Packet Manipulation

Netfilter

The current Linux kernel packet filter/firewall
Netfilter is a powerful packet filter implemented in the standard Linux kernel. The userspace iptables tool is used for configuration. It now supports packet filtering (stateless or stateful), all kinds of network address and port translation (NAT/NAPT), and multiple API layers for 3rd party extensions. It includes many different modules for handling unruly protocols such as FTP.

Paros proxy

A web application vulnerability assessment proxy java based web proxy for assessing web application vulnerability.

Wellenreiter

Wellenreiter is a GTK/Perl program that makes the discovery, penetration and auditing of 802.11b wireless networks as easy as possible. All three major wireless cards (Prism2 , Lucent, and Cisco) are supported. Usability is one of the main goal.

ProxyChains

ProxyChains allows TCP and DNS tunneling through proxies. Different types of proxies can be mixed together to form a "chain" of proxies through which connections can be tunneled in order to help maintain anonymity.

About proxychains tool:
* It's a proxifier.
* Latest version: 3.1
* Dedicated OS: Linux and other Unices.
* Allows TCP and DNS tunneling through proxies.
* Supports HTTP, SOCKS4 and SOCKS5 proxy servers.
* Different proxy types can be mixed in the same chain.
* Proxy chain: user-defined list of proxies chained together.

Usability :
* Run any program through proxy server.
* Access the Internet from behind a restrictive firewall.
* Hide your IP
* Run SSH, telnet, wget, ftp, apt, vnc, nmap through proxy servers.
* Access Intranets (192.168.*.*/10.*.*.*) from outside through reverse proxy.

YAPH - Yet Another Proxy Hunter

YAPH is a proxy hunter for the Unix platform. It allows to find public access proxy servers on the Internet and to validate proxy lists. YAPH reveals SOCK4, SOCKS5, and HTTP (CONNECT method) proxies. HTTP proxies are tested for CONNECT method only, since only this method provides ability to tunnel TCP through HTTP proxy. YAPH utilizes the power of Nmap, a network mapper written by Fyodor. Nmap provides to YAPH the capability to find new undiscovered public proxy servers on the Internet.

Kismet

Kismet is a pretty decent tool to have in your wireless arsenal.
It's mostly used for identifying wireless networks in the area and gaining as much information about them as possible even if the information is not supposed to be available.
This helps drastically when you start to actually attack the network/device with aircrack or something similar, you already have all the information you need.

Feature set:
802.11b, 802.11g, 802.11a, 802.11n sniffing
Standard PCAP file logging (Wireshark, Tcpdump, etc)
Client/Server modular architecture
Multi-card and channel hopping support
Runtime WEP decoding
Tun/Tap virtual network interface drivers for realtime export of packets
Hidden SSID decloaking
Distributed remote sniffing with Kismet drones
XML logging for integration with other tools
Linux, OSX, Windows, and BSD support (devices and drivers permitting)

Ettercap

I believe, ettercap was a tool used a lot more often before things like wireshark and cain and abel came out or at least "got big".
It has support for a lot of different platforms, but it's main job is sniffiing the network and manipulating where the traffic goes or how it gets there thus allowing you to perform MiTM attacks easily. It features filtering just like wireshark and is able to dissect protocols just as well.

Sqlmap

Sqlmap is awesome, that's all you need to know.

It will basically check a website and try or allow you to inject sql query's into the sites backend database.
If successful you could use it to dump all information in said name database that you are looking at.
This can include but is not limited to: usernames, passwords, email addresses, customer information, etc.. etc...
Sqlmap is also able to be used or integrated with a variety of other applications and attacks such as using it in combination with metasploit and possibly even nikto or nmap would yield great results. =]

FYI... this really great when they happen to be running an ldap server and the usernames are not just for logging into a web application or the database to alter files but are actually for the system itself!

Winsock Packet Editor (WPE) Pro

Winsock Packet Editor (WPE) Pro is a packet sniffing/editing tool which is generally used to hack multiplayer games. WPE Pro allows modification of data at TCP level. Using WPE Pro one can select a running process from the memory and modify the data sent by it before it reaches the destination. It can record packets from specific processes, then analyze the information. You can setup filters to modify the packets or even send them when you want in different intervals.

Scapy

Scapy is a packet manipulator used for crafting packets, sending packets, sniffing them etc. Also runs on Linux and Windows.

Syndicate content