[font=Helvetica, Arial, sans-serif][font=Helvetica, Arial, sans-serif]
[/font]Useful Tools for Ethical Hacking/Penetration Testing[font=Helvetica, Arial, sans-serif]
[/font][/font]
[font=Helvetica, Arial, sans-serif]A larger number of hacking tools are built tailored for Linux. Some of these tools can be used in the command line. As a hacker or an aspiring one, there are a bunch of Linux command line tools available to aid your tasks, most of which are available in Kali or with a simple Git clone command.[/font]
[font=Helvetica, Arial, sans-serif][font=Helvetica, Arial, sans-serif]?[/font]Network Penetration Testing Tools[font=Helvetica, Arial, sans-serif]?[/font][/font]
[font=Helvetica, Arial, sans-serif][font=Helvetica, Arial, sans-serif]Nmap - A port scanning tool. Used for network scanning and security auditing.[/font]
[font=Helvetica, Arial, sans-serif]Masscan - A super fast tool for scanning a large range of IP addresses within a matter of minutes[/font]
[font=Helvetica, Arial, sans-serif]Nikto - Great for finding web server vulnerabilities[/font]
[font=Helvetica, Arial, sans-serif]Nessus - The defacto all round tool for finding mostly network based vulnerabilities[/font]
[font=Helvetica, Arial, sans-serif]Metasploit - Auxiliary modules for mapping as well as of course the many exploit modules[/font]
[font=Helvetica, Arial, sans-serif]Tcpdump -A versatile packet analyzer which runs under the command line. It permits the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.[/font]
[font=Helvetica, Arial, sans-serif]Httptunnel- A tunneling software that can tunnel network connections through restrictive HTTP proxies over pure HTTP "GET" and "POST" requests.[/font]
[font=Helvetica, Arial, sans-serif]Proxytunnel- This is program to stealthily tunnel a connection through a standard HTTPS proxy.[/font]
[font=Helvetica, Arial, sans-serif]Ettercap - For capturing and redirecting traffic on a network. Perfect for man-in-the-middle attacks.[/font]
[font=Helvetica, Arial, sans-serif]
Web Application Penetration Testing Tools
[/font]
[font=Helvetica, Arial, sans-serif]BurpSuite - The only web proxy you will ever need for manually finding web app vulnerabilities, use the pro version for more features.[/font]
[font=Helvetica, Arial, sans-serif]w3af_console - A pretty nice tool for doing some web app scanning for common vulnerabilities[/font]
[font=Helvetica, Arial, sans-serif]Fuser- A Linux utility to identify processes using files or sockets[/font]
[font=Helvetica, Arial, sans-serif]SQLMap - An automated database exploitation tool[/font]
[font=Helvetica, Arial, sans-serif]
WiFi Hacking / Penetration Testing Tools
[/font]
[font=Helvetica, Arial, sans-serif]Airgeddon - A script containing many of the below tools mentioned, a Swiss army knife of WiFi hacking tools essentially!.[/font]
[font=Helvetica, Arial, sans-serif]Reaver- A tool for brute forcing attacks against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases.[/font]
[font=Helvetica, Arial, sans-serif]
Social Engineering Tools
[/font]
[font=Helvetica, Arial, sans-serif]SocialFish - A script that produces a number of different phishing related pages for pen test engagements[/font]
[font=Helvetica, Arial, sans-serif]SET - Stands for social engineering toolkit, it's been around for a while, so is likely to be nicely polished by now[/font]
[font=Helvetica, Arial, sans-serif]Blackeye - Another Phishing based framework tool that offers a multitude of different templates to choose from, perfect for red team engagements.[/font]
[font=Helvetica, Arial, sans-serif]?Password Cracking Tools?[/font]
[font=Helvetica, Arial, sans-serif]Hashcat - Used to crack hashes. Password cracking tool can also used for recovering passwords, reviewing password security, benchmarking, and/or identifying data in a hash.[/font]
[font=Helvetica, Arial, sans-serif]JTR - John The Ripper is a great tool customising password attacks, we recommend using the Jumbo add on.[/font]
