Hacking Tools
Introductie
Index van hacking tools
Type actie | Tool | In Kali? | GUI? | Free? | Info |
---|---|---|---|---|---|
Investigate firewall presence | wafw00f | yes | no | yes | |
Inspect security certificate of web server | SSLyze | yes | yes | yes | |
Security certificate of web server, Inspect | SSLyze | yes | yes | yes | |
Directory bruteforcing tool | gobuster | no | no | yes | |
Certificate, Inspect security | SSLyze | yes | yes | yes | |
Certificate, Inspect security | SSLyze | yes | yes | yes | |
ARP reconnaisance | Netdiscover | yes | no | yes | |
Local network scan | Netdiscover | yes | no | yes | |
Scan, Local network | Netdiscover | yes | no | yes | |
Scanning | Zenmap | yes | yes | yes | |
Scanning | nmap | yes | no | yes | |
WhatWeb | yes | no | yes | Web scanner | |
BlindElephant | no | Web scanner | |||
Scanning | masscan | yes | no | yes | Large IP ranges |
Scanning | Zmap | no | Large IP ranges | ||
Configuration compliance | nmap | yes | no | yes | |
Enumeration | nmap | yes | no | yes | |
Vulnerability scanning | nmap | yes | no | yes | |
Fingerprinting | nmap | yes | no | yes | |
Reconnaisance | nmap | yes | no | yes | |
Reconnaisance | Amap | no | |||
Reconnaisance | Whois | yes | no | yes | Query and response protocol for Internet resources |
Foca (Fingerprinting Organizations with Collected Archives) | yes | Find metadata and hidden info in docs | |||
Reconnaisance | Nslookup | yes | no | yes | Query DNS |
Enumeration | Nslookup | ||||
Reconnaisance | Theharvester | yes | no | yes | Collects emails, subdomains, hosts, employee names, open ports and banners |
Reconnaisance | Shodan | no | yes | Search engine to find webcams, routers, etc. | |
Maltego | yes | Conducts open source intelligence, and makes a visual representation of relationships | |||
Reconnaisance | Recon-NG | yes | no | yes | Open source web reconnaisance framework, written in Python |
Reconnaisance | Censys | no | yes | yes | Zoekmachine voor hosts en networks met gegevens over hun configuratie |
Reconnaisance | aircrack-ng | ||||
Password cracking (offline) | aircrack-ng | ||||
Brute-forcing services | aircrack-ng | ||||
Brute-forcing services | Patator | yes | no | yes | |
Brute-forcing services | Medusa | yes | no | yes | |
Brute-forcing services | Hydra | yes | no | yes | Online password cracking |
Brute-forcing services | xHydra | ||||
Password cracking (offline) | John the Ripper | yes | no | yes | |
Password cracking (offline) | Mimikatz | yes | no | yes | |
Brute-forcing services | Mimikatz | yes | no | yes | |
Password cracking (offline) | Cain and Abel | no | yes | Windows | |
Network sniffing | Cain and Abel | no | yes | Windows | |
Brute-forcing services | Cain and Abel | no | yes | Windows | |
Password cracking (offline) | Hashcat | yes | no | yes | |
Reconnaisance | Kismet | yes | yes | yes | |
Reconnaisance | WiFite | yes | no | yes | |
Reconnaisance | Wireshark | yes | yes | yes | |
Wireshark | yes | yes | yes | ||
Reconnaisance | Hping | no | no | ||
Enumeration | Hping | no | no | ||
Reconnaisance | SET (Social-Engineer Toolkit) | yes | no | yes | Penetration testing framework for social engineering |
Evasion | Metasploit framework | ||||
Evasion | Proxychains | no | Force TCP connections from all applications to run through a proxy | ||
Evasion | Route | ||||
Reconnaisance | Metasploit framework | ||||
Persistence | Metasploit framework | ||||
Persistence | SET (Social-Engineer Toolkit) | yes | no | yes | Penetration testing framework for social engineering |
Evasion | SET (Social-Engineer Toolkit) | yes | no | yes | Penetration testing framework for social engineering |
Persistence | SSH (Secure Shell) | Uses encryption to create a secure channel between client and server. Use instead of Telnet. | |||
Persistence | BeEF (Browser Exploitation Framework) | yes | Hook a web browser for launching command modules and attacks | ||
Persistence | Powersploit | Post exploitation framework, collection of Powershell modules | |||
Persistence | Empire | no | no | PowerShell and Python post exploitation agent | |
Persistence | Drozer | ||||
Post exploitation | Responder | yes | no | yes | LLMNR, NBT-NS en MDNA poisoner |
Impacket | yes | no | yes | Python classes for working with network protocols. Focused on low level program access for SMB and MSRPC protocol | |
Persistence | NCAT | no | Reading, writing, redirecting and encrypting data on a network (opvolger van Netcat, van makers nmap) | ||
Persistence | NETCAT | no | Reading, writing, redirecting and encrypting data on a network | ||
Vulnerability scanning | Metasploit framework | ||||
Searchsploit | yes | no | yes | Search tool for the exploit DB | |
Vulnerability scanning | Nikto | yes | no | yes | |
Configuration compliance | Nikto | yes | no | yes | |
Vulnerability scanning | Skipfish | yes | no | yes | General purpose |
Vulnerability scanning | OpenVAS | yes | yes | General purpose | |
Configuration compliance | OpenVAS | yes | yes | General purpose | |
Vulnerability scanning | Nessus | yes | no | General purpose | |
