Sniffer

Kismet

Kismet is a pretty decent tool to have in your wireless arsenal.
It's mostly used for identifying wireless networks in the area and gaining as much information about them as possible even if the information is not supposed to be available.
This helps drastically when you start to actually attack the network/device with aircrack or something similar, you already have all the information you need.

Feature set:
802.11b, 802.11g, 802.11a, 802.11n sniffing
Standard PCAP file logging (Wireshark, Tcpdump, etc)
Client/Server modular architecture
Multi-card and channel hopping support
Runtime WEP decoding
Tun/Tap virtual network interface drivers for realtime export of packets
Hidden SSID decloaking
Distributed remote sniffing with Kismet drones
XML logging for integration with other tools
Linux, OSX, Windows, and BSD support (devices and drivers permitting)

Ettercap

I believe, ettercap was a tool used a lot more often before things like wireshark and cain and abel came out or at least "got big".
It has support for a lot of different platforms, but it's main job is sniffiing the network and manipulating where the traffic goes or how it gets there thus allowing you to perform MiTM attacks easily. It features filtering just like wireshark and is able to dissect protocols just as well.

Winsock Packet Editor (WPE) Pro

Winsock Packet Editor (WPE) Pro is a packet sniffing/editing tool which is generally used to hack multiplayer games. WPE Pro allows modification of data at TCP level. Using WPE Pro one can select a running process from the memory and modify the data sent by it before it reaches the destination. It can record packets from specific processes, then analyze the information. You can setup filters to modify the packets or even send them when you want in different intervals.

Scapy

Scapy is a packet manipulator used for crafting packets, sending packets, sniffing them etc. Also runs on Linux and Windows.

Cain and Abel

Windows password cracker, capable of cracking a variety of hashes, as well as arp poisoning, sniffing the network, etc.. to obtain those password hashes in the first place.

Syndicate content