• Subscribe to the low volume list for updates.

Open Source Technology

Our scanning platform here at HackerTarget.com is comprised of a number of geographically diverse hosts at world class Data Centers in Europe and the USA.

Depending on our current load and scanner requirements we have the capability of using our high end Dell Poweredge Dedicated server or one of a handful of VPS servers.

The tools we use are cutting edge open source security tools that are comparable if not better than any of the current commercial offerings. Here is a solid list of proven open source tools that are well proven and backed by strong technology and large communities.

    Scanning

  • Nmap - Detect open ports and the service listening. Worlds leading port scanner, as featured in the Matrix!
    Scanning Available here.
  • OpenVas - A fork of the original open source Nessus code base, this Vulnerability scanner examines your system for network services and then tests them against a list of known vulnerabilities. Scanning Available here.
  • Kismet - Wireless network scanning and packet sniffing.
  • Aircrack-ng - Wireless network scanning and breaking.
  • Web Application Assessment

  • Nikto - Web scanning excellence. Tests your web server and web applications against a list of known vulnerabilities. Scanning Available here.
  • w3af - w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
  • DirBuster - DirBuster is an auditing tool that brute forces your web server for web directories. A high quality tool that will find all sorts of things lying around in a forgotten directory.
  • SQL Scanners

  • Sqlmap - SQL injection scanner capable of enumerating entire remote databases, and perform an active database fingerprinting.
  • SQLiX - SQL Injection scanner, able to crawl, detect SQL injection vectors, identify the back-end database and grab function call/UDF results. Scanning Available here.
  • Intrusion Detection / Prevention (IPS / IDS)

  • Snort - Powerful Network Intrusion Detection with optional Intrusion Prevention capabilities. Extensive commuity and signature support.
  • Open Source Host-based Intrusion Detection System – Host based IDS solution. Also contains malware detection and log analysis software.
  • Exploitation (for testing purposes)

  • Metasploit - Leading open source exploitation framework. Automates exploitation of systems with a long list of possible payloads.
  • Monitoring

  • OSSIM - An open source security information management application. Collates data from a number of open source security products to ease the intrusion analysis burden.
  • Nagios - Network monitoring tool. Detect problems quickly and immediately. Automated alerts, extensive plugins - this is the most stable network monitoring applications out there.
  • BASE - Puts Snort IDS data into an easy to use web interface.
  • Firewall and Gateway Appliances

  • Untangle - Malware, firewall, IPS and VPN all in one.
  • PFSense - BSD based Firewall, IPS and VPN with addons for other useful utilities.