SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

Nift - Network Intrusion Footprinting Tool Copyright (C) 2002 Jeremy Collins

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Written by Meccros meccros@hotmail.com

DESIGN - A pratical GUI Front-End for the most common footprinting 

          tools and methods avaliable. This program requires root access.
          It can also function as a text based scanner for systems without
          X11 or GTK+ 1.2.0 support

COMPILE 

        ./configure
        make
        su root
        make install

USAGE nift (loads the GUI) 

                or
        niftd (options) -h (hostname or ip   (where options is a Letter (A, B, C, E, F, G)

        -A  =  Arin network query
        -B  =  Host look and DNS Zone transfer attempt
        -C  =  ICMP Network Discovery
        -E  =  Nmap Syn Portscan
        -F  =  OS Identification (thru TCP, UDP, and ICMP protocals)
        -G  =  Banner Grabbing  (will also identify wingates at the moment)

TODO

  • (Tests to add in the future)
    • Domain Query (Inital registar query)
    • Registar Query (match all names in registar database)
    • Organizational Query (Domains the company has registered)
    • POC Query (common admin contacts for the network)
    • Firewall rules discovery
    • HTTP server crawls
    • Finger exploitation
    • Telnet setenv / printenv
    • Analyse data gathered
    • DOS vulnerabilities tests
    • Renote Vulnerability tests
  • Functionability
    • Option to ignore hosts already found on the network when pingscanning (less garbage to be found in logs)
    • Optional Use of wingates whenever possible. (User provided and will also use wingates found withen the network)
    • Spoofed Decoys to throw off AIDS, also verifies decoy addy's provided are alive to avoid syn flooding the host. Will change ttl of the source I.P. when decoy's are used in case the host uses packet source accounting. (keeps your I.P. from being singled out)
    • Can either trust banners to determine possible exploits, or test the exploits. The first will be safer, but will likely generate many false positives.
  • Bugs I'm aware of

none at the moment


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.