Tools you pay for
Free info and tools
www.2600.com or the news group
www.accentsoft.com Forgotten or lost a password to your Microsoft® Office document
airsnort.shmoo.com/ AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions
www.astalavista.com Lots of good tools and reading
www.attrition.org
www.atstake.com Sells Lopht Crack and other software
www.BackOrifice.com List/Upload Files,
Sniff network
www.cotse.com/ virus information, bug fixes, tools, and a whole lot more
brutus This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof
CNET.com
Downloads PC Utilities Security Encryption
ftp://coast.cs.purdue.edu/pub/tools/unix/scanners/iss/ Internet Security Scanner (UNIX)
http://www.cultdeadcow.com/main.php3 All sorts of shit!! Beware!!!
www.dark-secrets.com/hacking/index.html
??
www.defcon.org promotes the annual hacker convention and offers links to a variety of downloads, including cracks, scanners, and other tools
www.eeye.com/html/Products/Retina/
Very good Port Scanner
http://home.eunet.no/~pnordahl/ntpasswd/
this is a free open source program and won't cost any thing and it will let you change even a linux password if you would like also.
www.e-secure-db.us/dscgi/ds.py/View/Collection-1847
Hacking Demo's - Canned Demonstrations, presentations etc
www.ethereal.com Windows Sniffer
www.foundstone.com Click on resources at the top then free tools on the left
http://www.genocide2600.com/index.html good resources
www.geeksarecool.com/hacking/ everthing expalained
www.geeksarecool.com/hacking/virus/macros.txt The melisa virus code
groups.google.com/groups?hl=en&lr=&group=comp.hackers
googles news group
www.hackersnews.com
happyhacker.org
www.infoworld.com/security
www.itfreaks.comHacker Hyperlinks
www.knoppix.com a bootable CD with a collection of GNU/Linux software
www.lcpsoft.com/english/index.htm LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003
www.lostpassword.com/ retrieve passwords from most applications
http://www.nessus.org/ the world's most popular open-source vulnerability scanner
www.netstumbler.com Find other companies wireless networks
www.nirsoft.net free password recovery tools for variety of programs
www.ntsecurity.nu/toolbox/ Lots of software
www.openwall.com/john John the Ripper password crack
www.passwordrecoverytools.com To recover any Office Password
passwordspectatorpro.say-it-now.com See the password behid the asterisks with this software
www.phrack.org hacker publication offering news and information
ftp.porcupine.org/pub/security Security Administrator Tool for Analyzing Networks (SATAN)
razor.bindview.com/tools/desc/pwdump2_readme.html
PWDump2 - Extract Windows encryoted sam
www.secadministrator.com/Articles/Index.cfm?ArticleID=9269 explains the hack
www.socialengineering101.com Social Engineering forum for Social Engineers SE
http://www.sunbelt-software.com/product.cfm?id=265
change nt 2000 xp admin password need local access
www.sunbelt-software.com/ L0pht Crack
www.technotronic.com
www.toorcon.org a meeting place for many of the top hackers and security professionals from all around the world
www.users.dircon.co.uk/~crypto/download/c50-faq.html
Unix password cracking program and some dictionaries
www.warez.com Lots of weired stuff
www.winpcap.org/windump WinDump is the official Windows version of tcpdump
Sorry but so many of these sites come and go daily!
Windows Software to look for . . .
95screensavercrack.exe
can be used to discover Windows 9x screen saver password
Chknull.exe is a DOS utility that can be used to determine usernames with not passwords
DLL Injection - Insert a hack program/Trojan in place of a normal DLL.
(Set Permissions, stop port 139, use TripWire or Intact etc.)
GetAdmin.exe run locally can add a user to the local administrator group
L0phtCrack.exe and PWLTool.exe can be used to crack C:\Windows\*.pwl file and SAM
Legion.exe can be used to show all shares including hidden and log on
NAT.exe (NetBIOS Auditing Tool) can be used to show all shares including hidden and log on
NetBus.exe - Keystroke logging, Sniffing the network (Stop email attachments, patch your IIS)
Sechole used on IIS and run remotely. It adds IUSR_Computername account to local Administrator group
SSBypass.exe can be used to discover Windows 9x screen saver password
SubSeven.exe - Upload/download files, retrieve passwords
RootKit A utility that can perform registry key hiding and .Exe redirection rendering a system completely untrustworthy available at www.rootkit.com
Search for Rainbow Crack
Netcat Can be configured to listen on a particular port and launch a specific program when that port accepts a
connection
C:\nc –L –d –e cmd.exe -p 8080
-L makes connection persistent across multiple connections
-d runs netcat in stealth mode
-e specifies the program
-p specifies the port to listen on
Disabling Auditing
NTRK has a utility called auditpol
Auditpol /disable [enable]
This will turn off auditing on the system while hacking takes place and turn it
on when complete
Clearing the Event Log
Elsave from www.ibt.ku.dk/jesper/Nttools/
can be used to clear the event log
c:\elsave –s \\computername -l “Security” –C
Event log is located => C:\winnt\system32\config
Common Types of Reconnaissance Scans
1) TCP scans-Scanning TCP ports for running services (YAPS)
2) Ping sweeps- Finding active systems through pinging a range of addresses
(UDP scans- Scanning UDP ports for running services)
3) Account scans- Attempted login with a variety of accounts (NAT)
4) OS identification- When sending a TCP packet a system will respond in a
uniform consistent manner which allows the O/S to be identified
Microsoft Word contains a protection-bypass vulnerability. By performing a simple process (outlined in the demonstration below), a malicious user can unprotect a protected document without the use of a password cracker or other special tools.
The discoverer posted the following demonstration as proof of concept:
1.) Open a protected document in Word.
2.) Choose the Save As Web Page (*.htm; *.html) option and close Word.
3.) Open the HTML document in any text editor.
4.) Search the tag for a line that looks like: ABCDEF01. Gather the password.
5.) Open the original .doc document with any hex editor.
6.) Search for hex values of the password (reverse order).
7.) Overwrite all four double-bytes with 0x00. Save, and close.
8.) Open the document in Word. Select Tools, Unprotect Document. Password is blank.
utility to reset the password of any user local account
It works offline, that is, you have to shutdown your computer and boot off a floppydisk or CD. The bootdisk includes stuff to access NTFS and FAT/FAT32 partitions and scripts.
It is also a fully functional registry editor!
Reset bios password
Find a Utility called Debug
Read, Stealing the Network. How to own the box ISBN: 1931836876
Free Software I Use . . .
Cain & Abel is a password recovery tool for Microsoft Operating Systems
www.ethereal.com Windows Sniffer
SupperScan4 highly popular Windows port scanning tool
nmap Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts
www.openwall.com/john/ John the Ripper is a fast password cracker
www.kismetwireless.net Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system
www.stumbler.net Netstumbler is the best known Windows tool for finding open wireless access points ("wardriving").
www.pgp.com PGP is the famous encryption program by Phil Zimmerman which helps secure your data from eavesdroppers and other risks
www.eeye.com/retina NEED TO FILL IN FORM - Retina® Network Security Scanner, recognized as the industry standard for vulnerability assessment, identifies known security vulnerabilities
www.winpcap.org/windump WinDump is the official Windows version of tcpdump
YAPS
Back To Main Page
Updated October 10, 2007
Copyright© 2007 by Dana Shea
Copyright© All rights Reserved. No part of the contents of this
site may be reproduced
or transmitted in any form or by any means without
written permission.
| Any questions or problem links please email
|
|