SOLDIERX.COM Nobody Can Stop Information Insemination

This is a tool that is built into unix based systems to print the strings of printable characters in files or programs.. Used for information gathering while reverse engineering a file. Below I have supplied a link to a man page for the command along with usage of the tool.

http://www.thegeekstuff.com/2010/11/strings-command-examples/
http://unixhelp.ed.ac.uk/CGI/man-cgi?strings

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

Pangolin is a penetration testing, SQL Injection test tool on database security. It finds SQL Injection vulnerabilities.Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user”s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.

creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.

MSSQLScanner is a multithreaded java based dictionary attack tool with the capability of spawning an SQL Query Shell and xp_cmdshell for pentesting your MS SQL Database server.

“PostgreSQL is a powerful, open source object-relational database system. It has more than 15 years of active development and a proven architecture that has earned a strong reputation for reliability, data integrity, and correctness.

This java based application helps you parse contents of your script e.g. PHP scripts and automatically convert it as hex value, some pentesters use this method to test for possible sql injection vulnerability in a website.

This distro will serve as a dojo for everyone who are just starting to explore the world of web application security or who just want to practice their fu in a legal environment. This maybe the distro that your looking for. Project Playground or “PiPi” is packed with different web apps intended to have vulnerabilities that is made by security experts and enthusiast all around the world. This includes DVWA, mutillidae, gruyere and infamous webgoat and many more. The distro is also packed with different tools such as paros,w3af, sqlmap and many more for penetration testing on the web apps.

Matriux Krypton final was released last 2011.08.15 and is another open source security distribution for ethical hackers and penetration testers. Compiled with a cool set of tools which they call arsenals, this distro can be used for penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, exploiting, cracking, data recovery and many more.

WEAKERTH4N is one of the awesome pentesting distros I have ever tried. It’s still in its BETA release but the developer has done a good job for this project that some cool pentesting tools included in this distro. It is built from Debian Squeeze and uses Fluxbox as it Desktop environment. You can install this live pentesting distro using Custom Remastersys Installer. It has a lot of wireless tools unlike BackTrack 5.It has the old Android Hacking features.