Fraggle http://www.rootshell.com/archive-j457nxiqi3gq59dv/199710/smurf.c.html http://www.rootshell.com/archive-j457nxiqi3gq59dv/199803/fraggle.c.html Synk4 http://www.jabukie.com/Unix_Sourcez/synk4.c http://www.rootshell.com/archive-j457nxiqi3gq59dv/199711/teardrop.c.html Teardrop, newtear, bonk, syndrop http://www.rootshell.com/archive-j457nxiqi3gq59dv/199801/newtear.c.html http://www.rootshell.com/archive-j457nxiqi3gq59dv/199801/bonk.c.html http://www.rootshell.com/archive-j457nxiqi3gq59dv/199804/syndrop.c.html Enumeration Tools Bindery http://www.nmrc.org/files/netware/bindery.zip Bindin ftp://ftp.edv-himmelbauer.co.at/Novell.3x/TESTPROG/BINDIN.EXE Epdump http://www.ntshop.net/security/tools/def.htm Finger ftp://ftp.cdrom.com/.1/novell/finger.zip Legion ftp://ftp.technotronic.com/rhino9-products/legion.zip NDSsnoop ftp://ftp.iae.univ-poitiers.fr/pc/netware/UTIL/ndssnoop.exe NetBios Auditing Tool (NAT) ftp://ftp.technotronic.com/microsoft/nat10bin.zip Netcat by Hobbit http://www.l0pht.com/~weld/netcat/ Netviewx http://www.ibt.ku.dk/jesper/NTtools/ Nslist http://www.nmrc.org/files/snetware/nut18.zip On-Site Admin ftp://ftp.cdrom.com/.1/novell/onsite.zip Snlist ftp://ftp.it.ru/pub/netware/util/NetWare4.Toos/snlist.exe Somarsoft (dumpacl, dumpreg, etc.) http://38.15.19.115/ user2sid and sid2user http://www.chem.msu.su:8080/~rudnyi/NT/sid.txt Userdump ftp://ftp.cdrom.com/.1/novell/userdump.zip Userinfo ftp://ftp.cdrom.com/.1/novell/userinfo.zip Footprinting Tools ARIN database http://www.arin.net/whois/ Cyberarmy http://www.cyberarmy.com Dogpile (meta search engine) http://www.dogpile.com DomTools (axfr) http://www.domtools.com/pub/domtools1.4.0.tar.gz Ferretsoft http://www.ferretsoft.com Sam Spade http://www.samspade.org Securities and Exchange Commission (SEC) http://www.sec.gov/ USENET Searching http://www.deja.com http://www.dogpile.com VisualRoute http://www.visualroute.com WHOIS database http://www.networksolutions.com WS_ Ping Pack Pro http://www.ipswitch.com Gaining Access L0phtcrack's Readsmb http://www.l0pht.com/ Legion http://www.rhino9.com NetBios Auditing Tool (NAT) ftp://ftp.technotronic.com/microsoft/nat10bin.zip Nwpcrack http:www.nmrc.org/files/netware/nwpcrack.zip SMBgrind by NAI Included with CyberCop Scanner from Network Associates (http://www.nai.com) Sniffit http://newdata.box.sk/neworder/a/sniffit.0.3.2.tar.gz SNMPsniff http://www.AntiCode.com/archives/network-sniffers/snmpsniff-1_0.tgz THC login/telnet http://thc.pimmel.com/files/thc/thc-lh11.zip Privilege Escalation and Back Door Tools Elitewrap http://www.multimania.com/trojanbuster/elite.zip Getadmin http://www.ntsecurity.net/security/getadmin.htm Hunt http://www.cri.cz/kra/index.html#HUNT Imp http://www.wastelands.gen.nz/ Invisible Keystroke Logger http://www.amecisco.com/iksnt.htm Jcmd http://www.jrbsoftware.com John the Ripper http://www.false.com/security/john Netbus http://www.netbus.org Netcat http://www.l0pht.com/netcat NTFSDOS http://www.sysinternals.com NTuser http://www.pedestalsoftware.com Pandora by NMRC http://www.nmrc.org/pandora/download.html Pwdump2 http://www.webspan.net/~tas/pwdump2/ Revelation by Snadboy http://www.snadboy.com Sechole http://www.ntsecurity.net/security/sechole.htm SNMPsniff http://packetstorm.harvard.edu/sniffers/snmpsniff-1.0.tar.gz Unhide http://www.webdon.com Virtual Network Computing (VNC) http://www.uk.research.att.com/vnc Pilfering File Wrangler http://www.tucows.com PowerDesk's ExplorerPlus http://www.mijenix.com/powerdesk98.asp Revelation http://www.snadboy.com Rootkits and Cover Tracks Cygwin Win32 (cp and touch commands) http://www.cygnus.com Wipe ftp://ftp.technotronic.com/unix/log-tools/wipe-1.00.tgz Zap ftp://ftp.technotronic.com/unix/log-tools/zap.c Scanning Tools BindView http://www.bindview.com Chknull http://www.nmrc.org/files/netware/chknull.zip CyberCop Scanner by NAI http://www.nai.com Firewalk http://www.packetfactory.net/firewalk/ Fping http://packetstorm.harvard.edu/ HackerShield by Bindview http://www.bindview.com/netect Hping http://www.kyuzz.org/antirez/ InspectorScan by Shavlik http://www.shavlik.com Internet Scanner by ISS http:/www.iss.net Kane Security Analyst http://www.intrusion.com Network Mapper (Nmap) http://www.insecure.org/nmap NTInfoscan http://www.infowar.co.uk/mnemonix/ Pinger ftp://ftp.technotronic.com/rhino9-products/pinger.zip Scan http://www.prosolve.com Solarwinds http://www.solarwinds.net Strobe http://www.hack-net.com/cgibin/download.cgi?strobe-1_03.tgz Udpscan ftp://ftp.technotronic.com/unix/network-scanners/udpscan.c WebTrends Security Analyzer by WebTrends http://www.webtrends.com WS_Ping Pack Pro http://www.ipswitch.com War Dialing Tools PhoneSweep by Sandstorm http://www.sandstorm.net THC http://www.infowar.co.uk/thc/ ToneLoc http://www.hackersclub.com/km/files/pfiles/Tl110.zip Please send comments and suggestions to stu@hackingexposed.com.