ferramentas de segurança informática & Pentest
Footprinting e Impressões Digitais: procure informações
1. Anubis (Website: http://flu-project.blogspot.com.es/p/herramientas-de-flu-project.html)
2. Maltego (Website: http://www.paterva.com/web5/)
3. Nslookup (Informações: http://es.wikipedia.org/wiki/Nslookup)
4. Dig (Informações: http://en.wikipedia.org/wiki/Dig_%28Command%29)
5. VisualRoute (Programa: http://visualroute.visualware.com/)
6. Whois (Programa: http://www.whois.net/)
7. Nsauditor (Website: http://www.nsauditor.com/)
8. Seal (Programa: http://elevenpaths.com/lab_foca.html)
9. Httprint (Website: http://www.net-square.com/httprint/)
10. LDAP Browser (Programa: http://www.ldapbrowser.com/)
11. Archieve.org (Website: www.archieve.org)
12. Yougetsignal (Website: www.yougetsignal.com)
13. Netcraft.com (Website: www.netcraft.com)
14. DNSStuff (Website: www.dnsstuff.com)
15. Wfuzz (Informação e programa: http://www.edge-security.com/wfuzz.php)
16. Nmap (Programa: http://nmap.org/download.html)
17. Zenmap (Nmap GUI http://nmap.org/zenmap/)
18. Shodan (Informação e Serviço: http://www.shodanhq.com/)
19. Unicorn Scan (Informação e programa: http://www.unicornscan.org/)
20. Satori
21. Consultar as meta-tags do Site: http://www.100security.com.br/tools/metatags/
Os pedidos de sites de download
1. HTTrack (http://www.httrack.com/)
2. FileStream Web Boomerang (http://www.filestream.com/webboomerang/)
3. Website Ripper Copier (http://www.tensons.com/products/websiterippercopier/)
Scanners de vulnerabilidade
1. GFI (Website: http://www.gfi.com/languard/)
2. MBSA (Website: http://technet.microsoft.com/es-es/security/cc184924.aspx)
3. SSS (Programa: http://www.safety-lab.com/en/products/securityscanner.htm)
4. Wikto (Programa: http://www.baxware.com/wikto.htm)
5. Acunetix (Website: http://www.acunetix.com/)
6. NESSUS (Website: http://www.nessus.org/nessus/)
7. OpenVAS (scanner de vulnerabilidades Nessus derivado gratuito: http://www.openvas.org/)
8. retina (programa de informação e: http://www.global-tools.com/retina.htm)
9. WEBCRUISER (programa de informação e: http://sec4app.com) (Windows)
10. NIKTO (Informação e programa: http://cirt.net/nikto2)
11. FLUNYMOUS (scanner de vulnerabilidade para Wordpress e Moodle: http://www.flu-project.com/downloadflu/flunym0us)
12. WP-SCAN (Informação e programa: http://code.google.com/p/wpscan/)
13. Secunia PSI (http://secunia.com/products/consumer/psi/sys_req/)
Exploits
1. Metasploit (Website: http://www.metasploit.com/)
2. WinAUTOPWN (Programa: http://24.138.163.182/quaker/v2/w/winAUTOPWN_2.5.RAR)
3. Exploit-DB [façanhas de banco de dados] (http://www.exploit-db.com/)
Malware
1. FLU - (Trojan Open Source): (http://www.flu-project.com)
2. Hacker Defender (Tutorial (rootkit): http://foro.elhacker.net/hacking_avanzado...html)
3. Netcat (Tutorial: http://foro.elhacker.net/tutoriales...html)
4. Crypcat (Programa: http://sourceforge.net/projects/cryptcat/)
5. Rootkit Revealer (Programa: http://sysinternals-rootkitrevealer.softonic.com/)
6. AVG AntiRootkit 1.0.0.13 (Programa: http://www.grisoft.cz/79461)
7. Espada Ice (Programa: http://icesword.softonic.com/)
8. Fu.exe (Rootkit: http://www.wisedatasecurity.com/herramientas/FU_Rootkit.zip)
9. Ikklogger 0,1 (Keylogger http://foro.elhacker.net/....html)
10. Arquivo Mon (Programa: http://technet.microsoft.com/es-es/sysinternals/bb896642.aspx)
11. KGB Spy (programa beta (Trojan): http://kgb-spy-keylogger.softonic.com/)
12. Subseven (Trojan: http://www.vsantivirus.com/sub722.htm)
Distribuições Linux auditados rolamentos
1. Wifislax (Site Oficial: www.wifislax.com)
2. Wifiway (Site Oficial: www.wifiway.org)
3. Backtrack (Site Oficial: www.backtrack-linux.org)
