Security Tools best of the best
 

I think it would be neat if everyone who uses the massive amounts of security tools put what they consider to be the best of the best. So first I decided to go through and decide which categories there are. So thats step one feel free to add on anything you think that should go here as well.

Packet Sniffers:

Crackers:

Packet Builders:

Port Scanners:

Vulnerability scanner LOUD and Powerful:

Quiet and Stealthy Vulnerability scanners:

Vulnerability exploiting tools: * This one if its unclear would be the script kiddie tools that exploit the system for you * Or you ones that can help you take a vulnerability report and form the packet you need to send to exploit it.* I havent found any really good ones at this point*

Wardriving Software:

Stegonagraphy software:

Speciality Tools of all kinds:

Ok Those are the categories that I think are important for now I am a little dead in the head right now. Also if you guys haven't checked out Honeyd project its pretty sweet right now.. They have allowed you to do alot of customization and create a pretty sweet honeynet.

I would add in the tools I use but I would rather see what everyone else is using.

Packet sniffers = SNORT
Port scanner = Nmap (for your own machines only)

as for the rest of the software, i dont see how wardriving software would be used by anybody here.
it serves no good use apart from for kids pretending to be Zero Cool.

I do see a need for the rest of the software.

But only for a system admin to test his security from the out side with the tools a hacker uses so that the holes can be found and fixed

I can say this with pleanty of confidence right now. Any good security officer/ ethical hacker/ security admin, uses most of these tools on a regular basis. It is usually for auditing purposes to find the vulnerabilities that most people can find if they did a similar form of recon. Anyway I was just curious to see what some of the other people are using...

Packet sniffing your using SNORT huh any particular reason for SNORT instead of somthing like Ethereal or sniffit, and HPiNG or any of those common ones out there?

I like the way snort runs in the background logging packets accourding to rules...
PLUS, snortsnarf generates excellent http pages with statistics and information and links on the attacks snort logs.

but be be honest, ive never seriously used etherial.

nessus and about 50 others for vulnerability assesment

crackers? I guess john or thc hydra

Vulnerability exploiting tools? metasploit is really cool. You should try it, but you have to read the docs it's not just point and click. I've used it on some of my own unpacthed windows boxes before and it tore right through em.

I think it would be neat if someone made chocolate pumpkin flavored ice cream . . . but that's beside the point.

Check out this survey.

Enjoy!
--- Cerbere

Re: Security Tools best of the best
 

Sniffers:
Tcpdump, ethereal.

Crackers:
john, some rainbow tables for those pesky LM hashes

Packet Builders:
PacGen (its on source forge)

Vuln scanners:
nessus (pretty loud)

Wardriving:
kismet

Specialtiy tools:
too many to list. check packetstorm.

-b