Category:Target Mapping

From SecurityForest


  • nmap Image:Win.jpg Image:Lin.jpg Image:Bsd.jpg : Network Mapper
Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.
http://www.insecure.org/nmap
Download - Unix (http://www.securityforest.com/downloads/nmap-3.75.tar.bz2.tar)
Download - Windows (http://www.securityforest.com/downloads/nmap-3.75-win32.zip)
  • LFT Image:Win.jpg Image:Lin.jpg Image:Bsd.jpg : Layer Four Traceroute
LFT ("Layer Four Traceroute") is a free open source utility for tracing the route packets take to some host. Unlike "traceroute" LFT uses TCP and the auditor can use it to specify source and destination ports for firewall auditing, etc. It also understands TCP state, so it can detect stateful/stateless firewalls in the path. It also has several other interesting capabilities including AS Number lookups, network name lookups, loose source routing, etc.
http://oppleman.com/lft
  • spidermap Image:Win.jpg Image:Lin.jpg Image:Bsd.jpg : Set of Scripts for Fine-tuned nmap Scanning
Spidermap is a collection of perl scripts which enable you to launch precisely tuned network scans. The goal of this project is to create an integrated suite of tools for low-impact network reconnaisance with features including custom packet rates and scan types for each network with increased efficiency by mapping multiple networks in paralell. The target users are system administrators and network security professionals seeking a non-destructive way to inventory network services and do so in a resaonable amount of time.
http://www.digitaloffense.net/spidermap
A connect-based TCP port scanner, pinger and hostname resolver. No source code is provided. It can handle ping scans and port scans using specified IP ranges. It can also connect to any discovered open port using user-specified "helper" applications (e.g. Telnet, Web browser, FTP).
http://www.foundstone.com
Download v1 (http://www.securityforest.com/downloads/superscan1.exe)
Download v3 (http://www.securityforest.com/downloads/superscan3.zip)
Download v4 (http://www.securityforest.com/downloads/superscan4.exe)
  • scanline Image:Win.jpg : Command Line TCP Port Scanner
A connect-based TCP port scanner, pinger and hostname resolver. No source code is provided. It can handle ping scans and port scans using specified IP ranges. It can also connect to any discovered open port using user-specified "helper" applications (e.g. Telnet, Web browser, FTP).
http://www.foundstone.com
Download (http://www.securityforest.com/downloads/sl.exe)
Firewalk employs traceroute-like techniques to determine what layer 4 protocols a gateway/IP forwarding device will pass and hence determine its ACL filters. Note that much or all of this functionality can also be performed using hping.
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass.
http://www.packetfactory.net/projects/firewalk
  • Xprobe2 Image:Lin.jpg Image:Bsd.jpg : Next-Generation Active OS Fingerprinting Tool
Xprobe2 is an OS identification tool designed to overcome the problems presented to traditional OS identification tools such as nmap and queso. It relies on an nmap-like approach using ICMP packets in addition to fuzzy signature matching and probabilistic guessing in order to provide a more accurate guess of the remote target's OS.
http://www.sys-security.com/html/projects/X.html
Download xprobe2-0.2.1.tar.gz (http://www.securityforest.com/downloads/xprobe2-0.2.1.tar.gz)
  • Solarwinds Image:Win.jpg : A plethora of network discovery/monitoring/attack tools
SolarWinds has created and sells dozens of special-purpose tools targetted at systems administrators. Security related tools include many network discovery scanners and an SNMP brute-force cracker. These tools are Windows only, cost money, and do not include source code.
http://www.solarwinds.net
  • THC-Amap Image:Lin.jpg Image:Bsd.jpg : Application Fingerprinting Scanner
Amap (by THC) is a new but powerful scanner which probes each port to fingerprint applications and services rather than relying on static port mapping.
http://www.thc.org
  • fping Image:Lin.jpg Image:Bsd.jpg : Fast Asynchronous Ping Scanner
fping is a ping(1) like program which uses ICMP echo requests ('pings') to determine if a host is up. fping is different from ping(1) in that you can specify any number of hosts on the command line, or specify a file containing the lists of hosts to ping. Instead of trying one host until it times out or replies, fping will send out an ICMP echo request and move on to the next host in a round-robin fashion.
Unlike ping(1), fping is meant to be used in scripts and its output is easy to parse.
http://www.fping.com
Download (http://www.fping.com/download/)
  • cheops-ng Image:Lin.jpg : Network Mapping and Monitoring Tool
Cheops-ng is a network management tool for mapping and monitoring your network, offering host/network discovery functionality as well as OS detection of hosts.
http://cheops-ng.sourceforge.net
  • PortQry Image:Win.jpg : Command Line Port Scanner
Portqry.exe is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. Portqry.exe runs on Windows 2000, Windows XP, and on Windows Server 2003-based computers. The utility reports the port status of TCP and UDP ports on a computer that you select.
http://support.microsoft.com/default.aspx?scid=kb;en-us;310099
Download (http://www.microsoft.com/downloads/details.aspx?familyid=89811747-c74b-4638-a2d5-ac828bdc6983&displaylang=en)
Strobe is a tool that locates and describes all listening TCP ports on a remote host or hosts.
Download (ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/strobe-1.06.tar.gz)
  • Unicornscan Image:Lin.jpg Image:Bsd.jpg : Information Gathering and Correlation Engine
Unicornscan is an information gathering and correlation engine designed to be scalable, accurate, flexible, and efficient. It is an experimental userland distributed TCP/IP stack intended to provide a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device, service or network. Although it contains hundreds of individual features, it's main set of abilities include TCP banner grabbing, TCP/UDP scanning, active and passive remote OS, application, and component identification, and pcap file logging.
http://www.dyadsecurity.com/s_unicornscan.html
phpDistributedPortScan is the first completely web-based distributed port scanner. It is comprised of a master node and an infinite number of slave nodes. The slave node is a tiny PHP 3.x script with minimal authorization that performs the actual portscans and sends the results back to the master. All communication is outbound from the master and uses normal HTTP POST requests to control the slaves. The master is a slightly more complex PHP 3.x script that coordinates all of the slave nodes and brings all of the scan results back to the user.
http://www.digitaloffense.net/phpDistributedPortScanner
  • Autoscan Image:Lin.jpg : Network Monitoring and Management Tool
AutoScan is an application designed to explore and to manage your network. Entire subnets can be scanned simultaneously without human intervention. The objective of the program is to post the list of all equipment connected to the network. A list of ports preset is scanned for each equipment.
http://autoscan.free.fr

Articles in category "Target Mapping"

There is 1 article in this category.

U

Retrieved from "http://www.securityforest.com/wiki/index.php/Category:Target_Mapping"
Advertisement