Collection of resources, links and stuff to keep your backbone tidy {{{ DISCLAIMER: There is no security thru obscurity. The purpose of this workshop is solely educational, everyone is responsible for choosing the hat to dress ;) }}} == Anonymous networking == Tools to improve your privacy when sharing informations * [[http://mute-net.sourceforge.net|MUTE File Sharing]] ''(C/C++)'' is a peer-to-peer network that provides easy search-and-download functionality while also protecting your privacy * [[http://entropy.stop1984.com/en/home.html|ENTROPY]] ''(C/C++)'' stands for Emerging Network To Reduce Orwellian Potency Yield and as such describes the main goal of the project. * [[http://tor.eff.org|Tor]] ''(C/C++)'' is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol * [[http://freenet.sourceforge.net|Freenet]] ''(Java)'' is free software which lets you publish and obtain information on the Internet without fear of censorship. To achieve this freedom, the network is entirely decentralized and publishers and consumers of information are anonymous. Without anonymity there can never be true freedom of speech, and without decentralization the network will be vulnerable to attack * [[http://kommute.sourceforge.net|Kommute]] ''(C/C++)'' is a KDE file sharing client using the anonymous file sharing network MUTE. * [[http://www.i2p.net|I2P]] ''(Java)'' is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties * [[http://antsp2p.sourceforge.net|ANts P2P]] ''(Java)'' realizes a third generation P2P net: it protects your privacy while you are connected and makes you not trackable, hiding your identity (ip) and crypting everything you are sending/receiving from others. == Data encryption == Tools that make your storage devices a safe place where to store your data * [[http://tomb.dyne.org|Tomb]] An humble and gentle undertaker for your secrets * [[http://www.shlomifish.org/open-source/bits-and-bobs/gringotts-patch/|Gringotts]] Easy to use application to encrypt your files (homepage disappeared, sources are still provided by various distributions, our link points to an up-to-date patch for it) * [[http://reboot.animeirc.de/cryptofs/|CryptoFS]] is a encrypted filesystem for Filesystem in Userspace (FUSE) and the Linux Userland FileSystem (LUFS) using a normal directory to store files encrypted * [[http://www.tldp.org/HOWTO/Cryptoloop-HOWTO/|CryptoLoop]] makes it possible to create encrypted file systems within a partition or another file in the file system * [[http://loop-aes.sourceforge.net|Loop-AES]] provides loadable Linux kernel module that has AES cipher built-in. The AES cipher can be used to encrypt local file systems and disk partitions. * [[http://arg0.net/wiki/encfs|EncFS]] provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. The way Encfs works is different from the “loopback” encrypted filesystem support built into the Linux kernel because it works on files at a time, not an entire block device. * [[http://cryptmount.sourceforge.net/|CryptMount]] is a utility for GNU/Linux operating systems which allows an ordinary user to mount an encrypted filing system without requiring superuser priveleges. It is aimed at recent Linux systems using the 2.6 kernel series. == Network analizers == Software to intercept and analize data flowing across networks * [[http://ettercap.sourceforge.net/|Ettercap]] is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. * [[http://www.ethereal.com/|Ethereal]] is used for troubleshooting, analysis, software and protocol development, and education. * [[http://monkey.org/~dugsong/dsniff/|dsniff]] is a collection of tools for network auditing and penetration testing. * [[http://www.insecure.org/nmap/|Nmap]] is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. * [[http://www.tcpdump.org/|TCPdump]] The classic sniffer for network monitoring and data acquisition: it can be used to print out the headers of packets on a network interface that matches a given expression. * [[http://www.hping.org|Hping]] is a network probing utility which assembles and sends custom ICMP/UDP/TCP packets and displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. This tool is particularly useful when trying to traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities. * [[http://www.cirt.net/code/nikto.shtml|Nikto]] is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs * [[http://www.kismetwireless.net/|Kismet]] is an 802.11b network sniffer and network dissector. It is capable of sniffing using most wireless cards, automatic network IP block detection via UDP, ARP, and DHCP packets, Cisco equipment lists via Cisco