Armory
EtherApe
EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic ...
fgdump
A successor to pwdump, fgdump can be used to dump user info from local and remote Windows boxes, given administrator privileges.
lsof
lsof is a Unix-specific diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It can also list communications open by each process.
RainbowCrack
RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea ...
KisMAC
KisMAC is an opensource and free stumbler/scanner application for Mac OS X. It has an advantage over MacStumbler, iStumbler, and NetStumbler in that it uses monitor mode and passive scanning. KisMAC supports several third party PCMCIA cards - Orinoco, PrismII, Cisco Aironet, Atheros and PrismGT. USB Prism2 is supported as ...
Angry IP Scanner
Angry IP Scanner is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features. It is widely used by network administrators and just curious users around the world, including large and small enterprises, ...
ike-scan
ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint and test IPsec VPN servers.
arpwatch
arpwatch is an open-source software that monitors a computer network for ARP-activity. It generates a log of IP address-MAC address pairings along with a timestamp when the pairing appeared on the network. The first and foremost reason to monitor ARP activity is to detect ARP spoofing. It is developed by ...
nemesis
Nemesis is a command-line network packet injection utility for UNIX-like and Windows systems. You might think of it as an EZ-bake packet oven or a manually controlled IP stack. With Nemesis, it is possible to generate and transmit packets from the command line or from within a shell script. Nemesis ...
KNOPPIX
KNOPPIX is a bootable Live system on CD or DVD, consisting of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, ...
Yersinia
Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, there are some network protocols implemented, but others are coming (tell us which one is your preferred). ...
Nagios
Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. It has been designed to run under the Linux operating system, but works fine under most *NIX variants as well. The monitoring daemon runs intermittent checks on hosts and ...
fragroute
fragroute intercepts, modifies, and rewrites egress traffic destined for the specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection'' paper of January 1998. Unlike fragrouter(8), this program only affects packets originating from the local machine destined for ...
Cacti
Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use ...
socat
socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device (serial line etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an SSL socket, proxy CONNECT connection, a file descriptor (stdin ...