Fyodor, the creator of NMAP conducted a survey of his nmap-hackers mailing list for 100 favorite tools. Approximately 3,243 users voted for their favorite tools. A list of the 100 favorite hacker tools can be found at www.insecured.org.
Of the 100 tools, below are the 10 favorite tools that received the most votes throughout 2006. These tools are weapons that are considered absolutely necessary in hacking and security activities.
eabSu" I hope that the Program will be a useful combination for many IT practitioners. Both the administrator and the user can follow the same goals."
1. Nessus
Nessus was first created by Renaud Deraison in 1998 and distributed to the internet community freely, useful, well-updated and easy to use.
Nessus is a program to find weaknesses in a computer system. According to its official website at www.nessus.org, this tool has been used by more than 75,000 organizations and companies worldwide.
2. Snort
Snort is an IDS, which is a tool to prevent and detect attacks on computer systems. The vendor of Snort claims that this tool has been downloaded millions of times from their site. You may be interested in trying it, please download this tool at www.snort.org.
3. Kismet
Kismet is a tool to detect wireless connections (supporting 802.11b, 802.11a, and 802.11g traffic), capture packets in a network system and become an IDS (intrusion detection System). To find out more about kismet, you can visit the site http://www.kismetwireless.net or go to #kismet irc.freenode.net.
4. Metasploit Framework
Metasploit Framework is an open source project for developing, testing and using exploit code. It is written in Perl as the basic foundation and consists of complementary components that have been compiled in C, assembler and Python. Metasploit Framework can run on UNIX, Linux and Windows operating systems. More detailed information can be found at http://www.metasploit.com.
5. Netcat
Netcat is a networking utility tool that can read and write data on a network connection via the TCP/IP protocol. The features found in netcat include:
Outgoing and incoming connections via UDP or TCP protocol with the ports used.
Tunneling mode, tunneling from UDP to TCP, mapping parameters in the network (source port/interface, listening port/interface, and allowing remote hosts to connect to the tunnel).
Port scanner, to detect open ports.
Buffered send-mode and hexdump RFC854 telnet.
6. Hping
Hping is a multi-purpose tool. This tool can be used to test firewall capabilities, find open ports, test network security using various protocols, get operating system information, evaluate TCP/IP protocols.
7. TCPDump
Tcpdump is also a sniffer. Network admins use this tool to monitor traffic and analyze problems if there is a disruption. According to information in
http://www-iepm.slac.stanford.edu/monitoring/passive/tcpdump.html
Tcpdump uses UNIX BSD packet filter to capture data (BPF / BSD Packet Filter). BPF receives copies from the sending and receiving drivers of the packet. Tcpdump users can also filter packets as desired.
8. John The Ripper
A password cracker from the hackers' ancestors that is still a top 10 favorite tool. Here is a statement from the creator of John The Ripper.
“John the Ripper is a password cracker, currently available for UNIX, DOS, WinNT/Win95. Its primary purpose is to detect weak UNIX passwords. It has been tested with Linux x86/Alpha/SPARC, FreeBSD x86, OpenBSD x86, Solaris 2.x SPARC and x86, Digital UNIX, AIX, HP-UX, and IRIX”.
9. Cain And Abel
Cain & Abel is a tool for password problems. This tool can collect passwords using network sniffing methods, crack passwords using Dictionary attacks, Brute-Force and Cryptanalysis attacks, record VoIP (Voice Over Internet Protocol) conversations, crack wireless networks, analyze network traffic. www.oxid.it.
10. WireShark / Ethereal
Wireshark / Ethereal is a tool for analyzing network protocols. It also functions as a sniffer. Monitors internet traffic. Wireshark can run on Windows, MAC OS X, and Linux. www.wireshark.org.
Are you interested? Learn and understand how to use the 10 tools. Not everyone will be that easy to become a hacker just by relying on the 10 tools above. However, these tools have been recognized by all levels. It can be an addition for those of you who want to study computer security in depth.