This is a work in progress…

 

History of the Internet

 

 

TCP/IP

 

TCP RFC 793 describes the DoD Standard Transmission Control Protocol(TCP) 

 

Port numbers, ip address allocation policies

 

Binary Conversion Table

   

ICMP Messages

   

IP Address Classes from Cisco     

     

How Subnet Masks Are Used To Determine The Network Number from Cisco      

                 

DNS Overview from Cisco

 

Understanding TCP/IP

                 

IP Addressing from 3COM

 

Cisco Documentation Home Page

 

Troubleshooting micro$oft TCP/IP

 

Nifty graphical TCP/IP introduction

 

Network reconnaissance tools

 

Amap is a scanning tool for Unix  which identifies applications and services even if they are not listening on the default port.

 

Mingsweeper

 

Nmap (Unix) is a free open source utility for network exploration or security auditing

 

NMapWin is a native Win32 front-end for NMap

 

NmapNT (Windows) performs stealth scans, ping scans, UDP scans, as well as a handful of other scan types

 

Penetration testing tools

  

Brutus will help check routers etc. for default and common passwords

 

Engage Packet Builder (Windows)is a scriptable packet builder

 

WebCracker will allow you to test your restricted-access website to make sure that only authorized users are able to get in.

                 

Odysseus is a tool designed for testing the security of web applications.

 

Achilles acts as a HTTP/HTTPS proxy that allows a user to intercept, log, and modify web traffic on the fly.

 

 

Network Management Tools

 

Cheops (Unix) provide the system administrator tool for locating, accessing, diagnosing, and managing network resources

 

Cheops-ng (Unix) is the next generation of this popular network management tool for mapping and monitoring your network

 

Argus system and network monitoring

 

Nagios Network Monitoring

 

 

Security assessment tools

 

WebScarab is a loose suite of web application security assessment tools

 

Rough Auditing Tool for Security (RATS)scans source code for security flaws in C, C++, Python, Perl and PHP programs.

 

 

IDS

 

Snort is a network-based intrusion detection system

 

Bro is a network-based intrusion detection system developed at Lawrence Berkeley National Laboratory

 

SnortSnarf is a Perl program that produces HTML output from SNORT databases

 

The Stealthy Portscan and Intrusion Correlation Engine

 

SPADE is a Snort preprocessor plugin which sends alerts of anomalous packet through standard Snort reporting mechanisms

 

Network Design

 

Ns is a discrete event simulator targeted at networking research

 

 

Network Analysis Tools

 

Ethereal is a network protocol analyzer for Unix and Windows

 

 

 

 

Fragrouter/Fragroute (UNIX) - http://www.monkey.org/~dugsong/fragroute/index.html

Hping2 (UNIX) - http://www.hping.org/download.html

Htprint (unix-windows) http://net-square.com/httprint/

Ndiff (UNIX) - http://www.vinecorp.com/ndiff/

Nessus (UNIX-Server, Both-Client) - http://www.nessus.org <http://www.nessus.org/>

Newt http://www.tenablesecurity.com/newt.html

Nikto (UNIX) - http://www.cirt.net/code/nikto.shtml

Nlog (UNIX) - http://www.secureaustin.com/nlog/

Pcattcp tcp tester http://www.pcausa.com/Utilities/pcattcp.htm

SAINT (UNIX) - http://www.wwdsi.com/saint/

SARA (UNIX) - http://www-arc.com/sara/

Supercan - http://www.webattack.com/get/superscan.shtml

http://www.serverscheck.com/ http://www.microsoft.com/windowsserversystem/sus/default.mspx

SYSMON http://www.sysmon.org/ 

Tcpdump (UNIX) - http://www.tcpdump.org <http://www.tcpdump.org/>

Tkined (UNIX) - http://www.knopper.net/download/tkined/

VOID http://www.remoteassessment.com/?op=pub_archive_search&query=wireless&userid=c7b27be1e2a31d8098abdc0146319de3

Windump (Windows) - http://netgroup-serv.polito.it <http://netgroup-serv.polito.it/>

Winpcap (Windows) - http://netgroup-serv.polito.it/winpcap/

http://www.counterpane.com/log-analysis.html

http://www.silicondefense.com/software/snortsnarf/

Chkrootkit Rootkit detection http://www.chkrootkit.org

EtherApe Graphical network monitoring http://etherape.sourceforge.net Ethereal Protocol analyzer http://www.ethereal.com Ipaudit Network activity monitoring http://ipaudit.sourceforge.net

