Wireshark 1.4.6

Ever since Wireshark come on the scene it was adopted as the #1 LAN sniffer for security demonstrations, says me. You don't have to believe all the hype and can go back to your console screen logging hours at the page down key. Wireshark for Windows is the best choice for capturing LAN traffic. Download Wireshark Here.

Wireshark is extremely easy to use and even a novice can start capturing data on the network. Wireshark features a very rich system to let you edit and resend packets over the network. You can set it to stop capturing after 'x' amount of packets which can be VERY handy for testing application bugs. You can control the size of capture log files and even use multiple files to log your captures too.

Cain & Abel 4.9.40

Cain & Abel is an old school tool that has finally started updating. I remember using this a while ago when I first started getting into security and more namely, hacking. Cain & Abel as told by the official website is a password recovery tool for Windows. This isn't your ordinary password cracker. Cain & Abel can do so much more and has a whole bunch of features you can find useful for network activities. It's also super easy and quick to install.

Sniffing the Network

Cain & Abel make it easy to sniff your own network's traffic by performing a "main in the middle" attack. This allows you to become a person on the network that basically relays the information to where it needs to be allowing you to view the traffic along it's way. You can perform trace routes and even view the local workgroups and other connected computers.

Password Tools

The password tools let you import local passwords like from MS Outlook user accounts. The password cracker also cracks individual password hashes. You can perform dictionary attacks on the password hashes until it finds one, it is highly threaded so it shouldn't be a problem cracking multiple hashes.

Remote Registry & Shares

Along with viewing the users on your network you can even look into their registry if the remote registry is enabled. You can also view and interact with the local shares on the network.Cain & Abel is a very nice and fast alternative to viewing shares than even Windows. You can help diagnose problems on the network with this tool making it a staple in the windows users arsenal. You can do most of these via the command line, but this give a nice clean interface so we aren't scrolling through hundreds if not thousands of console lines and logs.

Nessus 4.4.1

 Nessus is a network scanner that checks for vulnerabilities. You will have to register for an activation code but it's free. Nessus is famous for it's plugins and boasts it on their website as well. You can find several videos on their website that show instructions for installing and even operating Nessus. You can download it here.


I don't mind registering products that are free. In fact, as a developer I sometimes go out of my way to register products that are free. I suggest you do the same, plus I don't think you have access to the plugins if you don't register it. We are using the Windows version, and that is the only version under review here today.

After installing and registering it will take a long time to download and update their immense plugin library. Why was I not allowed to pick or just get a small minimal set? I thought the process took a long time to download and update and I definitely wasn't expecting it. You can view a full list of the plugins and the latest plugins added on their website. I checked back several minutes later and found that it was only at 26%.

Despite taking forever to "initialize" Nessus has a very nice browser based interface with easy to use controls for scanning entire ranges of addresses. I definitely recommend this product.

Insect Pro 2

Insect Pro is a "Web Scanner" tool by insecurityresearch. Besides spamming it up on FD to try and get donations for their cause insecurityresearch seems to have offered a rather nice tool, except for it's size at 120mb. I am testing the Insect Pro 2 web scanner, but it was told to me that it would be the 2.5 version after they irritated people over at FD. The extraction process is long and boring from winzip, but I stuck in there.


After the lengthy extraction process I poked around in the directories and soon found they packaged Metasploit with it. They didn't stop there either, it was also packaged with Python 2.7, NMap, RUBY and skipfish. I didn't even install this tool as I could already see that it was simply an interface for using Metasploit exploits, please correct me if I am wrong..

They also claim to release this tool for free, but you have to make a donation in order to use it. If you complain to them about it they might send you a copy. I DO NOT recommend this tool for use.

Download Hash Verifier

This is the first review of man I plan to do on this blog. I am trying to create a place for people to turn to before they download an use some of the tools in the hacking/security industry. Today we will be reviewing DownloadHashVerifier. This tool is supposed to verify the integrity of a file by it's "hash". You select the file you want to check and input the hash you were given at download then click the verify hash button.

I see some major problems with this. The first problem is most people don't offer a hash with files that are downloaded. Let's say Johnny wants to download mIRC but they're website is down. Johnny googles for it and finds a mirror and downloads mIRC. Johnny also got a hash from the mirror site and wants to make sure his file wasn't tampered with. How does Johnny know the hash he has will help verify that? he doesn't, he has NO IDEA. If malware was in the mIRC executable why wouldn't the person use the hash from the file AFTER it was backdoored?

I guess I am just failing to see how this is beneficial to anyone. Monitoring file hashes for single files is menial when compared to what file hashes are meant for, VERIFYING INTEGRITY. If you download a file from a website that  is malicious, you take your chances whether it has a file hash or not. File h ash integrity checking should be reserved for versioning and making sure directories of files haven't been compromised.

I don't see a reason to use this software.