User:Kanonkas/Tools

Get Linux[edit]

Use a Linux distro such as Ubuntu, OpenSUSE, Knoppix (security distro). Unofficial distros: BackTrack (Best security distro available for the public), nUbuntu (security distro).

You can try FreeBSD too (which is a good OS for security). (Not linux)

Range block calculators[edit]

When doing rangeblocks, use these calculators: [1], [2], [3], [4], [5]

Check the range(s) using CIDR, you can try using /16 /27 or /32.

Get ip ranges for a country, this is really dangerous you can block a whole country with the information you get there.

Example below

Open proxies[edit]

When checking proxies, use nmap and try to connect through a specific port. Most of the time port 80 is enabled. You may want to use this script (only for unix systems, e.g. Ubuntu).

You can use this nmap command: nmap -PN -T Aggressive -A -v -sV target

WHOIS.

Check contribs on all wikis.

Open proxy detection

Wikipedia:Open proxy detection

w:Category:Open proxies blocked on Wikipedia -> Don't use this, the proxies there can be out of date, checking it yourself is better.

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html SSH client. Caution is advised when connecting to other hosts. Most of the time you connect through port 20.

Ports you can try out: 80, 200, 3128, 6588, 8000 and 8080.

• Example below on how to catch one using your browser

This HTTP proxy can be used by changing your web browser settings. For Firefox, go to Tools > Options > Advanced > Network > Settings > Manual proxy configuration > Enter "170.210.215.253" next to "HTTP Proxy" and "3128" next to "Port" and save settings. If you can browse the net, you've got an open proxy.

Open proxy tools[edit]

http://ping.eu/proxy/

http://www.domaintools.com/reverse-ip/

http://www.whosonmyserver.com/

http://www.robtex.com/ip/ good info here.

http://www.stic-online.de/stic/html/open-proxy-check.html

http://www.senderbase.org/ can also be used for spam, also suppports CIDR ranges.

http://google.com/gwt/n Google web accelerator

Open proxy lists[edit]

http://proxy.org/proxies_sorted2.shtml

http://proksi.hash.es/

http://www.bjaodn.org/wiki/MediaWiki:Openproxylist proxy list to see, a lot of proxies there.

http://www.ip-adress.com/Proxy_Checker/ not very good as a tool but can be a good place to find a lot of proxies

http://www.aliveproxy.com/proxy-checker/ same with this tool, not very useful, the above one is better.

TOR[edit]

• http://torstatus.blutmagie.de/
• http://proxy.org/tor_blacklist.txt
• http://www.sectoor.de/tor.php?ip=76.91.72.239 change the IP with a new IP when trying to check an ip.
• http://torstatus.kgprog.com/
• https://torstat.xenobite.eu/

Zombie proxy[edit]

• http://en.wikipedia.org/wiki/User:East718/X

Spam[edit]

• http://www.spamhaus.org/sbl/
• http://www.spamhaus.org/xbl/
• http://www.us.sorbs.net/
• http://www.spamcop.net/bl.shtml

Packet sniffers[edit]

• http://stumbler.net/
• http://www.kismetwireless.net/
• http://www.wireshark.org/
• http://sectools.org/wireless.html

Port scanner[edit]

• http://nmap.org/download.html
• http://nmap.org/book/zenmap.html info for Zenmap.

Vulnerability scanners[edit]

• http://netcat.sourceforge.net/
• http://www.nessus.org/nessus/
• http://sectools.org/vuln-scanners.html

Vulnerability exploitation tools[edit]

• Metasploit framework
• Core impact
• Canvas framework

Other tools[edit]

• http://www.robtex.com/rbl/
• http://www.ippages.com/us/
• http://openrbl.org/query
• http://samspade.org/whois/
• http://whois.domaintools.com/
• http://private.dnsstuff.com/tools/ipall.ch?domain=
• http://private.dnsstuff.com/tools/whois.ch?ip=
• http://remote.12dt.com/
• http://www.iwebtool.com/reverse_ip
• http://www.myipneighbors.com/