[font=Helvetica, Arial, sans-serif]Aircrack-ng - A tool tailored for hacking wireless networks. The most poplar tool for WiFi penetration testing.[/font][/font]
[font=Helvetica, Arial, sans-serif]A larger number of hacking tools are built tailored for Linux. Some of these tools can be used in the command line. As a hacker or an aspiring one, there are a bunch of Linux command line tools available to aid your tasks, most of which are available in Kali or with a simple Git clone command.[/font]
[font=Helvetica, Arial, sans-serif][font=Helvetica, Arial, sans-serif]?[/font]Network Penetration Testing Tools[font=Helvetica, Arial, sans-serif]?[/font][/font]
[font=Helvetica, Arial, sans-serif][font=Helvetica, Arial, sans-serif]Nmap - A port scanning tool. Used for network scanning and security auditing.[/font]
[font=Helvetica, Arial, sans-serif]Masscan - A super fast tool for scanning a large range of IP addresses within a matter of minutes[/font]
[font=Helvetica, Arial, sans-serif]Nikto - Great for finding web server vulnerabilities[/font]
[font=Helvetica, Arial, sans-serif]Nessus - The defacto all round tool for finding mostly network based vulnerabilities[/font]
[font=Helvetica, Arial, sans-serif]Metasploit - Auxiliary modules for mapping as well as of course the many exploit modules[/font]
[font=Helvetica, Arial, sans-serif]Tcpdump -A versatile packet analyzer which runs under the command line. It permits the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.[/font]
[font=Helvetica, Arial, sans-serif]Httptunnel- A tunneling software that can tunnel network connections through restrictive HTTP proxies over pure HTTP "GET" and "POST" requests.[/font]
[font=Helvetica, Arial, sans-serif]Proxytunnel- This is program to stealthily tunnel a connection through a standard HTTPS proxy.[/font]
[font=Helvetica, Arial, sans-serif]Ettercap - For capturing and redirecting traffic on a network. Perfect for man-in-the-middle attacks.[/font]
[font=Helvetica, Arial, sans-serif]
[font=Helvetica, Arial, sans-serif]BurpSuite - The only web proxy you will ever need for manually finding web app vulnerabilities, use the pro version for more features.[/font]
[font=Helvetica, Arial, sans-serif]w3af_console - A pretty nice tool for doing some web app scanning for common vulnerabilities[/font]
[font=Helvetica, Arial, sans-serif]Fuser- A Linux utility to identify processes using files or sockets[/font]
[font=Helvetica, Arial, sans-serif]SQLMap - An automated database exploitation tool[/font]
[font=Helvetica, Arial, sans-serif]
[font=Helvetica, Arial, sans-serif]Airgeddon - A script containing many of the below tools mentioned, a Swiss army knife of WiFi hacking tools essentially!.[/font]
[font=Helvetica, Arial, sans-serif]Reaver- A tool for brute forcing attacks against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases.[/font]
[font=Helvetica, Arial, sans-serif]
[font=Helvetica, Arial, sans-serif]SocialFish - A script that produces a number of different phishing related pages for pen test engagements[/font]
[font=Helvetica, Arial, sans-serif]SET - Stands for social engineering toolkit, it's been around for a while, so is likely to be nicely polished by now[/font]
[font=Helvetica, Arial, sans-serif]Blackeye - Another Phishing based framework tool that offers a multitude of different templates to choose from, perfect for red team engagements.[/font]
[font=Helvetica, Arial, sans-serif]?Password Cracking Tools?[/font]
[font=Helvetica, Arial, sans-serif]Hashcat - Used to crack hashes. Password cracking tool can also used for recovering passwords, reviewing password security, benchmarking, and/or identifying data in a hash.[/font]
[font=Helvetica, Arial, sans-serif]JTR - John The Ripper is a great tool customising password attacks, we recommend using the Jumbo add on.[/font]
[font=Helvetica, Arial, sans-serif]Aircrack-ng - A tool tailored for hacking wireless networks. The most poplar tool for WiFi penetration testing.[/font][/font]
