• Subscribe to the low volume list for updates.

Archives of Tools

Security tools both offensive and defensive in nature.

Web Scanner Comparison

An interesting report has been released that takes a sample of web application security testing applications and puts them up against each other. The most notably thing is how much the results vary, and how many vulnerabilities most scanners miss. Clearly using more than one scanner is necessary to be able to compare the results, […]
Read More
14 years ago

Samurai, BackTrack and Kali – LiveCD’s for Pentesting

Linux has brought a wonderful concept to the world of computers and that is easy to use live cd's that allow you to boot up a fully operational operating system that does not require installation to the hard drive. Ubuntu, SuSe, Mandriva and Fedora all have boot-able Live CD options that allow you to test […]
Read More
14 years ago

Nmap Cheat Sheet

Nmap Target Selection Scan a single IP nmap 192.168.1.1 Scan a host nmap www.testhostname.com Scan a range of IPs nmap 192.168.1.1-20 Scan a subnet nmap 192.168.1.0/24 Scan targets from a text file nmap -iL list-of-ips.txt These are all default scans, which will scan 1000 TCP ports. Host discovery will take place. Nmap Port Selection Scan […]
Read More
14 years ago

Maltego – Open Source Intelligence Gathering

Maltego makes the collection of open source intelligence about a target organisation a simple matter. DNS queries, document collection, email addresses, whois, search engine interrogation, and a wide range of other collection methods allows a Penetration Tester, or vulnerability assessment, to quickly gather and find relationships between the data. Maltego is an open source intelligence […]
Read More
14 years ago

DirBuster – Brute force a web server for interesting things

You would be surprised at what people leave unprotected on a web server. What is Dirbuster DirBuster is a project by OWASP that will brute force web directories and filenames on a web server / virtual host. This can often reveal unprotected web applications, scripts, old configuration files and many other interesting things that should […]
Read More
14 years ago

rkhunter, chkrootkit and OSSEC Rootcheck

Rootkits are malicious software designed to allow stealthy backdoor access (as root) to computer systems. Below are 3 examples of free and open source ways to detect these threats on Linux based systems: RKHunter, Chkrootkit and OSSEC Rootcheck. rkhunter rkhunter or Rootkit Hunter is opensource software which scans for rootkits, backdoors, sniffers and exploits. Install […]
Read More
14 years ago

Guide to OpenVPN on Ubuntu 904 Jaunty Jackalope

If you want a simple VPN this is a quick and easy guide for OpenVPN on Ubuntu that will get you up and running with minimal configs. Note that with some persistance this is not hard to do and opens up a world of possibilities. Eg, Full encrypted access from remote locations to your home […]
Read More
14 years ago

Guide to Nessus 4 on Ubuntu 9.04

How to install Nessus on Ubuntu Nessus Essentials can scan up to 16 IPs. If you need to scan more, a license for Nessus Professional is required. The following steps are for a 64bit install. It should be the same for a 32bit installation apart from the different install files. Download Nessus Download from Nessus […]
Read More
14 years ago

Open Source Technology

The scanning platform at HackerTarget.com is comprised of a number of geographically diverse hosts at world class Data Centers in Europe and the USA. The tools we use are cutting edge open source security tools that are comparable, if not better, than any of the current commercial offerings. Here is a list of open source […]
Read More
14 years ago

Automated Web Application Scanners

Interesting reading around open source vs commercial and the future of web application scanning. From the Watchfire blog there is a good discussion with an interesting post and some good comments. A near perfect web application security site testing tool is a difficult thing to achieve, I liken it to the elusive antivirus heuristics which […]
Read More
16 years ago