miércoles, 21 de noviembre de 2012

Cuantas herramientas lleva Backtrack de serie?...

Aquí tienes un listado de herramientas/Descripción incluidas en Backtrack, por si te sirve de referencia. Muchas de ellas comentadas en el popular " proyecto pentest colectivo"
Si pinchas en el nombre de la herramienta, accederás a la web del proyecto.
Gracias por leerme, espero que os guste.

by Christopher Charles Taylor

0Trace 0trace is a traceroute tool which can be run within an existing, open TCP connection - therefore bypassing some types of stateful packet filters with ease.
driftnet   Listens to network traffic and picks out images.
dsniff   Suite of tools for network auditing and penetration testing.
ettercap-gtk  Multi purpose sniffer/interceptor/logger for switched LAN's.
giskismet GISKismet is a wireless recon visualisation tool to represent data gathered using Kismet in a flexible manner. 
hping3 Command-line oriented TCP/IP packet assembler/analyser.
maltego  Reconnaissance software.
netdiscover Active/passive address reconnaissance tool, mainly developed for wireless networks without dhcp server.
skipfish  Fully automated, active web application security reconnaissance tool.
tcpdump Powerful command-line packet analyser.
tcpflow TCP flow recorder.
tcptraceroute  Traceroute implementation using TCP packets.
traceroute  Modern implementation of traceroute for Linux systems.
voipong Utility which detects all Voice Over IP calls on a pipeline.
wireshark Network "sniffer" - a tool that captures and analyses packets off the wire.
arping Broadcasts a who-has ARP packet on the network and outputs the answer.
admsnmp SNMP audit scanner.
amap AMAP is a next-generation scanning tool for assistingnetwork penetration testing.
autoscan   Network scanner, useful for discovering and managing applications.
cisco-ocs      Mass cisco scanner
ciscos Cisco Scanner will scan a range of IP address for Cisco routers that haven't changed their default password of "cisco".
fierce    PERL script that quickly scans domains.
fping A ping-like program which uses the Internet Control Message Protocol (ICMP) echo request to determine if a host is up.
grabber  Web application scanner.
iputils-ping  Suite of tools to test the reachability of network hosts.
iputils-tracepath   Tools to trace the network path to a remote host
lanmap2  Builds database/visualisations of LAN structure from passively sifted information.
nbtscan   Program for scanning IP networks for NetBIOS name information.
nmap NMAP port and vulnerability scanner.
onesixtyone  SNMP scanner and bruteforce tool.
p0f Passive OS fingerprinting tool.
portmap RPC port mapper.
sipscan  Fast network scanner for UDP-SIP clients.
smap Simple scanner for SIP enabled devices.
yersinia    Network tool designed to take advantage of some weakeness in different network protocols.
ace Automated Corporate Enumerator (ACE) is a VoIP enumeration tool that mimics the behavior of an IP Phone.
asleap Demonstrates a serious deficiency in proprietary Cisco LEAP networks.
asp-auditor Look for common misconfigurations and information leaks in ASP.NET applications.
blindelephant    Attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes.
braa    Braa is a tool for making SNMP queries.
copy-router-config    Copies cisco router configuration files using SNMP.
dirbuster  JAVA application designed to brute force directories and files names on web application servers.
dns2tcp     Tool for relaying TCP connections over DNS.
dnsenum      Script for enumerating DNS servers.
dnsmap   Used for information gathering/enumeration phase of infrastructure assessments.
dnsrecon  DNS enumeration script.
dnstracer Determines where a given Domain Name Server (DNS) gets its information from.
ike-scan   Command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers.
miranda  Python-based application designed to discover, query and interact with UPNP devices.
httprint    Web server fingerprinting tool.
os-prober Utility to detect other operating systems on a set of drives.
smtp-user-enum Username guessing tool primarily for use against the default Solaris SMTP service.
snmpcheck  Permits to enumerate information via SNMP protocol.
snmpenum Simple perl script to enumerate information on Machines that are running SNMP.
theharvester Tool for gathering e-mail accounts and subdomain names from different public sources.
bed   Designed to check daemons for potential buffer overflows and format strings (as well as other issues).
burpsuite Integrated platform for performing security testing of web applications.
cisco-auditing-tool Perl script which scans cisco routers for common vulnerabilities.
cms-explorer Content Management System (CMS) explorer designed to reveal specific modules, plugins, components and themes of CMS web sites.
mopest  PHP web vulnerability scanner.
nessus   Vulnerability scanner by Tenable.
nikto Open Source (GPL) web server scanner which performs comprehensive tests against web servers.
sipvicious   SIP based VoIP systems auditing tool.
sqlmap  Testing tool that automates the process of detecting and exploiting SQL.
videojak  IP Video security assessment tool.
voiper Allows for extensively and automatiion of testing for VoIP devices for vulnerabilities.
