Google
Google is your friend. Use it to the best of your ability. Don't misuse it. Don't be evil. |
Cain And Abel
Cain & Abel is a password recovery tool for Microsoft Operating
Systems. It allows easy recovery of various kind of passwords by
sniffing the network, cracking encrypted passwords using Dictionary,
Brute-Force and Cryptanalysis attacks, recording VoIP conversations,
decoding scrambled passwords, recovering wireless network keys,
revealing password boxes, uncovering cached passwords and analyzing
routing protocols. The program does not exploit any software
vulnerabilities or bugs that could not be fixed with little effort. It
covers some security aspects/weakness present in protocol's standards,
authentication methods and caching mechanisms; its main purpose is the
simplified recovery of passwords and credentials from various sources,
however it also ships some "non standard" utilities for Microsoft
Windows users.
Cain & Abel has been developed in the hope that it will be useful
for network administrators, teachers, security
consultants/professionals, forensic staff, security software vendors,
professional penetration tester and everyone else that plans to use it
for ethical reasons. The author will not help or support any illegal
activity done with this program. Be warned that there is the
possibility that you will cause damages and/or loss of data using this
software and that in no events shall the author be liable for such
damages or loss of data. Please carefully read the License Agreement
included in the program before using it. |
PHP.net
PHP is a widely-used general-purpose scripting language that is
especially suited for Web development and can be embedded into HTML. If
you are new to PHP and want to get some idea of how it works, try the
introductory tutorial. After that, check out the online manual, and the
example archive sites and some of the other resources available in the
links section. |
Nmap
Nmap ("Network Mapper") is a free and open source (license) utility for
network exploration or security auditing. Many systems and network
administrators also find it useful for tasks such as network inventory,
managing service upgrade schedules, and monitoring host or service
uptime. Nmap uses raw IP packets in novel ways to determine what hosts
are available on the network, what services (application name and
version) those hosts are offering, what operating systems (and OS
versions) they are running, what type of packet filters/firewalls are
in use, and dozens of other characteristics. It was designed to rapidly
scan large networks, but works fine against single hosts. Nmap runs on
all major computer operating systems, and both console and graphical
versions are available. |
GCC - C compiler
The GNU Compiler Collection includes front ends for C, C++,
Objective-C, Fortran, Java, and Ada, as well as libraries for these
languages (libstdc++, libgcj,...). |
TOR
Tor is a toolset for a wide range of organizations and people that want
to improve their safety and security on the Internet. Using Tor can
help you anonymize web browsing and publishing, instant messaging, IRC,
SSH, and other applications that use the TCP protocol. Tor also
provides a platform on which software developers can build new
applications with built-in anonymity, safety, and privacy features. |
BlueJ
BlueJ is an integrated Java environment specifically designed for introductory teaching. |
John the Ripper
John the Ripper is a fast password cracker, currently available for
many flavors of Unix (11 are officially supported, not counting
different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary
purpose is to detect weak Unix passwords. Besides several crypt(3)
password hash types most commonly found on various Unix flavors,
supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003
LM hashes, plus several more with contributed patches. |
W3Schools Online Web Tutorials
At W3Schools you will find all the Web-building tutorials you need,
from basic HTML and XHTML to advanced XML, SQL, Database, Multimedia
and WAP. |
Google Earth
Google Earth combines the power of Google Search with satellite
imagery, maps, terrain and 3D buildings to put the world's geographic
information at your fingertips. |
MacroMaker
MacroMaker allows you to create macros or recordings to automate most
anything that you already do by hand. MacroMaker was written more for
the use of people who regularly use computers and programmers rather
than the casual PC user. Most anything you know how to do by hand can
be translated into a macro or recording in MacroMaker. If you are
having to perform repetitive tasks, this program will help you out
tremendiously. The user can simulate a series of keystrokes, mouse
events, play back previous recordings of keystrokes and mouse events or
execute some built-in functions with just a keystroke. You can even
store content from the clipboard in internal MacroMaker buffers for
later use. |
WinDirStat
WinDirStat (WDS) is a disk usage statistics viewer and cleanup tool for
Windows. It shows disk, file and directory sizes in a treelist as well
as graphically in a treemap, much like KDirStat or SequoiaView. |
Morpher
Morphing movie maker for Mac & Windows. Morpher makes digital
movies using a 2-D morph between two still images. |
PuTTY
PuTTY is a client program for the SSH, Telnet and Rlogin network
protocols.
These protocols are all used to run a remote session on a computer,
over a network. PuTTY implements the client end of that session: the
end at which the session is displayed, rather than the end at which it
runs.
