This is a work in progress…


History of the Internet





TCP RFC 793 describes the DoD Standard Transmission Control Protocol(TCP) 


Port numbers, ip address allocation policies


Binary Conversion Table


ICMP Messages


IP Address Classes from Cisco     


How Subnet Masks Are Used To Determine The Network Number from Cisco      


DNS Overview from Cisco


Understanding TCP/IP


IP Addressing from 3COM


Cisco Documentation Home Page


Troubleshooting micro$oft TCP/IP


Nifty graphical TCP/IP introduction


Network reconnaissance tools


Amap is a scanning tool for Unix  which identifies applications and services even if they are not listening on the default port.




Nmap (Unix) is a free open source utility for network exploration or security auditing


NMapWin is a native Win32 front-end for NMap


NmapNT (Windows) performs stealth scans, ping scans, UDP scans, as well as a handful of other scan types


Penetration testing tools


Brutus will help check routers etc. for default and common passwords


Engage Packet Builder (Windows)is a scriptable packet builder


WebCracker will allow you to test your restricted-access website to make sure that only authorized users are able to get in.


Odysseus is a tool designed for testing the security of web applications.


Achilles acts as a HTTP/HTTPS proxy that allows a user to intercept, log, and modify web traffic on the fly.



Network Management Tools


Cheops (Unix) provide the system administrator tool for locating, accessing, diagnosing, and managing network resources


Cheops-ng (Unix) is the next generation of this popular network management tool for mapping and monitoring your network


Argus system and network monitoring


Nagios Network Monitoring



Security assessment tools


WebScarab is a loose suite of web application security assessment tools


Rough Auditing Tool for Security (RATS)scans source code for security flaws in C, C++, Python, Perl and PHP programs.





Snort is a network-based intrusion detection system


Bro is a network-based intrusion detection system developed at Lawrence Berkeley National Laboratory


SnortSnarf is a Perl program that produces HTML output from SNORT databases


The Stealthy Portscan and Intrusion Correlation Engine


SPADE is a Snort preprocessor plugin which sends alerts of anomalous packet through standard Snort reporting mechanisms


Network Design


Ns is a discrete event simulator targeted at networking research



Network Analysis Tools


Ethereal is a network protocol analyzer for Unix and Windows





Fragrouter/Fragroute (UNIX) -

Hping2 (UNIX) -

Htprint (unix-windows)

Ndiff (UNIX) -

Nessus (UNIX-Server, Both-Client) - <>


Nikto (UNIX) -

Nlog (UNIX) -

Pcattcp tcp tester



Supercan -


Tcpdump (UNIX) - <>

Tkined (UNIX) -


Windump (Windows) - <>

Winpcap (Windows) -

Chkrootkit Rootkit detection

EtherApe Graphical network monitoring Ethereal Protocol analyzer Ipaudit Network activity monitoring

IPTraf Network statistics utility

Kismet 802.11 wireless network sniffer

Kiwi Syslog Daemon Syslog daemon for Windows

NetStumbler 802.11 wireless network sniffer

Swatch Log file monitoring

TCPDump Packet sniffer TCPTrace

Tcpdump file analysis

The Coroner's Toolkit Computer forensics

The Sleuth Kit Computer forensics

WebserverFP (unix)

WinDump Packet sniffer


URLScan is a tool that can change the banner of an IIS web server.



mod_security has a feature for changing the identity of the Apache web server. It can be found at


Servermask for faking banners of IIS, can be found at



You can check the following article for more on SQL Injection in Oracle:


Caching Tutorial for Web Authors and Webmasters by Mark Nottingham at




Kevin Spett's paper Cross Site Scripting, Are your web applications vulnerable? is a good source of information on this topic and is available at


MSDN site on httpcookies at



This paper by Jeremiah Grossman discusses XST in greater detail



URLScan is a tool that can change the banner of an IIS web server.



mod_security has a feature for changing the identity of the Apache web server. It can be found at


Servermask for faking banners of IIS, can be found at


Web Server Fingerprinting


There is a paper by Saumil Shah that discusses the tool httprint at


httprint can be found at


Exodus -

Odysseus -

Limitations of automated scanning

SpikeProxy, automated scanning

WebInspect, automated scanning 

Sample application for learning web testing is WebMaven, available at

Hackingzone which has a game on SQL Injection at


OpenBSD: The proactively secure operating system.

TCP Wrappers: A classic IP-based access control and logging mechanism

pwdump3: Allows for retreiving Windows password hashes locally or across the network whether or not syskey is enabled.

LibNet: A high-level API (toolkit) allowing the application programmer to construct and inject network packets

IpTraf: IP Network Monitoring Software

Fping: A parallel ping scanning program

Bastille: Security hardening script for Linux, Mac OS X, and HP-UX

Winfingerprint: A Win32 Host/Network Enumeration Scanner

TCPTraceroute: A traceroute implementation using TCP packets

Shadow Security Scanner: A commercial vulnerability assessment tool

pf: The innovative packet filter in OpenBSD

LIDS: A Linux kernel intrusion detection/defense system

hfnetchk: Microsoft tool for checking the patch status of all the Windows machines on a network from a central location

etherape: A graphical network monitor for Unix modeled after etherman

dig: A handy DNS query tool that comes free with Bind

Crack / Cracklib: Alec Muffett's classic local password cracker

zone alarm: Windows Personal firewall software. They offer a limited free version, but much of the functionality is disabled.

Visual Route: Obtains traceroute/whois data and plots it on a World map

The Coroner's Toolkit (TCT): A collection of tools that are either oriented towards gathering or analyzing forensic data on a Unix system

tcpreplay: a tool to replay saved tcpdump or snoop files at arbitrary speeds

snoop: A well-known gangsta rapper (Snoop Dogg)! It is also a network sniffer that comes with Solaris.

putty: An excellent Windows SSH client

pstools: A suite of free command-line tools for managing Windows systems (process listings, command execution, etc)

arpwatch: Keeps track of ethernet/ip address pairings and can detect certain monkey business