OpenBSD, FreeBSD, Solaris, and/or other Unix variants


What this tool does, although numerous online resources are available, is enable you to submit MD5 and other hashes to be cracked. This & other tools also exist that allow submission of hashes to multiple resources simultaneously in the hope you will obtain the requisite match to allow you to log in with the broken password.


Simple password cracker that attempts to crack password hashes ( md5, sha1, sha256, sha384, sha512) against any given wordlist.
Pre-requisites: Python


This is a tool for security researchers. It allows you to search for either an IP address or a DNS name and display all associated domain names known to Bing.

* If a specific IP address is searched, all domain records associated with that address are displayed
* If a DNS name is searched, all domain records associated with all addresses returned for that DNS name are displayed (this case is shown in the screenshot below)

Two separate self-contained versions of the tool are available: command-line-based and GUI-based. The GUI version can be spawned directly from the browser - no installation or additional files are required - just click on the link in Downloads and select Run.

Both versions require the .NET Framework 3.5.


The BiLE suite includes a number of PERL scripts that can be used by a Penetration Tester to aid in the enumeration phase of a test. BiLE itself stands for Bi-directional Link Extraction utilities. The suite of tools essentially can be used in the footprinting process to find both obvious and non-obvious relationships between disparate. With this information a Pen Tester may then decide to try and access sites with close realtionships to the target as a means of a stepping stone into the target network.
Note: - This process depends on the fact that the linked sites you plan to attack to get thru to your target are actually owned by the target company and are in the scope of the test.


Arping is an ARP level ping utility. It's good for finding out if an IP is taken before you have routing to that subnet. It can also ping MAC addresses directly.


Amap has been designed to correlate the applications that are running on a specific port or ports residing on a host. Amap does this by connecting to the port ( s ) and sending packets that will hopefully trigger an automatic response in reply. These packets typically encompass a standard attempt by an application to carry out a handshake between both hosts. A lot of network daemons only respond to when a connection is attempted utilising an appropriate handshake (i.e. SSL). Amap then correlates this response with its in-built library and verbosely prints to screen.


OVAL's reference interpreter shows how: information can be collected from a computer; definitions can be used to test the system for computer vulnerabilities, configuration issues, programs, and patches; and results of the tests can be presented.

OVAL is an international, information security/community standard that has been designed to:

Promote open and publicly available security content,

Standardise the transfer of this information across the entire spectrum of security tools and services.

OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community. The language standardises the three main steps of the assessment process:

Representing configuration information of systems for testing;

Analysing the system for the presence of the specified machine state (vulnerability, configuration, patch state, etc.);

Reporting the results of this assessment.

One of the minor drawbacks of using the Mitre OVAL framework is that it is command-line based, which can prove time consuming when scans and updates to the framework need to be performed. SSA has been designed to add a graphical front-end to this process and also provides a great deal more extensibility when utilising the framework in conjunctions with their tool.


Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It
currently has modules for the following services: AFP, CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), NNTP, PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (AUTH/VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC. It also includes a basic web form module and a generic wrapper module for external scripts.

While Medusa was designed to serve the same purpose as THC-Hydra, there are several significant differences. For a brief comparison, see:



A web-scale networking platform enabling the next wave of VPN services

? Supports scalable and secure VPN services across Internet
? Works with existing enterprise applications
? Enables real-time interactive collaboration applications
? Remote and secure access to your network and application resources
? Secure and scalable Site-to-Site VPN
? Wireless security


An unusually fast stateless network service and topology discovery system
Scanrand is a stateless host-discovery and port-scanner similar in design to Unicornscan. It trades off reliability for amazingly fast speeds and uses cryptographic techniques to prevent attackers from manipulating scan results. This utility is a part of a software package called Paketto Keiretsu, which was written by Dan Kaminsky. Scanrand and Paketto are no longer actively maintained, but the latest released version can still be found at DoxPara.Com.

Syndicate content