In really simple terms: you run PuTTY on a Windows machine, and tell it
to connect to (for example) a Unix machine. PuTTY opens a window. Then,
anything you type into that window is sent straight to the Unix
machine, and everything the Unix machine sends back is displayed in the
window. So you can work on the Unix machine as if you were sitting at
its console, while actually sitting somewhere else. |
XVI32
XVI32 is a freeware hex editor running under Windows 95, Windows 98, Windows NT, Windows 2000, and Windows XP. |
Nikto
Nikto is an Open Source (GPL) web server scanner which performs
comprehensive tests against web servers for multiple items, including
over 3300 potentially dangerous files/CGIs, versions on over 625
servers, and version specific problems on over 230 servers. Scan items
and plugins are frequently updated and can be automatically updated (if
desired). |
ResizeEnable
ResizeEnable lets you turn usually non-resizeable windows into resizeable windows. |
Turbo
Turbo is a software "Turbo Switch". You may set the effective CPU speed
anywhere from 1 to 100% of full speed. All programs will execute at the
reduced CPU speed set by Turbo. Works with Win/9x and Win/NT. Freeware.
|
Physics Illustrator
Bring your drawings to life with the Physics Illustrator, a motion
simulator. Simply draw two-dimensional bodies, connect them in various
ways, and apply forces, then watch as animation makes the bodies move,
collide, and interact. |
pic2ascii
pic2ascii is a freeware tool to transform bitmaps (pictures) to ascii information (text). |
distrowatch
Yeah, Find the distro you want :) |
Google Hacks
Google Hacks is a compilation of carefully crafted Google searches that
expose novel functionality from Google's search and map services. For
example, you can use it to view a timeline of your search results, view
a map, search for music, search for books, and perform many other
specific kinds of searches. You can also use this program to use google
as a proxy. |
Milw0rm
A huge archive of exploits, vulnerabilities, shells and flaws. |
Hacking For Dummies
by Kevin Beaver (Author), Stuart McClure (Foreword) "This book is about
hacking ethically - the science of testing your computers and network
for security vulnerabilities and plugging the holes you find before..."
|
Wireshark
Network protocol analyzer for Windows and Unix that allows examination
of data from a live network, or from a capture file on disk. |
NoScript
The NoScript Firefox extension provides extra protection for Firefox,
Flock, Seamonkey and others mozilla-based browsers: this free, open
source add-on allows JavaScript and Java execution only for trusted
domains of your choice (e.g. your home-banking web site). NoScript
optionally blocks Flash and other potentially exploitable plugins too,
and provides the most powerful Anti-XSS protection available in a
browser.
 |
Metasploit
Metasploit is an open-source exploit framework written for unix with
mainly windows exploits. Nice tool to write and test your own + exploit
into any pc/site with existing payloads. Also comes with online ROR
version. |
Linux
If you want to hack, you need Linux. Windows just won't cut it. |
Flash Hacker (Tamper Data)
Tamper data is a add on
for firefox that is used for hacking flash games(High scores)>
If you have trouble
using ti or don't know how to use it contact me at ryanb58@100wpd.com |
Third Brigade CHX-I Packet / Payload Filter
What is CHX-I? High IP filtering granularity which includes Global/Per
Interface/Per IP filter policies. It offers complete control over state
transition time-outs. Allows for permissive and prohibitive policies or
a combination of both and more. |
Python
Python is a dynamic object-oriented programming language that can be
used for many kinds of software development. It offers strong support
for integration with other languages and tools, comes with extensive
standard libraries, and can be learned in a few days. Many Python
programmers report substantial productivity gains and feel the language
encourages the development of higher quality, more maintainable code. |
Burp
A very powerful website test including spider and possibility to test some exploit |
Add N Edit Cookies
Firefox Add-on, Cookie Editor that allows you add and edit cookies. |
Firebug
Firebug integrates with Firefox to put a wealth of web development
tools at your fingertips while you browse. You can edit, debug, and
monitor CSS, HTML, JavaScript, and network activity live in any web
page. |
freeBSD
meh if you don't know what that is...
FreeBSD® is an advanced operating system for x86 compatible (including
Pentium® and Athlon™), amd64 compatible (including Opteron™, Athlon™64,
and EM64T), UltraSPARC®, IA-64, PC-98 and ARM architectures. It is
derived from BSD, the version of UNIX® developed at the University of
California, Berkeley. It is developed and maintained by a large team of
individuals. Additional platforms are in various stages of development.
|
Lepton's Crack
Lepton's Crack is a generic password cracker, easily customizable with
a simple plug-in system.
It can perform a dictionary-based (wordlist) attack, as well as a
brute-force (incremental) password scan, including enumeration of a
regular expression (useful if you know something about the password)
Currently the formats supported are: standard MD4 hash, standard MD5
hash, NT MD4/Unicode, Lotus Domino HTTP password (R4) and SHA-1.