Discovery Protocol, weak cryptographic packet logging, and Ethereal and tcpdump compatible packet dump files. * [[http://airsnort.shmoo.com/|AirSnort]] is a wireless LAN (WLAN) tool that recovers encryption keys. * [[http://www.inetcat.org/software/nbtscan.html|NBTScan]] is a program for scanning IP networks for NetBIOS name information. It sends NetBIOS status query to each address in supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address. == Stealth networking == Software to hide interactions across networks: icmp encapsulation, port knocking etc. * [[http://www.portknocking.org/|PortKnocking]] extensive documentation and list of implementations * [[http://coarseknocking.sourceforge.net/|CoarseKnocking]] is a simple implementation of Port Knocking techniques. It sniffs network packets (under firewall blocked) with determined keys and executes commands to open and close ports. In the client mode it injects packets with key to server. == Daemon shields == Programs that analize traffic and logfile raising system defenses when needed * [[http://www.techfinesse.com/sshutout/sshutout.html|sshutout]] s a Linux daemon, written in C, that periodically monitors log files looking for multiple failed login attempts via the Secure Shell daemon (sshd, or optionally, sshd2). The daemon is meant to mitigate what are commonly known as "dictionary attacks" * [[http://www.nuclearelephant.com/projects/mod_evasive/|mod_evasive]] is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack ----- = unsorted items, please help adding comment and link = == Footprinting == * NeoTrace * Smart Whois * eMailTracking Pro * MailTracking.com == Scanning == * Cheops * DumpSec * Enum * GetAcct * Hping2 * HTTPort * HTTrack Web Copier * icmpenum * IP Network Browser * IPEye * IPSECSCAN * NAT * netcraft.com * Netscan Tools Pro 2000 * nmap * PhoneSweep War Dialer * Pinger * Queso * SID2User * SocksChain * THC-Scan * User2SID * UserInfo * WS_Ping_Pro == Enumeration == * NeoWatch * SNMPUtil * SolarWinds Toolset == System Hacking == * Legion * NTInfoScan * L0phtCrack * KerbCrack * GetAdmin * hk * SMBRelay * SMBRelay2 * SMBGrinder * SMBDie * NBTDeputy * nbname * John the Ripper * Spector * eBlaster * SpyAnywhere * IKS * Rootkit * Tripwire * Elslave * Winzapper * Evidence Eliminator * makestrm == Steganography == * ImageHide * MP3Stego * Snow * Camera/Shy * dskprobe * EFSView == Buffer Overflows == * Outoutlook == Trojans and Backdoors == * QAZ * Tini * Netcat * Donald Dick * SubSeven * BackOrifice 2000 * BoSniffer * NetBus * Graffiti * Silk Rope 2000 * EliteWrap * IconPlus * Whack a Mole * FireKiller 2000 * Loki == Sniffers == * Etheral * Snort * WinDump * EtherPeek * EtherFlood * DSniff * Macof * mailsnarf * URLsnarf * Webspy * Ettercap * SMAC * WinDNSSpoof * WinSniffer * IRIS * NetInterceptor * SniffDet * WinTCPKill Module 8: Denial of Service * Ping of Death * SSPing * Land * Smurf * SYN Flood * CPU Hog * Win Nuke * RPC Locator * Jolt2 * Bubonic * Targa * Trinoo * WinTrinoo * TFN * TFN2K * Stacheldraht * Shaft * mstream === Preventing DoS Attack === * mod_dosevasive * Find_ddos * SARA * DDoSPing * RID * Zombie Zapper == Social Engineering == (not software tools, but IRL hacks) * Important User * Tech Support * Third Party Authorization * In Person * Dumpster Diving * Shoulder Surfing * Computer Impersonation * Mail Attachments * Popup Windows * Website Faking == Connection Hijacking == * Juggernaut * TTYWatcher * IP Watcher * T-Sight == Hacking Web Servers == * Jill32 * IIS5-Koei * IIS5Hack * IISExploit * UnicodeUploader.pl * cmdasp.asp * IISCrack.dll * ispc.exe * CleanIISLog * Whisker * WebInspect * Shadow Security Scanner == Web Application Vulnerabilities == * Instant Source * Jad * Lynx * Wget * Black Widow * WebSleuth * IEEN == Web Based Password Cracking == * WinSSLMiM * WebCracker * Brutus * ObiWan * Munga Bunga * Varient * PassList * cURL * CookieSpy * ReadCookies * SnadBoy == SQL Injection == * SQLDict * SQLExec * SQLbf * SQLSmack * SQL2.exe * Oracle Password Buster == Hacking Wireless Networks == * NetTumbler * AirSnort * AiroPeek * WEP Cracker * Kismet * WIDZ- Wireless IDS == Virus and Worms == * Cherobyl * ExploreZip * I Love You * Melissa * Pretty Park * Code Red Worm * W32/Klez * BugBear * W32/Opaserv Worm * Nimda * Code Red * SQL Slammer * Worm Construction Kit == Novell Hacking == * Chknull * NOVELBFH * NWPCRACK * Bindery * BinCrack * SETPWD.NLM * Kock * userdump * Burglar * Getit * Spooflog * Gobbler * Novelffs *Pandora == IDS, Firewalls and Honeypots == * fragrouter * TCPReplay * SideStep * NIDSbench * ADMutate == Buffer Overflows == * StackGuard * Immunix