IPTraf Network statistics utility http://iptraf.seul.org

Kismet 802.11 wireless network sniffer http://www.kismetwireless.net

Kiwi Syslog Daemon Syslog daemon for Windows http://www.kiwisyslog.com

NetStumbler 802.11 wireless network sniffer http://www.netstumbler.com

Swatch Log file monitoring http://swatch.sourceforge.net

TCPDump Packet sniffer http://www.tcpdump.org TCPTrace

Tcpdump file analysis http://www.tcptrace.org/index.html

The Coroner's Toolkit Computer forensics http://www.porcupine.org/forensics/tct.html

The Sleuth Kit Computer forensics http://www.sleuthkit.org/sleuthkit/index.php

WebserverFP (unix) http://www.remoteassessment.com/archive/UNIX/utilities/WebServerFP-Source.zip

WinDump Packet sniffer http://windump.polito.it

 

URLScan is a tool that can change the banner of an IIS web server. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/

tools/URLScan.asp

 

mod_security has a feature for changing the identity of the Apache web server. It can be found at http://www.modsecurity.org/

 

Servermask for faking banners of IIS, can be found at http://www.servermask.com/

 

 

You can check the following article for more on SQL Injection in Oracle: http://www.integrigy.com/info/IntegrigyIntrotoSQLInjectionAttacks.pdf

 

Caching Tutorial for Web Authors and Webmasters by Mark Nottingham at http://www.mnot.net/cache_docs/

 

HTTP RFC at http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.1

 

Kevin Spett's paper Cross Site Scripting, Are your web applications vulnerable? is a good source of information on this topic and is available at http://www.spidynamics.com/whitepapers/SPIcross-sitescripting.pdf

 

MSDN site on httpcookies at http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/htt

ponly_cookies.asp

 

This paper by Jeremiah Grossman discusses XST in greater detail http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf

 

 

URLScan is a tool that can change the banner of an IIS web server. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/

tools/URLScan.asp

 

mod_security has a feature for changing the identity of the Apache web server. It can be found at http://www.modsecurity.org/

 

Servermask for faking banners of IIS, can be found at http://www.servermask.com/

 

Web Server Fingerprinting http://www.ntobjectives.com/products/firewater/

 

There is a paper by Saumil Shah that discusses the tool httprint at http://net-square.com/httprint/httprint_paper.html

 

httprint can be found at http://net-square.com/httprint/

 

Exodus - http://home.intekom.com/rdawes/exodus.html

Odysseus - http://www.wastelands.gen.nz/odysseus/index.php

Limitations of automated scanning http://www.blackhat.com/presentations/bh-federal-03/bh-fed-03-grossman-up.pdf

SpikeProxy, automated scanning http://www.immunitysec.com/spikeproxy.html

WebInspect, automated scanning http://www.spidynamics.com/productline/WE_over.html 

Sample application for learning web testing is WebMaven, available at http://sourceforge.net/projects/webmaven

Hackingzone which has a game on SQL Injection at http://www.hackingzone.org/sql/index.php

 .

OpenBSD: The proactively secure operating system.

TCP Wrappers: A classic IP-based access control and logging mechanism

pwdump3: Allows for retreiving Windows password hashes locally or across the network whether or not syskey is enabled.

LibNet: A high-level API (toolkit) allowing the application programmer to construct and inject network packets

IpTraf: IP Network Monitoring Software

Fping: A parallel ping scanning program

Bastille: Security hardening script for Linux, Mac OS X, and HP-UX

Winfingerprint: A Win32 Host/Network Enumeration Scanner

TCPTraceroute: A traceroute implementation using TCP packets

Shadow Security Scanner: A commercial vulnerability assessment tool

pf: The innovative packet filter in OpenBSD

LIDS: A Linux kernel intrusion detection/defense system

hfnetchk: Microsoft tool for checking the patch status of all the Windows machines on a network from a central location

etherape: A graphical network monitor for Unix modeled after etherman

dig: A handy DNS query tool that comes free with Bind

Crack / Cracklib: Alec Muffett's classic local password cracker

zone alarm: Windows Personal firewall software. They offer a limited free version, but much of the functionality is disabled.

Visual Route: Obtains traceroute/whois data and plots it on a World map

The Coroner's Toolkit (TCT): A collection of tools that are either oriented towards gathering or analyzing forensic data on a Unix system

tcpreplay: a tool to replay saved tcpdump or snoop files at arbitrary speeds

snoop: A well-known gangsta rapper (Snoop Dogg)! It is also a network sniffer that comes with Solaris.

putty: An excellent Windows SSH client

pstools: A suite of free command-line tools for managing Windows systems (process listings, command execution, etc)

arpwatch: Keeps track of ethernet/ip address pairings and can detect certain monkey business

 

 

 

 

 

1