A guide to library and other resources for information security and intelligence. Includes resources for undergraduate and graduate research and certifications.
Download the self-proclaimed world’s fastest password recovery tool. Versions are available for Linux, OS X, and Windows and can come in CPU-based or GPU-based variants.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic.
Before downloading, be sure to read the relevant sections for your platform from the Nmap Install Guide. The most important changes (features, bugfixes, etc) in each Nmap version are described in the Changelog.
Nmap (“Network Mapper”) is a free and open source utility for network exploration and security auditing. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is extremely powerful, it is also complex. More than 100 command-line options add expressiveness for networking gurus, but can confound novices. This book documents all Nmap features and, more importantly, teaches the most effective ways of using them.
OpenVAS is an advanced open source vulnerability scanner and manager and can save you a lot of time when performing a vulnerability analysis and assessment. Using an automated up-to-date vulnerability scanner in penetration test often helps you to find vulnerabilities which can be easily overlooked during a manual assessment.
Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
The current stable release of Wireshark is 2.6.4. It supersedes all previous releases. You can also download the latest development release (2.5.1) and documentation.
Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.
w3af is a complete environment for auditing and exploiting Web applications. Use w3af to identify more than 200 vulnerabilities and reduce your site’s overall risk exposure. Identify vulnerabilities like SQL injection, cross-site scripting, guessable credentials, unhandled application errors and PHP misconfigurations. The framework is proudly developed using Python to be easy to use and extend and is licensed under GPLv2.0.