Three lesser known security tools for your arsenal

Roadkil’s DHCP Find

A small and efficient, windows based, app to find rogue DHCP servers.  It works by simply sending out DHCP requests and logging all the servers that  reply.  Not much to it, but when you are tracking down DHCP servers, this will be extremely valuable. DHCP Find 1.2


Let’s face it, tools like tcpdump and nmap are unbelievably powerful,  but without a lot of patience and a lot of experience they can both be overwhelming. Enter “nast”.  Nast is like the swiss army knife you keep in your pocket.  Its a handy set of very useful tools for network troubleshooting (and mischief) all wrapped into one handy program.  It has increasingly become my “go to” tool when i just want to get a job done. Here is a sampling of its features:

See the nast homepage mirror, old homepage defunct for source code, full man page and contact information


Curious about what is actually being sent back and forth in your https session?  Take a little peak with sslstrip. Unlike our previous tools, sslstrip requires a little upfront work to get going. You will need a linux box to do the work on.

With everything running, test out a few https webpages. You should see the contents of your http post appear in the logfile.  Check the options of sslstrip for more detailed logging and other features.

Sslstrip can be found at .  Arpspoof is part of dnsiff, which can be found over here.