Home What's Here? Why PHTC? Labs FAQ PHTC Corrections Buy PHTC Now! VH Blog Contact Request Links Legal Email
Labs
 

What Labs are in Practical Hacking Techniques and Countermeasures?


The following is a list of tools used in PHTC. Several of the tools are used more than once:


  • Amap - An application and service fingerprint scanner
  •  
  • Netcat - Everyone's favorite Swiss Army Knife
  •  
  • Scanline -  Command line port scanner
  •  
  • Xprobe2 - Remote OS fingerprinting 
  •  
  • Banner.c - Advanced banner grabbing
  •  
  • DumpSec - Auditing tool for Windows
  •  
  • Getmac - Retrive the MAC address from the target
  •  
  • Nmap - Security scanner for network exploitation and scanning
  •  
  • NmapNT - The Windows version of Nmap
  •  
  • SamSpade - Network query tool
  •  
  • Sid2User - Retrieve the user account name as it's associated with the SID
  •  
  • Sprint -  TCP fingerprinting tool
  •  
  • User2Sid - Retrieve the SID number from a given user account name
  •  
  • UserDump - Enumerate user accounts on the target
  •  
  • UserInfo - Enumerate user information on the target
  •  
  • Visual Route - Analyze Internet connectivey, trace path to target
  •  
  • Winfingerprint - Windows Security Enumeration tool
  •  
  • AngryIP - Small and fast port scanner
  •  
  • CGI Scanner - Web server vulnerability scanner
  •  
  • Fscan - Command-line port scanner (now known as Scanline)
  •  
  • FTP Scanner - Locates anonymous FTP servers
  •  
  • LanGuard - Commercial network security scanner
  •  
  • LanSpy - Network security and port scanner
  •  
  • Passifist - Passive network discovery tool
  •  
  • SMBScanner - Verify share-level access on the target
  •  
  • Strobe - Locates and buils a list of all open ports and services in the network
  •  
  • SuperScan - Fsat network vulnerability scanner
  •  
  • WinGateScan - Locate WinGate servers
  •  
  • Ethereal - Free network scanner (now called Wireshark)
  •  
  • IPDump - Packet capture tool
  •  
  • Ngrep - Packet sniffer with the capability to alert to attacks
  •  
  • Sniffit - Packet sniffer with filtering capabilities
  •  
  • TCPDump - Classic network sniffer
  •  
  • WinDump - Windows version of TCPDump
  •  
  • ZxSniffer - View network traffic and auto-captures passwords
  •  
  • Packit - Packet injection and manipulation. Used to spoof traffic
  •  
  • RafaleX - Create and inject custom pakets into the network. (Now known as Engage Packet Builder)  
  •  
  • SMAC - Allows you to easily spoof your MAC from Windows, even through a reboot
  •  
  • BruteFTP - Brute force FTP servers
  •  
  • CHNTPW - Reset unknown Windows passwords 
  •  
  • FgDump - Auto shuts down many Anti-virus and dumps the passwords
  •  
  • John the Ripper - The DeFacto standard for password cracking
  •  
  • LC5 - L0phtcrack5 (LC5) dumps and cracks the users passwords. (Owned by Semantec- Use LCP)
  •  
  • Netwox-Netwag-Netwib - Canned vulnerability assessment tools with over 150 tools
  •  
  • TSGrinder2 - Brute force Remote Desktop targets 
  •  
  • ByPassing Windows XP - Windows XP (Corporate) validation bypass
  •  
  • Cerebus - Multi-protocol assessment scanner
  •  
  • Metasploit - Vulnerability exploitation tool supporting custom scripts
  •  
  • Nikto - Vulnerability Web scanner 
  •  
  • NStealth - HTTP scanner with over 3500 signatures
  •  
  • Pluto - Automated vulnerability assessment of targets
  •  
  • Retina - Commercial vulnerability scanner by eEye 
  •  
  • SAINT - Network vulnerability scanner, including the SANS Top 20
  •  
  • SARA - Founded from the SATAN tool architecture; network analyzer
  •  
  • Shadow Scanner - Multi-platform vulnerability scanner
  •  
  • Solar Winds - Series of network tools from identification to configuration. Includes Cisco tools
  •  
  • WHCC - Web Hack Control Center. Contains thousands of exploits to test servers
  •  
  • XP Fake - use this fake XP login screen tocapture the user's username/password
  •  
  • X-Scan - Multi-threaded vulnerability scanner with plug-in support
  •  
  • Achilles - Host-proxy solution allowing you to view and edit data to/from the target 
  •  
  • Back Orifice - Made famous and created by the Cult of the Dead Cow (CDC) 
  •  
  • Dsniff - Allows for Man-in-the-Middle (MtM) attacks on switched environments 
  •  
  • Ettercap - The Windows way to sniff traffic on a switched environment 
  •  
  • In Control 3 - Track any/all changes made to a system, even through a reboot
  •  
  • NetBus - Labeled as a "Remote Administration Tool" this Trojan is fun to play with
  •  
  • Reverse Shell - This lab uses netcat to set up a reverse shell on the target
  •  
  • Sneaky Sneaky - Create a covert channel using ICMP 
  •  
  • Streaming Files - Alternate Data Streams (ADS) allows you to hide hacker tools in plain site
  •  
  • Elitewrap - An EXE wrapper used to compromise the target
  •  
  • Fpipe - Port redirector used to bypass firewall rules 
  •  
  • Portmapper - Port redirector with a very small footprint
  •  
  • PsExec - Used to execute applications on remote targets
  •  
  • Trash2.c - Denial of Service attack tool using spoofed ICMP/IGMP packets