List of vulnerability assessment tools: One of the most popular are Nikto, N-Stalker or Burp Suite. The Open Web Application Security Project (OWASP) maintains a comprehensive list of vulnerability assessment tools: List of vulnerability assessment tools Nessus Web-based. Commercial.…
This post includes a list of public resources (e.g., databases) for vulnerability research. It also features some well-known sites that are no longer available. CVE Common Vulnerabilities and Exposure (CVE) is managed by MITRE. CVE is funded by the USA…
This post summarizes some enumeration tools for lightweight directory access protocol (LDAP). To read more about LDAP and Directory Services, please read this post. List of LDAP Enumeration Tools LDAP Enumeration Tools: Softerra LDAP Administrator LDAP Admin Tool LDAP…
List of network scanning tools: Most common are nmap, hping3, NetScanTools Pro and Advanced Port Scanner. List of network scanning tools nmap hping3 NetScanTools Pro Advanced Port Scanner SuperScan PRTG Network Monitor OmniPeek MiTeC Network…
This post features SNMP enumeration tools. List of SNMP Enumeration Tools SNMPUTIL IP Network Browser SNScan Windows-based application. You might also be interested in…
Some NetBIOS Enumeration tools: nbtstat (Windows) hyena Nsauditor Network Security Auditor NetScanTools Pro SoftPerfect Network Scanner SuperScan NetBIOS Enumerator Nbtscan (Linux) nmblookup (Linux) IP Tools MegaPing Two of the most popular are nbstat (Windows) and hyena. List of NetBIOS Enumeration…
This post summarizes commonly used TCP and UDP ports. The total number of ports for both TCP and UDP is what can be numbered with 16-digit binary number, it means, 65,536 ports, numbered from 0 to 65,535. Default TCP and…
hping commands for scanning methods ICMP ping hping3 -1 10.0.0.25 Hping performs an ICMP ping scan by specifying the argument -1 on the command line. You may use –ICMP of -1 argument in the command line. By issuing the above…
This post summarizes common syntax and parameters used with command nmap. To understand the meaning of each parameter, you may read about network discovery scanning techniques, as in “CISPP Study Guide 9th Edition”, pp. 732-733. nmap Syntax Parameters Those scans…
Smurf attack, also known as ICMP Echo Request, is a distributed reflection denial of service (DRDoS). Othe examples of DRDoS are DNS poisoning and fraggle attack. Description of smurf attack Smurf attack is performed as follows: How to prevent smurf…