Infogathering | Penetration Testing Tools

masscan

February 18, 2014portsInformation Gatheringinfogathering, portscanning, recon

This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second.

Metagoofil

February 18, 2014portsInformation Gathering, Reporting Toolsenumeration, infogathering, osint, recon, reporting

Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,docx,pptx,xlsx) belonging to a target company.

Metasploit Framework

February 18, 2014dookieExploitation Toolsdatabase, dns, enumeration, exploitation, infogathering, mssql, mysql, passwords, portscanning, postexploitation, recon, smb, smtp, snmp, socialengineering

Metasploit is a penetration testing platform that enables you to find, exploit, and validate vulnerabilities.

Miranda

February 18, 2014portsInformation Gatheringinfogathering, recon, upnp

Miranda is a Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for possible vulnerabilities.

Nipper-ng

February 18, 2014portsReporting Toolsinfogathering, reporting

Nipper-ng is the next generation of nippper, and will always remain free and open source. This software will be used to make observations about the security configurations of many different device types such as routers, firewalls, and switches of a network infrastructure. This is a fork from nipper 0.11.10 release of the GNUv3 GPL code.

p0f

February 18, 2014portsForensics, Information Gatheringenumeration, infogathering, recon

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.

Paros

February 18, 2014portsWeb Applicationsgui, http, https, infogathering, proxy, sniffing, webapps

A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.

Recon-ng

February 18, 2014portsInformation Gathering, Web Applicationsenumeration, infogathering, osint, webapps

Recon-ng is a full-featured Web Reconnaissance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can be conducted quickly and thoroughly.

SET

February 18, 2014portsExploitation Tools, Information Gatheringexploitation, infogathering, socialengineering

The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social-Engineering. SET has a number of custom attack vectors that allow you to make a believable attack in a fraction of the time.

smtp-user-enum

February 18, 2014portsInformation Gatheringenumeration, infogathering, recon, smtp

smtp-user-enum is a tool for enumerating OS-level user accounts on Solaris via the SMTP service (sendmail). Enumeration is performed by inspecting the responses to VRFY, EXPN and RCPT TO commands. It could be adapted to work against other vulnerable SMTP daemons, but this hasn’t been done as of v1.0.

Tag: infogathering