RE: All of the things you need to learn to be a pen-tester (Re: Pen t est basic needs)

From: richard (barbarian@cryptomail.org)
Date: Mon Aug 08 2005 - 16:24:37 EDT

U will probably need to "morphine" your evil apps before you run them on an AV protected machine - download morphine from hxdef.org; might as well pick up a copy of hf's rootkit while your there...
Richard
- every1 say: "thankyou HF!"
-----Original Message-----
From: Matt Reid [mailto:matthew@servepath.com]
Sent: Saturday, 6 August 2005 8:06 AM
To: Omar Herrera; pen-test@securityfocus.com
Subject: Re: All of the things you need to learn to be a pen-tester (Re: Pen t est basic needs)
Hi all,
Here is a basic list of some progs to use for pen-testing. If anyone
wants to add some on here in the respective categories we could get a
really good list going for pen-testers!
-Matt Reid
*Port Scanners*
Amap – versioning port scanner
NMap – general purpose port scanner
pPscan – proxy port scanner
*
Vuln Scanners*
Nessus – general vul. scanner
DNAscan – for ASP
Owa – Outlook Web
Nikto – http vulns
*Brute Forcers & Crackers*
John the Ripper – password cracker
WlGen – word list generator
Hydra – multi-protocol authentication brute forcer
*DNS enumeration*
Ghba – RDNS scanner
Dig – DNS lookup util
Nslookup – interactive name server query engine
*Loggers*
Tcpdump – network traffic dumper
Ethereal – network traffic analyzer – use in conjunction with tcpdump
Kismet – wifi traffic analyzer
*Dicts [to concat into larger file]*
Argon – 2GB dict file
Cracklib - another good one
Word.lst - word list
*Trojans & Rootkits*
BackOrifice - Back Orifice is not a virus. It is in essence a remote
administration tool.
LRK – Linux-kernel Root Kit
Netbus - NetBus runs under the NT operating system as well as Win95/98
*Firewall Throughpass*
Firewalk – trace packets through firewall filters
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+
CryptoMail provides free end-to-end message encryption.
http://www.cryptomail.org/ Ensure your right to privacy.
Traditional email messages are not secure. They are sent as
clear-text and thus are readable by anyone with the motivation
to acquire a copy.
!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:43 EDT