Security Tools

I subscribe to an e-mail newsletter from Shavlik Technologies, Remediator Security Digest. The April edition contained an article by Eric Schultze entitled Thinking like a hacker.

The article was separated into seven steps that a systematic hacker would follow:

  1. Perform a footprint analysis
  2. Enumerate informatio
  3. Obtain access through user manipulation
  4. Escalate privileges
  5. Gather additional passwords and secrets
  6. Install backdoors
  7. Leverage the compromised system

At the send of each step, one or more commonly used tool was described. The list did not include links to the tools so I have added them here where appropriate. 

Nslookup Command line tool in Windows NT 4.0, Windows 2000, and Windows XP that can be used to perform DNS queries and zone transfers. 

Tracert Command line tool used by hackers to create network maps of the target’s network presence. 

SamSpade The SamSpade.org Web interface that performs Whois lookups, forward and reverse DNS searches, and traceroutes. Also SamSpade Windows application. 

Nmap Unix-based port scanner.

ScanLine Windows NT-based port scanner. 

Netcat(Unix/Linux)/Netcat (Windows) The hacker’s Swiss army knife. Used for banner grabbing and port scanning, among other things. 

Epdump/Rpcdump Tools to gain information about remote procedure call (RPC) services on a server. 

Getmac (From the Windows 2000 resource kit) Windows NT command to obtaining the media access control (MAC) Ethernet layer address and binding order for a computer running Windows NT 4.0, Windows 2000, or Windows XP. 

DumpSec Security auditing program for Windows NT systems. It enumerates user and group details from a chosen system. This is the audit and enumeration tool of choice for Big Five auditors (PricewaterhouseCoopers, Ernst & Young, KPMG, Arthur Andersen, and Deloitte & Touche) and hackers alike. 

NetBIOS auditing tool Brute force password guessing tool. 

Pwdump2 Tool that can obtain password hashes from the SAM database or the Active Directory. 

Lsadump2 Tool that exposes the contents of the LSA in clear text. 

LC3 (Could not find an appropriate link) Password auditing tool that evaluates Windows NT, Windows 2000, and Windows XP password hashes. 

John the Ripper Password cracking tool for several operating systems. 

Fpipe A port redirector for Windows systems. Allows the source port for redirected traffic to be specified. 

Advertisements

Steve Mullen has been involved in information technology for over 35 years. He is also actively involved in the music program (voice and English hand bells) and Vestry of St. Anne’s Episcopal Church in Damascus, MD.

Posted in Blog, Security
One comment on “Security Tools
  1. […] This is a follow-up to an earlier post on Security Tools. An article in Information Security magazine in September 2005 described five hacker tools that security experts should have: […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Error: Twitter did not respond. Please wait a few minutes and refresh this page.

Categories
May 2006
M T W T F S S
« Apr   Jun »
1234567
891011121314
15161718192021
22232425262728
293031  
%d bloggers like this: