Mac OS

Apple Mac OS X

SAINT

SAINT, or the Security Administrator's Integrated Network Tool, uncovers areas of weakness and recommends fixes. With the SAINT® vulnerability scanner, you can:

* Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
* Anticipate and prevent common system vulnerabilities.
* Demonstrate compliance with current government regulations such as FISMA, SOX, GLBA, HIPAA, and COPPA and with industry regulations such as PCI DSS.

Libwhisker

Libwhisker is a Perl module geared specificly for HTTP testing.
Libwhisker has a few design principles:

- Portable: runs with 0 changes on Unix, Windows, etc (100% Perl)
- Flexible: designed with a 'no rules' approach
- Contained: designed to not require external modules when possible
- Localized: does not require installation to use

NSAT

NSAT is a robust scanner which is designed for:

* Different kinds of wide-ranging scans, keeping stable for days
* Scanning on multi-user boxes (local stealth and non-priority scanning options)
* Professional-grade penetration testing and comprehensive auditing
* Easy full-scale archiving of vulnerability and version information for further purposes
* Time-less configuration - as a banner scanner for many known services and protocols
* Virtual host support, host/network exclusion support
* Flexibility and configurable scanning
* Distributed scanning (new feature; beta status)

Works on:
All BSD Platforms (FreeBSD/NetBSD/OpenBSD/Apple Mac OS X),
All POSIX (Linux/BSD/UNIX-like OSes),
Linux, Solaris

Burpsuite

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.
Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, scan, attack and exploit web applications. The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another.

Sara

The Security Auditor's Research Assistant (SARA) is a third generation network security analysis tool

YAPH - Yet Another Proxy Hunter

YAPH is a proxy hunter for the Unix platform. It allows to find public access proxy servers on the Internet and to validate proxy lists. YAPH reveals SOCK4, SOCKS5, and HTTP (CONNECT method) proxies. HTTP proxies are tested for CONNECT method only, since only this method provides ability to tunnel TCP through HTTP proxy. YAPH utilizes the power of Nmap, a network mapper written by Fyodor. Nmap provides to YAPH the capability to find new undiscovered public proxy servers on the Internet.

Par2

While not directly related to hacking in any fasion, this is just a cool utility, anyone and everyone should make use of.

http://www.par2.net/

Par2 makes parity files for various archives, primary used on newsgroups, par/par2 can greatly increase redundancy on compressed archives.

This app has many uses, some not so obvious. Particularly, when I make optical media backups I prefer to compress them, password protect, par2 the file, then burn. This has a few advantages as cd's and dvd's are prone to scratches, the par files can recover a bad rar, while still maintaining your password over the archive. This adds security and redundancy to the backup.

Olive - JUNOS on PC

Excerpt from site:

"The most common use of the Olive platform is for creative and UNIX-competent hackers to learn the JUNOS CLI on a low-cost platform. It is capable of forwarding a small amount of traffic, but does not support many of the features found on real Juniper routers. Essentially the forwarding on an Olive is the same as routing traffic via your fxp0 or em0 management interface on a real Routing Engine."

-----------------
While not a Juniper FW, the above pretty much sums it up, there are some prebuilt VM's existing for folks interested in JUNOS CLI without additional hardware somewhere on the internet Wink

There is no support. Juniper says it doesn't exist. See page for more info.

--Said all OS's since you can vm it.

Gerix Wifi Cracker NG

Gerix Wifi Cracker NG is a pretty nice GUI for the Aircrack Suite.

#-- There is litterally a Grandma holding a pistol grip cantenna cracking wifi on thier main page!.

Site Exceprt:

0×01 - Introduction

Here we are to present the new version of Gerix Wifi Cracker NG (New Generation), a really complete GUI for Aircrack-NG which includes useful extras.
Completely re-written in Python + QT, automates all the different techniques to attack Access Points and Wireless Routers (but not only ..)
[...]
Who has never wanted to say something like: “This software is so simple to use, that even my grandmother can use it for cracking wireless networks!”… So, we have really tried this test.

THC Hydra

THC is an acronym for "The Hackers Choice"; a group of security experts based out of Germany.
Hydra is their application written for launching brute force password cracking attempts on different protocols.
Commonly used against web and ssh logins, but available for use with other types.
If you run servers and check your /var/log/auth.log text file and see a bunch of wrong connection attempts from the same location to your ssh server, they're probably using this to try and get in.

Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC,

Syndicate content