CERT-In:Indian Computer Emergency Response Team

Deccan

Details of the Audit Tools

Freeware

1. NMAP - Scan Network for Specific Information like logical existence of active reconnaissance. Check for open ports, services. Some of the tools above also act as vulnerability assessment tools, Patch management and password auditing. Different kinds of scanning techniques may be used such as - Open Scan, Half open scan, stealth Scan, sweeps, etc.

2. Demon dialer - War Dialers

3. Dsniff - Sniffers

4. Snort - Sniffers

5 .Ethereal - Sniffers

6. WinDump - Sniffers

7. Etherpeek - Sniffers

8 . ARP Spoofing - Sniffers

9. Man-in-the middle SMB/relay / SMB grind - Man in the middle attacks involves positioning oneself between two systems and actively participating in the connection to gather data

10. AKL - Key Loggers: used to monitor and record keystrokes, keyword detection, screen activity, all applications, emails, chat clinets etc.

11. Hunt- Session Hijacking, Tools to hijack TCP Sessions, Listen, Intercept and Hijack active sessions.

12. TTY Watcher - Session Hijacking, Tools to hijack TCP Sessions, Listen, Intercept and Hijack active sessions.

13. T-Sight - Session Hijacking, Tools to hijack TCP Sessions, Listen, Intercept and Hijack active sessions.

14. IIS Hack/IIS - Buffer Overflow

15. KOEI.exe / ISAPI DLL - Buffer Overflow

16. IIS exploit - Buffer Overflow

17. IIS Crack - Buffer Overflow

18. IPP Printer Buffer Overflow - Buffer Overflow

19. Web Cracker - Web based password cracking

20. Brutus - Web based password cracking

21. Munga Bunga - Web based password cracking

22. SQL Injection - Attack methodology that targets the data residing in the database through the firewall that shields it.

23. Trojan maker - Creating Viruses, worms and trojans

24. Sub Seven - Creating Viruses, worms and trojans

25. LOKI - Creating Viruses, worms and trojans

26. 007 shell - Creating Viruses, worms and trojans

Commercial

1. Symantec Net Recon --Scan Network for Specific Information like logical existence of active reconnaissance. Check for open ports, services. Some of the tools above also act as vulnerability assessment tools, Patch management and password auditing. Different kinds of scanning techniques may be used such as - Open Scan, Half open scan, stealth Scan, sweeps, etc.

2. Shadow Security Scanner -- Scan Network for Specific Information like logical existence of active reconnaissance. Check for open ports, services. Some of the tools above also act as vulnerability assessment tools, Patch management and password auditing. Different kinds of scanning techniques may be used such as - Open Scan, Half open scan, stealth Scan, sweeps, etc.

3. GFI Languard scanner -- Scan Network for Specific Information like logical existence of active reconnaissance. Check for open ports, services. Some of the tools above also act as vulnerability assessment tools, Patch management and password auditing. Different kinds of scanning techniques may be used such as - Open Scan, Half open scan, stealth Scan, sweeps, etc.

4. Netscan Pro -- Scan Network for Specific Information like logical existence of active reconnaissance. Check for open ports, services. Some of the tools above also act as vulnerability assessment tools, Patch management and password auditing. Different kinds of scanning techniques may be used such as - Open Scan, Half open scan, stealth Scan, sweeps, etc.

5. IP-eye -- Scan Network for Specific Information like logical existence of active reconnaissance. Check for open ports, services. Some of the tools above also act as vulnerability assessment tools, Patch management and password auditing. Different kinds of scanning techniques may be used such as - Open Scan, Half open scan, stealth Scan, sweeps, etc.

6. DOS & DDOS -- Involves breaking into several machines all over the internet. Then the attacker installs software for DDOS like Ping of death, SSPING, SMURF, LAND EXPLOIT, SYN FLOOD, etc. to launch coordinated attacks on victim's computer

7. LOPHT Crack -- Password crackers Use a combination of dictionary and brute force attacks commonly used words list.

8. John the Ripper -- Password crackers Use a combination of dictionary and brute force attacks commonly used words list.

9. Spector Soft -- Key Loggers: used to monitor and record keystrokes, keyword detection, screen activity, all applications, emails, chat clinets etc.

10. E-Blaster -- Key Loggers: used to monitor and record keystrokes, keyword detection, screen activity, all applications, emails, chat clinets etc.