Here is a short list of applications that I use frequently when undertaking a penetration test of vulnerability scan. I don’t use all of these all the time, but they are probably the most popular tools in the security community. We start with Kali, the Swiss Army knife of exploitation tools. What can’t Kali do? Then we look several stand alone tools for host enumeration, port scanning, packet sniffing, vulnerability detection, password cracking, man-in-the-middle exploits, exploit designing and deployment, social engineering, and remote control.
- Kali Linux – this Linux distribution from Offensive Security has so many tools in it that the list could end here. Let’s just say for that many of the tools that follow are to be found installed in Kali.
- Fast Resolver by NirSoft – This has become my go to tool for getting a quick list of hosts on a network. The results include IP address, host names, and MAC addresses. Because so many network admins use simple and obvious naming schemes, it is fairly easy to determine the server systems, and from the desktop hosts, often the names of employees who are using the computer.
- nMap and ZenMap – They are the same tool, nMap for Linux and ZenMap for Windows. This is a great tool for identifying hosts and open ports on a network, and can help find exploitable vulnerabilities.
- Nessus by Tenable – Nessus is relatively expensive. But it is a great vulnerability scanner for security professionals. This is a web based product that can be couple with locally installed headless scanners for performing both internal and external vulnerability scans. Nessus has decent analysis and reporting tools
- Wireshark – Wireshark is a great open source network sniffer and protocol analyser. It allows for packet capture and inspection, and can be a great way to observer traffic flows and read packet contents.
- PuTTY – PuTTY is the open-source standard for communicating with servers via telnet and SSH.
- Maltego – Maltego, by Paterva, is a visual link analysis tool. The tool offers real-time data mining and information gathering. Presenting the information on a node based graph makes patterns and connections easily identifiable.
- The Social-Engineer Toolkit by TrustedSec. SET is a collection of tools that can send phishing and spearfishing attacks, fake SMS messages, and hide malware in media files, among other things. Since social engineering has become the dominant approach for cyber-criminals, this toolkit is a must.
- Metasploit by Rapid 7 – Metasploit is an amazing network penetration tool for creating or using existing exploits. It also has acollection of spearfishing, network mapping, and password brute force tools.
- Hash Suite from Openwall – Hash Suite is an efficient password cracking application for Windows. The application has a free, standard ($39.95) and pro ($89.95) versions .
- John-The-Ripper – John the Ripper is a fast open-source password decryption utility for Linux and Macs. It can automatically detect password hashes, and apply a variety of attacks such as dictionary and brute force hacks.
- Cain & Abel – Cain & Abel is a password recovery tool for Microsoft systems. It recovers various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary, brute-force and cryptanalysis attacks. It can record VoIP conversations, decode scrambled passwords, recover wireless network keys, reveal password boxes, uncover cached passwords and analyze routing protocols.
- Ettercap – Ettercap is a great tool for man in the middle attacks. It can sniff live connections, perform content filtering, intercept IP traffic, grab passwords, and eavesdrop on network activity, and includes many features for network and host analysis.
- Burp Suite – Burp Suite is an tool set for security testing web applications, from mapping and analysis of an application’s attack surface, to finding and exploiting security vulnerabilities.
If you are getting started in the cybersecurity business, becoming familiar and comfortable with these applications will help accelerate your career. Go ahead and download a few of these from the provided links. Enjoy!Share