#1 THC Amap : An application fingerprinting scanner
Amap
is a great tool for determining what application is listening on a
given port. Their database isn't as large as what Nmap uses for its
version detection feature, but it is definitely worth trying for a 2nd
opinion or if Nmap fails to detect a service. Amap even knows how to
parse Nmap output files. This is yet another valuable tool from the
great guys at THC.
#2 Nbtscan : Gathers NetBIOS info from Windows networks
#2 Nbtscan : Gathers NetBIOS info from Windows networks
NBTscan
is a program for scanning IP networks for NetBIOS name information
(similar to what the Windows nbtstat tool provides against single
hosts). It sends a NetBIOS status query to each address in a supplied
range and lists received information in human readable form. For each
responded host it lists IP address, NetBIOS computer name, logged-in
user name and MAC address. The original nbtscan was written by Alla
Bezroutchko. Steve Friedl has written an alternate implementation.
#3 Ike-scan : VPN detector/scanner
#3 Ike-scan : VPN detector/scanner
Ike-scan
exploits transport characteristics in the Internet Key Exchange (IKE)
service, the mechanism used by VPNs to establish a connection between a
server and a remote client. It scans IP addresses for VPN servers by
sending a specially crafted IKE packet to each host within a network.
Most hosts running IKE will respond, identifying their presence. The
tool then remains silent and monitors retransmission packets. These
retransmission responses are recorded, displayed and matched against a
known set of VPN product fingerprints. Ike-scan can VPNs from
manufacturers including Checkpoint, Cisco, Microsoft, Nortel, and
Watchguard.
#4SPIKE Proxy : HTTP Hacking
#4SPIKE Proxy : HTTP Hacking
Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports aut