warvox  Suite of tools for exploring, classifying, and auditing telephone systems.
websecurify  Advanced solution to accurately identify web application security issues.
bkhive   Dumps the syskey bootkey from a Windows NT/2K/XP system hive.
chntpw Offline NT password editor.
cmospwd Decrypts password stored in Complementary Metal-Oxide Semi Conductor (CMOS) used to access BIOS SETUP.
eapmd5pass An implementation of an offline dictionary attack against the EAP-MD5 protocol.
fcrackzip   ZIP password cracker, similar to fzc, zipcrack and others.
hashcat    CPU based multihash cracker.
hashcat-utils   Utilities for creating and manipulation wordlists.
hydra Network logon cracker which support many different services.
john  Fast password cracker.
medusa parallel network login auditor
ncrack High-speed network authentication cracking tool.
oclhashcat-lite Very fast single hash GPU based password cracker.
ophcrack Windows password cracker using rainbow tables.
pack Password analys and cracking toolkit.
samdump2   Dumps Windows 2k/NT/XP password hashes.
sipcrack Suite for sniffing and cracking the digest authentification used in the Session Intiation Protocol (SIP) protocol.
thc-pptp-bruter Brute force program against PPTP VPN endpoints (tcp port 1723).
autopsy  Graphical interface to The Sleuth Kit (TSK).
beef-ng Browser Exploitation Framework (BEEF) focuses on leveraging browser vulnerabilities to assess the security posture of a target.
cisco-global-exploiter   Cisco Global Exploiter (CGE) is an advanced, simple and fast security testing tool.
cymothoa     Stealth backdoor tool that injects shellcode into an existing process.
darkmysqli     MySQL injection tool.
framework3 Metasploit Exploitation Framework
mantra     Security framework which can be very helpful in performing all phases of penetration testing.
perl-cisco-copyconfig Provides methods for manipulating the running-config of devices running IOS via SNMP directed TFTP.
sapyto SAP Penetration Testing Framework
set Social-Engineer Toolkit (SET) is a python driven attack framework.
sqlninja Exploits SQL Injection vulnerabilities on web applications using Microsoft SQL.
thc-ipv6 Framework to attack the inherent protocol weaknesses of IPV6.
w3af Web application attack and audit Framework.
wapiti  Web application vulnerability scanner and security auditor.
webslayer   Designed for bruteforcing web applications.
bluediving   Bluediving is a Bluetooth penetration testing suite.
bluemaho     BlueMaho is GUI-shell (interface) for suite of tools for testing security of bluetooth devices.
bluez-hcidump    Analyses Bluetooth Host Controller Interface (HCI) packets.
btscanner BTScanner is designed specifically to extract as much information as possible from a Bluetooth device.
air AIR is a GUI front-end to dd/dc3dd - designed for easily creating forensic images.
bulk-extractor   C++ program that scans a disk image (or any other file) extracting useful information.
dcfldd    Enhanced version of dd for forensics and security.
ddrescue   Similar to dd in that it copies data from one file or block device to another.
fatback  *NIX tool for recovering files from FAT file systems.
galleta   Internet Explorer cookie forensic analysis tool.
pasco Internet Explorer cache forensic analysis tool.
ptk   Computer forensic framework for the command line tools in the SleuthKit.
rkhunter Scans for rootkits, backdoors and local exploits.
sleuthkit (TSK) The Sleuth Kit (TSK) is a collection of forensic command line tools.
vinetto Forensics tool to examine Thumbs.db files.
fragrouter      Network Intrusion Detection (NID) evasion toolkit.
ftester Firewall filtering and Intrusion Detection System (IDS) testing.
snort   Flexible Network Intrusion Detection System (NIDS).
snort-rules-default  Flexible Network Intrusion Detection System (NIDS) ruleset.
snort-common-libraries Flexible Network Intrusion Detection System (NIDS) ruleset.
3Proxy 3Proxy is a lightweight proxy server.
chkrootkit     Designed to check locally for signs of a rootkit.
cpu-checker Evaluates certain CPU (or BIOS) features.
cryptcat   Standard NETCAT enhanced with twofish encryption.
dnswalk  DNS debugger.
gpsd    Global Positioning System - daemon
gpshell     GPshell for Globalplatform
netcat-traditional TCP/IP swiss army knife.
ohrwurm Real-Time Transport Protocol (RTP) fuzzer.
sbd  Secure backdoor NETCAT clone.
socat Alllows for a bi-directional data relay between two independent data channels.
sqlite3 Command line interface for SQLite 3.
stegdetect Automated tool for detecting steganographic content in images.
truecrypt Disk encryption software.
aircrack-ng Aircrack-ng wireless exploitation and enumeration suite.
cowpatty   Cowpatty attacks the WPA/WPA2-PSK exchanges.
freeradius-wpe   A patch for FreeRADIUS implementation to demonstrate RADIUS impersonation. 
kismet   802.11 layer2 wireless network detector, sniffer, and intrusion detection system (IDS).
mdk3  Proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses using the oslib of aircrack-ng.
rfidiot  Python library for exploring RFID devices.
wepcrack  Open source tool for breaking 802.11 WEP secret keys.
wifitap   Wi-Fi injection tool through tun/tap devices.