Backtrack 5 R3 Tools

Backtrack 5 R3 Tools

Identify Live Hosts

• dnmap – Distributed NMap
• address6 (The Second “Alive6″ entry) – IPV6 address conversion

Information Gathering Analysis

• Jigsaw – Grabs information about company employees
• Uberharvest – E-mail harvester
• sslcaudit – SSL Cert audit
• VoIP honey – VoIP Honeypot
• urlcrazy – Detects URL typos used in typo squatting, url hijacking, phishing

Web Crawlers

• Apache_users – Apache username enumerator
• Deblaze – Performs enumeration & interrogation against Flash remote end points

Database Analysis

• Tnscmd10g – Allows you to inject commands into Oracle
• BBQSQL – Blind SQL injection toolkit

Bluetooth Analysis

• Blueranger – Uses link quality to locate Bluetooth devices

Vulnerability Assessment

• Lynis – Scans systems & software for security issues
• DotDotPwn – Directory Traversal fuzzer

Exploitation Tools

• Netgear-telnetable – Enables Telnet console on Netgear devices
• Termineter – Smart Meter tester
• Htexploit – Tool to bypass standard directory protection
• Jboss-Autopwn – Deploys JSP shell on target JBoss servers
• Websploit – Scans & analyses remote systems for vulnerabilities

Wireless Exploitation Tools

• Bluepot – Bluetooth honeypot
• Spooftooph – Spoofs or clones Bluetooth devices
• Smartphone-Pentest-Framework
• Fern-Wifi-cracker – Gui for testing Wireless encryption strength
• Wi-fihoney – Creates fake APs using all encryption and monitors with Airodump
• Wifite – Automated wireless auditor

A Bunch of Password Tools

• Creddump
• Johnny
• Manglefizz
• Ophcrack
• Phrasendresher
• Rainbowcrack
• Acccheck
• smbexec

And let’s not forget “Subterfuge” the MiTM Framework, and new Arduino support.