Configuration compliance | Nessus | yes | no | General purpose | |
Vulnerability scanning | SQLmap | yes | no | yes | Detecteren en exploiteren van SQL injection problemen |
Configuration compliance | SQLmap | yes | no | yes | Detecteren en exploiteren van SQL injection problemen |
Decompilation | Interactive DisAssembler (IDA) | yes | no | ||
Decompilation | Hopper | ||||
Decompilation | Immunity debugger | ||||
Debugging | Immunity debugger | ||||
Debugging | Ollydbg | no | yes | yes | |
Debugging | Gnu Debugger (GDB) | yes | no | yes | |
Debugging | WinDbg | no | yes | yes | |
Debugging | Interactive DisAssembler (IDA) | ||||
Decompilation | APK Studio | ||||
Debugging | APK Studio | ||||
Decompilation | Android APK decompilation for the lazy (APKX) | ||||
dotdotpwn | n | n | y | Directory traversal fuzzer (met apt-get te downloaden in Kali) | |
Debugging | Android APK decompilation for the lazy (APKX) | ||||
Fuzzing (Software assurance) | AFL (American Fuzzy Lop) | yes | Open source, text based security fuzzer | ||
Fuzzing (Software assurance) | Peach | no | Identify vulnerabilities by conducting fuzzing | ||
Security testing (Software assurance) | Findsecbugs | Security audits of Java apps before deployment | |||
Security testing (Software assurance) | Findbugs | Security audits of Java apps before deployment | |||
Security testing (Software assurance) | SonarQube | Open source platform. Automatic static code reviews to find vulnerabilities and bugs in about 20 programming languages. | |||
Security testing (Software assurance) | YASCA (Yet Another Source Code Analyzer) | Open source code scanner. Uses plugins. | |||
Forensics | Foremost | ||||
Forensics | FTK | ||||
Forensics | EnCase | ||||
Forensics | Tableau | ||||
Brute-forcing services | SQLmap | yes | no | yes | Detecteren en exploiteren van SQL injection problemen |
Credential testing | Dirbuster | ||||
Credential testing | CeWL | yes | no | yes | |
Vulnerability scanning | W3AF | ||||
Burp Suite | y | y | y | Web application security. Free version has less possibilities. | |
Brute-forcing services | W3AF | ||||
Vulnerability scanning | OWASP ZAP | Open source web application security scanner | |||
Web server scanning | Nikto | yes | no | yes | In de Nikto wiki vind je meer info |
Web content scanning | dirb | yes | no | yes | Zie Kali.org |
Compiling code on Linux for Windows | Mingw-w64 | yes | no | yes | |
WPS attack | Reaver | ||||
WPS attack | Bully | ||||
Wordlist generator | cupp | ||||
Credential attacks | ncrack | ||||
Wifi | wifijammer | ||||
Wifi | wififisher | ||||
Wifi | Wifi Pumpkin | ||||
Wifi | Fern | ||||
Xplico | |||||
Ettercap | |||||
Armitage | |||||
wash | |||||
msfvenom | |||||
airmon-ng | |||||
airodump-ng | |||||
aireplay-ng | |||||
airolib-ng | |||||
macchanger | |||||
discover | |||||
Wordlists | crunch | ||||
WCE (Windows Credentials Editor) | |||||
FGDUMP | |||||
hash-identifier | |||||
findmyhash | |||||
nbtscan | |||||
md5sum | |||||
ssh-keygen | |||||
enum4linux | |||||
Sparta | |||||
Angry-ip | |||||
wpscan | |||||
Vega | |||||
Nexpose | |||||
Webinspect | |||||
Weevely | |||||
joomscan | no | no | yes | Zie Joomscan – OWASP Joomla Vulnerability Scanner Project | |
redfang | no | yes |
Aanroepen met fang, naam is redfang. Zoek naar nondiscoverable Bluetooth devices. Zie Redfang Homepage |
||
Bluetooth | BlueMaho | ||||
Bluetooth | BlueRanger | no | no | yes | |
Bluetooth | BlueSnarfer | yes | no | yes | Zie BlueSnarfer homepage |
Commix | |||||
Scanning for vulnerabilities | Uniscan | ||||
Scanning for CMS vulnerabilities | CMSmap | ||||
Database exploitation | SQLNinja | ||||
DNS enumeration | DNSEnum | yes | no | yes | |
DNS enumeration | Fierce | yes | no | yes | |
DNS enumeration | DNSRecon | yes | no | yes | |
Packet generation/insertion | Nemesis |
Index van hacking techniques
Name | Type | Info |
---|---|---|
Reconnaisance | Verzamelen van informatie voor je gaat aanvallen. Meestal via open source research of passief verzamelen van gegevens. | |
Enumeration | Het maken van een actieve verbinding met het target, om zwakke punten te ontdekken. | |
Vulnerability scanning | Diepgaand scannen van een target om vulnerabilities te ontdekken. Tools gebruiken om te zoeken naar ontbrekende patches and configuratiefouten. | |
Credential attacks | Kan bestaan uit offline password cracking of brute forcing van online sites | |
Evasion | Zorgen dat je niet wordt opgemerkt door systeembeheerders of verdedigingssoftware | |
Persistence | Hoe kan je blijvend toegang houden tot het target systeem | |
Configuration compliance | Kijken of een systeem voldoet aan een security baseline of policy | |
Decompilation | Het omzetten van een executable in leesbare code | |
Forensics | Verzamelen en analyzeren van digitaal bewijsmateriaal | |
Debugging | Het vinden en oplossen van fouten in computerprogramma's | |
Software assurance |
Links
© Henk Dalmolen
Reageer via E-mail (dalmolen@xs4all.nl)
Deze pagina is voor het laatst gewijzigd op: 30-01-23 22:17:36
Reageer via E-mail (dalmolen@xs4all.nl)
Deze pagina is voor het laatst gewijzigd op: 30-01-23 22:17:36