4. Samurai (Site Oficial: http://sourceforge.net/projects/samurai/)
5. Helix (Site Oficial: http://www.e-fense.com/h3-enterprise.php)
6. Caine (Site Oficial: http://www.caine-live.net/)
7. Bugtraq (Site Oficial: http://www.bugtraq-team.com)
8. Kali Linux (Site Oficial: http://www.kali.org)
Sniffers
1. Cain (Site Oficial: http://www.oxid.it)
2. Wireshark (Site Oficial: http://www.wireshark.org)
3. Ettercap (Cain Substituto para Linux: http://ettercap.sourceforge.net)
4. tshark (console modo de projeto Wireshark Sniffer http://www.wireshark.org/docs/man-pages/tshark.html)
5. Mal Foca http://elevenpaths.com/lab_evil_foca.html
6. NetworkMiner http://www.netresec.com/?page=NetworkMiner
A engenharia social
1. SET ( http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_%28SET%29 )
Código obfuscators
1. Eazfuscator
2. Salamander Net Protector
3. Dotfuscator Community Edition
4. smartassembly
5. Reactor NET
Analisadores de vulnerabilidades em código fonte
1. FindBugs
2. Lapse
3. PMD
IT Security Relacionado
1. Open Source Vulnerability Database Pesquisa
2. Threat US Homeland Security
3. Melhores Dicas de segurança
Monitoramento correlação / evento
1. Nagios
2. Zabbix
Dashboards
1. Babel
WiFi
1. Libertar sem fio (Wi-Fi chaves Decodificador para o Android)
2. Acrylic_WiFi
3. JavaCalcularWlan
1. Babel
WiFi
1. Libertar sem fio (Wi-Fi chaves Decodificador para o Android)
2. Acrylic_WiFi
3. JavaCalcularWlan
Firewalls
1. FluBlocker (WAF para IIS7 ou superior)
Sistemas de vigilância Cyber-
1. Maltego
2. ZINK-IT (http://www.zinksecurity.com/zinkit.php)
Integridade de arquivos
1. OSIRIS
2. Pwdump7 (http://www.tarasco.org/security/pwdump_7/)
3. Samdump
4. l0phtcrack (http://www.l0phtcrack.com/)
5. Findmyhash (https://code.google.com/p/findmyhash/downloads/list)
6. Credenciais WCE-Windows editor (http://www.ampliasecurity.com/research/wcefaq.html)
7. Mimikatz (http://blog.gentilkiwi.com/mimikatz)
8. OphtCrack
9. Integrigy (http://www.integrigy.com/security-resources/downloads/lsnrcheck-tool)
10. Minasi (http://www.minasi.com/apps/)
11. Setdllcharacteristics (http://blog.didierstevens.com/2010/10/17/setdllcharacteristics/)
Engenharia Reversa
1. Olly Dbg (Programa: http://www.ollydbg.de/download.htm)
2. Radare (Programa: http://radare.org/y/)
Detectores de Man in the Middle
1. FluBlocker (WAF para IIS7 ou superior)
Sistemas de vigilância Cyber-
1. Maltego
2. ZINK-IT (http://www.zinksecurity.com/zinkit.php)
Integridade de arquivos
1. OSIRIS
2. Pwdump7 (http://www.tarasco.org/security/pwdump_7/)
3. Samdump
4. l0phtcrack (http://www.l0phtcrack.com/)
5. Findmyhash (https://code.google.com/p/findmyhash/downloads/list)
6. Credenciais WCE-Windows editor (http://www.ampliasecurity.com/research/wcefaq.html)
7. Mimikatz (http://blog.gentilkiwi.com/mimikatz)
8. OphtCrack
9. Integrigy (http://www.integrigy.com/security-resources/downloads/lsnrcheck-tool)
10. Minasi (http://www.minasi.com/apps/)
11. Setdllcharacteristics (http://blog.didierstevens.com/2010/10/17/setdllcharacteristics/)
Engenharia Reversa
1. Olly Dbg (Programa: http://www.ollydbg.de/download.htm)
2. Radare (Programa: http://radare.org/y/)
Detectores de Man in the Middle
1. Marmite
2. XArp (Web: http://www.chrismc.de/development/xarp/)
Metadados
1. exiftool
Cryptography
1. TrueCrypt
2. Bitlocker
3. File Checksum Integrity Verifier-FCIV (http://www.microsoft.com/en-us/download/details.aspx?id=11533)
4. Sophos (http://www.sophos.com/es-es/products/free-tools.aspx)
2. XArp (Web: http://www.chrismc.de/development/xarp/)
Metadados
1. exiftool
Cryptography
1. TrueCrypt
2. Bitlocker
3. File Checksum Integrity Verifier-FCIV (http://www.microsoft.com/en-us/download/details.aspx?id=11533)
4. Sophos (http://www.sophos.com/es-es/products/free-tools.aspx)