Download link is in the directory listing linked at the bottom of the
page. |
Hydra
THC-Hydra - the best parallized login hacker: for Samba, FTP, POP3,
IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS,
Cisco and more. Includes SSL support and is part of Nessus. |
dsniff
dsniff is a collection of tools for network auditing and penetration
testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy
passively monitor a network for interesting data (passwords, e-mail,
files, etc.). arpspoof, dnsspoof, and macof facilitate the interception
of network traffic normally unavailable to an attacker (e.g, due to
layer-2 switching). sshmitm and webmitm implement active
monkey-in-the-middle attacks against redirected SSH and HTTPS sessions
by exploiting weak bindings in ad-hoc PKI. |
Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and
intrusion detection system. Kismet will work with any wireless card
which supports raw monitoring (rfmon) mode, and can sniff 802.11b,
802.11a, and 802.11g traffic.
Kismet identifies networks by passively collecting packets and
detecting standard named networks, detecting (and given time,
decloaking) hidden networks, and infering the presence of nonbeaconing
networks via data traffic. |
Aircrack-ng
This is a suite that allows you to use your wireless card in monitoring
mode to capture packets from routers and the people connected to them |
Aircrack-ng
aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can
recover keys once enough data packets have been captured. It implements
the standard FMS attack along with some optimizations like KoreK
attacks, thus making the attack much faster compared to other WEP
cracking tools. In fact, aircrack is a set of tools for auditing
wireless networks. |
airsnort
This is a graphical user interface packet sniffer that interfaces with
your wifi card via monitor mode to kick you the MAC; SSID; Clients; and
type of encryption used on surrounding wireless networks. |
Win SCP
sftp client |
Dev C++
Bloodshed Dev-C++ is a full-featured Integrated Development Environment
(IDE) for the C/C++ programming language. It uses Mingw port of GCC
(GNU Compiler Collection) as it's compiler. Dev-C++ can also be used in
combination with Cygwin or any other GCC based compiler. |
Visual IRC
It is a FREE IRC client that is very good and so far error free. PLus has various ways to customize things. |
Process Explorer
Ever wondered which program has a particular file or directory open?
Now you can find out. Process Explorer shows you information about
which handles and DLLs processes have opened or loaded.
The Process Explorer display consists of two sub-windows. The top
window always shows a list of the currently active processes, including
the names of their owning accounts, whereas the information displayed
in the bottom window depends on the mode that Process Explorer is in:
if it is in handle mode you'll see the handles that the process
selected in the top window has opened; if Process Explorer is in DLL
mode you'll see the DLLs and memory-mapped files that the process has
loaded. Process Explorer also has a powerful search capability that
will quickly show you which processes have particular handles opened or
DLLs loaded. |
Ruby
A dynamic, open source programming language with a focus on simplicity
and productivity. It has an elegant syntax that is natural to read and
easy to write. |
Instructables
Want to make an explosion or maybe something new for lunch. Instructions on almost anything at instructables.com |
Autohotkey
AutoHotkey is a free, open-source utility for Windows.
* Automate almost anything by sending keystrokes and mouse clicks.
* Create hotkeys for keyboard, joystick, and mouse. Virtually any key, button, or combination can become a hotkey.
* Expand abbreviations as you type them. For example, typing "btw" can automatically produce "by the way".
* Create custom data-entry forms, user interfaces, and menu bars.
* Remap keys and buttons on your keyboard, joystick, and mouse.
* Convert any script into an EXE file that can be run on computers that don't have AutoHotkey installed. |
Nmap/NmapFE(GUI)
Nmap ("Network Mapper") is a free and open source (license) utility for
network exploration or security auditing. Many systems and network
administrators also find it useful for tasks such as network inventory,
managing service upgrade schedules, and monitoring host or service
uptime. Nmap uses raw IP packets in novel ways to determine what hosts
are available on the network, what services (application name and
version) those hosts are offering, what operating systems (and OS
versions) they are running, what type of packet filters/firewalls are
in use, and dozens of other characteristics. It was designed to rapidly
scan large networks, but works fine against single hosts. Nmap runs on
all major computer operating systems, and both console and graphical
versions are available. |
Notepad ++
Notepad++ is a free source code editor (and Notepad replacement), which
supports several programming languages, running under the MS Windows
environment. |
T-Search
T-Search is a program that lets you search for values that are stored
or downloaded into memory. This program, is usually used to hack games!
|
DollarDNS Crawler
This tool allows one to recursively retrieve the result of any type of
DNS record for all name servers a domain specifies |
DollarDNS Whois
DollarDNS Whois Direct allows users to make advanced WHOIS queries against a domain, including raw queries |
Leave a Comment
daedalus at 8:34pm on Jul. 4, 2008
about 1 month ago
Taken directly from http://www.hackthissite.org/pages/programs/programs.php
Don't post something if it's not your material, or at least give credit to who *did* create it. Reply...