Tools

Reconnaissance
- Footprinting
Scanning and Enumeration
- Proxy
- Anonymizer
- Vulnerability Scanning
- NetBIOS
- SNMP
- LDAP
- Sniffing
- SIEM
- IDS
- IPS

mat2 is a metadata removal tool

Reconnaissance

Footprinting

Search Engine

Google Hacking

“Do a barrel roll”
“atari breakout”
“binary”
“tilt”

Website and Email Footprinting

DNS Footprinting

dig (domain information groper)

dig @server name type
dig -h

nslookup //[-options] {hostname | [-server]}//

Query internet name server interactively

To see network range: www.arin.net

whois footprinting:

www.geektools.com
www.dnsstuff.com
www.samspade.com

Network Footprinting

To see hops: traceroute //hostname// (tracert //hostname// on Windows)

More similar tools:

McAfee’s Visual Trace / NeoTrace
Trout
VisualRoute

Scanning and Enumeration

Scanning

ping (ICMP)
nmap
Angry IP Scanner (often considered a malware, avoid)
SolarWinds Engineer Toolset
Network Ping
OPUtils
McAfee SuperScan (also a NetBIOS enumeration engine)
Advanced IP Scanner
Pinkie
Hping3
MegaPing
Net Tools
PRTG Network Monitor

Mobile Tools

IP Scanner(10base-t.com)
Fing (www.fing.io)
Hackode (play.google.com)
zANTi (www.zimperium.com)
PortDroid Network Analysis (play.google.com)

Proxy

proxydroid
Servers ultimate (www.icecoldapps.com)
NetShade

Anonymizer

Orbot
Psiphon
OpenDoor
Shadowsocks

gzapper

Vulnerability Scanning

Retina CS
Microsoft Baseline Security Analyzer
Nessus

Enumeration

Enumeration in Linux

finger (provides info on user and host machine)
rpcinfo
rpcclient (provides info on RPC in the environment)
showmount (displays shared directories on machine)

telnet

netcat

nc <IPaddress or FQDN> <port number>

NetBIOS

nbtstat -n (for local table)
nbtstat -A IPADDRESS (for remote system’s table)
nbtstat -a COMPUTERNAME (ditto)
nbtstat -c (for cache)

SNMP

Engineer’s Toolset
SNMPScanner
OpUtils 5
SNScan

LDAP

Softerra
JXplorer
Lex
LDAP Admin Tool

Sniffing

For Windows, WinPcap

For Linux, libpcap

SIEM

OSSIM
Splunk