Pentest Araçları

Sızma Testleri için kullanılabilecek araçlar

Password hashes dump tools
Kaynak site:
https://docs.google.com/spreadsheet/ccc?key=0Ak-eXPencMnydGhwR1VvamhlNEljVHlJdVkxZ2RIaWc#gid=0

Dump Windows password hashes efficiently (6 Parts)
Kaynak site:
http://bernardodamele.blogspot.ca/2011/12/dump-windows-password-hashes.html
http://bernardodamele.blogspot.ca/2011/12/dump-windows-password-hashes_16.html
http://bernardodamele.blogspot.ca/2011/12/dump-windows-password-hashes_20.html
http://bernardodamele.blogspot.ca/2011/12/dump-windows-password-hashes_21.html
http://bernardodamele.blogspot.ca/2011/12/dump-windows-password-hashes_28.html
http://bernardodamele.blogspot.ca/2011/12/dump-windows-password-hashes_29.html

Companies That Give Back with Free Tools
Kaynak site:
http://www.room362.com/blog/2012/6/20/companies-that-give-back-with-free-tools.html

mimikatz
Protecting Privileged Domain Accounts: Disabling Encrypted Passwords
Kaynak site:
http://blog.gentilkiwi.com/mimikatz
http://computer-forensics.sans.org/blog/2012/03/09/protecting-privileged-domain-accounts-disabling-encrypted-passwords
http://pauldotcom.com/2012/02/dumping-cleartext-credentials.html
http://cyberarms.wordpress.com/2012/04/16/remotely-recovering-windows-passwords-in-pl/
http://www.infosecisland.com/blogview/22398-Completely-In-memory-Mimikatz-with-Metasploit.html
http://www.slideshare.net/ASF-WS/asfws-2012-mimikatz-par-benjamin-delpy
http://blog.bga.com.tr/2013/01/mimikatz-ile-windows-sistemlerde.html
http://blogs.technet.com/b/security/archive/2012/12/11/new-guidance-to-mitigate-determined-adversaries-favorite-attack-pass-the-hash.aspx

Windows Credentials Editor (WCE)
Dumping Clear Text Passwords
Kaynak site:
http://www.ampliasecurity.com/research/wcefaq.html
http://www.ampliasecurity.com/research/WCE_Internals_RootedCon2011_ampliasecurity.pdf
http://e-spohn.com/blog/2012/07/06/dumping-clear-text-passwords/

Firefox Addons For Penetration Testing
Kaynak site:
http://pentestlab.wordpress.com/2012/08/12/firefox-addons-for-penetration-testing/?goback=%2Egde_100569_member_143704728

Hping network scanning and crafting tool.
Kaynak site:
http://hackinmania.blogspot.in/2012/07/hping-network-scanning-and-crafting.html

Hash <--> Password
Kaynak siteler:
https://www.objectif-securite.ch/ophcrack.php
http://www.md5decrypter.co.uk/ http://www.darknet.org.uk/2014/02/hash-identifier-identify-types-of-hashes-used-encrypt-passwords//