A few weeks ago, I followed a presentation at Digicomp called “From Ethical Hacking to IT-Forensic” presented by Juerg Fischer. The most interesting part I kept from the presentation (that was in German so may explain the little I remember from it 🙂 ) was about the tools and resources useful for the differents phases of the penetration tests. Even of most of these tools and resources might be alredy know, I hope it will still make an usefull list to somone else than me 🙂
1. Information Gathering
In this early stage the goal is to gather information about people and architecture you might find during your security analysis.
Whois: Domain name lookup
Sam Spade: Integrated network query tool
SearchDNS: Information about an organisation servers
Archive.org: Access old pages from Internet
2. Vulnerability Analysis
For this second phase, the goal is to gather information regarding vulnerability that correspond to the list you gathered (type of server, OS …) in the first phase.
Secunia: Vulnerability Database
SecurityFocus: Stay informed
3. Router
Getting ride of the router…
NSLOOKUP: Find the IP addresses of a particular computer
DIG: Investigate DNS
dsniff: Suite of tools to sniff network data
4. Firewall
NMAP: Security Scanner
HPING: TCP/IP packet assembler/analyzer
Firewalk: Determine what layer 4 protocols a given IP forwarding device will pass
There are many more tools but with the previous links list you should have already enough to start digging into security related topics 🙂
Ahmet