I've been playing with backtrack for a little while now as I am trying to make a career move from VB.net software development to network security. As part of this migration program I have been spending much time reading and watching various mile2 and other security course material, to familiarize myself with the tools available and brush up my Linux skills before enrolling on the offensive security course.
Recently I have been looking at session hijacking and have been intrigued by the whole technique. I now have this hunger to see what tools are available and what protocols/ sessions are at risk. I have been reading and google-ing my nuts off but I can’t seem to get the information that I require. The applications that keep cropping up are;
T-Sight – Which I have seen a demo but looks a little too point and click, I prefer to learn how to do things properly and understand them.
Juggernaut – Which I can find little to no documentation on
Hunt – Which has little documentation. (Does this tool support SSH?)
IP-Watcher – I’m not quite sure this tool belongs to the right family
Does anyone know if any of the Linux based of these tools are included in backtrack and I just can’t find them? Can they be added as Slax-ware modules? Can anyone point me in the right direction of documentation for these or other session hijacking tools available?
Also, any pointers on how to penetrate the network security industry would be really useful, such as which courses are regarded more highly etc?
Thanks for your time.