SOLDIERX.COM Nobody Can Stop Information Insemination

SoftPerfect Network Scanner is a free multi-threaded IP, NetBIOS and SNMP scanner with a modern interface and many advanced features. It is intended for both system administrators and general users interested in computer security.

Password recovery tool to dump clear text passwords from lsass

Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems. Also dumps passwords in plain-text without the need to crack the hashes. Supports Windows XP, 2003, Vista, 7 and 2008.

WinDump is the Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules. It can run under Windows 95, 98, ME, NT, 2000, XP, 2003 and Vista.

Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.

Updated/new name: Wireshark

OmniPeek gives network engineers real-time visibility and Expert Analysis into every part of the network from a single interface, including Ethernet, Gigabit, 10 Gigabit, 802.11a/b/g/n wireless, VoIP, and Video to remote offices. Using OmniPeek’s intuitive user interface and "top-down" approach to visualizing network conditions, network engineers—even junior staff—can quickly analyze, drill down and fix performance bottlenecks across multiple network segments, maximizing uptime and user satisfaction.

Packetyzer is a network protocol analyzer for Windows, also know as a packet sniffer. It is based on the Ethereal project, but provides a native Windows GUI. Packetyzer can capture from virtually any network adapter and supports many advanced features.

The Goolag Scanner is a tool that has been released by the Cult of the Dead Cow to automate Google hacking using 1,500 predefined search queries.

The original site is down, I found a copy of the tool on the packet storm website. Old school tool, still works ok to automate the google information gathering phase.

Google Hack Honeypot is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a “Google Hack” honeypot. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources. GHH implements honeypot theory to provide additional security to your web presence.

CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
Additionally, CMS Explorer can be used to aid in security testing.
While it performs no direct security checks, the "explore" option can be used to reveal hidden/library files which are not typically accessed by web clients but are nonetheless accessible.
This is done by retrieving the module's current source tree and then requesting those file names from the target system.
These requests can be sent through a distinct proxy to help "bootstrap" security testing tools like Burp, Paros, Webinspect, etc.
CMS Explorer can also search OSVDB for vulnerabilities with the installed components.

CMS Explorer currently supports module/theme discovery with the following products:
* Drupal
* Wordpress
* Joomla!
* Mambo

And exploration of the following products:
* Drupal
* Wordpress