Netcat is a computer networking service for reading from and writing network connections using TCP or UDP. Netcat is designed to be a dependable “back-end” device that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of correlation you would need and has a number of built-in capabilities.
In 2000, according to www.insecure.org, Netcat was voted the second most functional network security tool. Also, in 2003 and 2006 it gained fourth place in the same category. Netcat is often referred to as a "Swiss-army knife for TCP/IP." Its list of features includes port scanning, transferring files, and port listening, and it can be used as a backdoor.
Some of netcat's major features are:
* Outbound or inbound connections, TCP or UDP, to or from any ports
* Full DNS forward/reverse checking, with appropriate warnings
* Ability to use any local source port
* Ability to use any locally-configured network source address
* Built-in port-scanning capabilities, with randomization
* Built-in loose source-routing capability
* Can read command line arguments from standard input
* Slow-send mode, one line every N seconds
* Hex dump of transmitted and received data
* Optional ability to let another program service established connections
* Optional telnet-options responder
* Featured tunneling mode which allows also special tunneling such as UDP to TCP, with the possibility of specifying all network parameters (source port/interface, listening port/interface, and the remote host allowed to connect to the tunnel.
Examples
Opening a raw connection to port 25 (like telnet)
nc mail.server.net 25
Setting up a one-shot webserver on port 8080 to present a file
{ echo -ne "HTTP/1.0 200 OK\r\n\r\n"; cat some.file; } | nc -l 8080
VMware is a virtual machine software suite for x86 and x86-64 computers.
"It allows you to boot another OS inside of your existing OS."
An example is you could theoretically create an entire virtual environment just for pentesting, application testing, anything you want.
Intel® C++ Compiler offers support for creating multi-threaded applications. Only the Professional Edition offers the breadth of advanced optimization, multi-threading, and processor support that includes automatic processor dispatch, vectorization, auto-parallelization, OpenMP*, data prefetching, and loop unrolling, along with highly optimized C++ templates for parallelism, math processing, and multimedia libraries.
OllyDbg is a debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries. According to the program's help file, version 1.10 is the final 1.x release. Version 2.0 is in development and is being written from the ground up. The software is free of cost, but the shareware license requires users to register with the author. OllyDbg is only available in 32-bit binaries.
Special highlights are:
Interactive Disassembler Pro. Supports 80x86 binaries and FLIRT, a unique Fast Library Identification and Recognition Technology that automagically recognizes standard compiler library calls. Widely used in COTS validation and hostile code analysis.
In short it's what we like to call the "Reverse Engineer's Wet Dream".
WinHex is a hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. Also a advanced tool for everyday and emergency use.
Microsoft Windows SDK is a software development kit from Microsoft that contains header files, libraries, samples, documentation and tools utilizing the APIs. The Windows SDK can be used to write applications that target Windows XP and Windows Server 2003 as well as Windows Vista and Windows Server 2008 while the older Platform SDK can be used to develop applications for Windows 2000, Windows XP and Windows Server 2003. The Windows SDK replaces the Platform SDK, the WinFX SDK and the .NET Framework 2.0 SDK. The package contains over 100 million words of documentation and nearly 1000 samples. Although the SDK itself is available free of cost, obtaining the SDK requires that the copy of Windows be validated.
A development environment, and programmers best friend when it comes to designing windows applications. A little pricey, but free for academic use under the MSDNAA.
Free open-source disk encryption software.
Main features:
- Creates a virtual encrypted disk within a file and mounts it as a real disk.
- Encrypts an entire partition or storage device such as USB flash drive or hard drive.
- Encrypts a partition or drive where Windows is installed (pre-boot authentication).
- Encryption is automatic, real-time (on-the-fly) and transparent.
- Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
- Encryption can be hardware-accelerated on modern processors.
- Provides plausible deniability, in case an adversary forces you to reveal the password:
- Hidden volume (steganography) and hidden operating system.