计算机安全超级工具(三)——局域网搜索
2009-12-02 10:10
405 查看
ettercap
http://ettercap.sourceforge.net
Ettercap is a suite for man in the middle attacks on LAN. It features
sniffing of live connections, content filtering on the fly and many other
interesting tricks.
It supports active and passive dissection of many protocols (even ciphered ones)
and includes many feature for network and host analysis.
dsniff
http://www.monkey.org/~dugsong/dsniff/
dsniff is a collection of tools for network auditing and penetration
testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy
passively monitor a network for interesting data (passwords, e-mail,
files, etc.). arpspoof, dnsspoof, and macof facilitate the
interception of network traffic normally unavailable to an attacker
(e.g, due to layer-2 switching). sshmitm and webmitm implement active
monkey-in-the-middle attacks against redirected SSH and HTTPS sessions
by exploiting weak bindings in ad-hoc PKI.
p0f
What is p0f v2?
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the
operating system on:
- machines that connect to your box (SYN mode),
- machines you connect to (SYN+ACK mode),
- machine you cannot
connect to (RST+ mode),
- machines whose communications you can observe.
P0f can also do many other tricks, and can detect or measure the following:
- firewall presence, NAT use (useful for policy enforcement),
- existence of a load balancer setup,
- the distance to the remote system and its uptime,
- other guy's network hookup (DSL, OC3, avian carriers) and his ISP.
All this even when the device in question is behind an overzealous packet
firewall, when our
favourite active scanner
can't do much.
P0f does not generate ANY additional network traffic, direct or indirect.
No name lookups, no mysterious probes, no ARIN queries, nothing.
How? It's simple: magic. Find out more
here
.
http://ettercap.sourceforge.net
Ettercap is a suite for man in the middle attacks on LAN. It features
sniffing of live connections, content filtering on the fly and many other
interesting tricks.
It supports active and passive dissection of many protocols (even ciphered ones)
and includes many feature for network and host analysis.
dsniff
http://www.monkey.org/~dugsong/dsniff/
dsniff is a collection of tools for network auditing and penetration
testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy
passively monitor a network for interesting data (passwords, e-mail,
files, etc.). arpspoof, dnsspoof, and macof facilitate the
interception of network traffic normally unavailable to an attacker
(e.g, due to layer-2 switching). sshmitm and webmitm implement active
monkey-in-the-middle attacks against redirected SSH and HTTPS sessions
by exploiting weak bindings in ad-hoc PKI.
p0f
What is p0f v2?
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the
operating system on:
- machines that connect to your box (SYN mode),
- machines you connect to (SYN+ACK mode),
- machine you cannot
connect to (RST+ mode),
- machines whose communications you can observe.
P0f can also do many other tricks, and can detect or measure the following:
- firewall presence, NAT use (useful for policy enforcement),
- existence of a load balancer setup,
- the distance to the remote system and its uptime,
- other guy's network hookup (DSL, OC3, avian carriers) and his ISP.
All this even when the device in question is behind an overzealous packet
firewall, when our
favourite active scanner
can't do much.
P0f does not generate ANY additional network traffic, direct or indirect.
No name lookups, no mysterious probes, no ARIN queries, nothing.
How? It's simple: magic. Find out more
here
.
相关文章推荐
- 计算机安全超级工具(四)——无线搜索
- 计算机安全超级工具(二)——漏洞扫描
- 计算机安全超级工具(七)——无线渗透
- 计算机安全超级工具(十)-Rootkit
- 计算机安全超级工具(八)——探测框架应用程序
- 计算机安全超级工具(十一)-防火墙
- 计算机安全超级工具(十七)-网络监控
- 计算机安全超级工具(十二)-主机加固
- 计算机安全超级工具(十八)-主机监控
- 计算机安全超级工具(十三)-通信安全保护
- 计算机安全超级工具(十九)-Forensic工具
- 计算机安全超级工具(五)——自定义数据包生成
- 计算机安全超级工具(十四)-电子邮件安全和反垃圾邮件
- 计算机安全超级工具(二十)-应用程序干扰
- 计算机安全超级工具(六)——渗透工具
- 计算机安全超级工具(十五)-设备安全测试
- 计算机安全超级工具(二十一)-二进制逆向工程
- 计算机安全超级工具(-)——网络扫描
- 计算机安全超级工具(九)-后门程序