Overview of some of the Cyber Security tools in Kali Linux.
- Nmap known as Network Mapper is a tool used for network scanning and security auditing
- It is used to detect vulnerabilities , discover open ports and services.
- Helps to identify services like DNS servers , web servers that are running on a system.
- Determine what type of OS , packet filters are in use.
- It provides information on port type , its state , services running and its version.
- Spiderfoot is an open source intelligence (OSINT) automation tool for intelligence gathering (footprinting).
- Used to gather info of given target such as IP address , hostname , domain name.
- To identify what information is openly exposed and any malicious IPs.
- Tool can be used as both offensive and defensive as per the pentester.
- Useful for threat intelligence and digital investigations.
- Legion tool is a semi automated network penetration testing tool.
- Automatically detects CVEs (Common Vulnerabilities and Exposures).
- Realtime autosaving of project results and tasks.
- Automatic recon and scanning with auto-scheduled scripts.
- Allow pentesters to quickly exploit attack vectors on hosts.
- IKE(Internet Key Exchange) Scan is used to discover and fingerprints IKE hosts.
- Used by IPsec and vast majority of IPsec VPNs use IKE for key exchange.
- Uses retransmission backoff pattern.
- IKE scan sends request and displays the responded hosts as a part of host discovery.
- It does Fingerprinting which determines implementation used by IKE hosts.
- Nikto is an open-source software used to scan web-server vulnerabilities.
- It performs comprehensive tests against web servers for multiple security threats.
- Supports full HTTP Proxy and finds sub-domain.
- Checks for version related problems and outdated web servers.
- Finds common vulnerabilities and reports unusual headers.
- Unix-privesc-check is a vulnerability analysis tool that runs on Unix systems.
- It finds misconfigurations that escalate privileges by unprivileged users.
- Used for Security patching and IP stack configuration.
- It can even be run as a cron job to check the misconfigurations.
- Checks weak file permissions and configuration of local applications.
- Burpsuite is an integrated platform for performing security testing of web applications.
- Finds and exploits security vulnerabilities.
- Initial mapping and analysis of attack surface.
- Combines advanced manual techniques with state-of-the-art automation.
- Contains intercepting proxy that lets users see and modify requests and responses.
- Sqlmap detects and exploits SQL injection vulnerabilities in web applications.
- DBMS fingerprinting and retrieving DBMS session user and database.
- Enumerate users, password hashes, privileges, roles, tables and columns.
- Supports dumping database tables and searches for specific database names and columns.
- Supports executing arbitrary commands and retrieving their standard output.
- Wpscan scans a target WordPress and enumerates any plugins.
- Finds what plugins are installed and any associated vulnerabilities.
- Finds database dumps that may be publicly accessible.
- Finds publicly accessible and exposed files and error logs.
- John the Ripper is a password security auditing and password recovery tool.
- Supports hundreds of hash and cipher types.
- Reveals weak passwords and performs brute-force attacks.
- Uses sessions to remember previous results and detect hash types automatically.
- Particularly efficient when combined with open-source wordlists.
- ncrack is a network authentication cracking tool.
- Secure the networks by proactively testing all the hosts and networking devices.
- Granting the user full control of network operations.
- Supports many protocols such as SSH, RDP, FTP, Telnet, http(s), etc.
- Allows for rapid and reliable large-scale auditing of multiple hosts.
- Hashcat is a password cracker and recovery utility.
- Supports various hashing algorithms such as MD5, SHA1, NTLM etc.
- Hashcat offers various attack modes such as Dictionary, Mask, Table-Lookup attacks.
- Distributed cracking networks can be supported using overlays.
- Supports both hex-charset and hex-salt files.
- Aircrack-ng is a complete suite of tools to assess WiFi network security.
- Monitors packet capture and export of data to text files.
- Checks WiFi cards and driver capabilities.
- Replay attacks, fake access points, deauthentication via packet injection.
- WEP and WPA PSK cracking.
- Kismet is a wireless network and device detector, sniffer, and wardriving tool.
- It is also a WIDS(Wireless Intrusion Detection) framework.
- Works with WiFi interfaces, Bluetooth interfaces, and some SDR(Software Defined Radio) hardware.
- A bigger range of configurations and drivers is available.
- Clang tool is a front end compiler to compile C and C++ langs into machine code.
- Used for parsing source code.
- Optimizes the Abstract Syntax Tree(AST).
- Fast syntax checking, automatic formatting, refactoring, etc.
- NASM known as Netwide Assembler will output flat-form binary files.
- Outputs object files, COFF and ELF Unix object files, Win32 object files.
- Includes NDISASM, a prototype x86 binary-file disassembler.
- Assembles a flat binary without needing the complication of a linker.
- Metasploit Framework is an open-source penetrating framework to create security tools and exploits.
- Supports vulnerability research, exploit development and creation of custom security tools.
- Helps users to proactively mend weaknesses before exploitation by hackers.
- Set payload command allows easy, quick access to switch payloads.
- Metasploit able to exit the target system cleanly without being detected.
- Social Engineer Toolkit(SET) is a tool aimed at penetration testing around social engineering.
- SET has a no of custom attack vectors to make a believable attack.
- Supports integration with third-party modules.
- Allows multiple tweaks from the configuration menu.
- SET offers multiple attack options such as Website Attacks, QRCode Attacks, Mass Mailing, Spear-Phishing, etc.
- DNSChef is a DNS proxy for Penetration Testers and Malware Analysts.
- DNS proxy is used for application network traffic analysis among other users.
- DNSChef is capable of forging responses based on inclusive and exclusive domain lists.
- DNSChef will point queries to your proxy/server host with properly configured services.
- netsniff-ng is a high performance network sniffer for packet inspection.
- Used for protocol analysis, reverse engineering or network debugging.
- The gain of performance is reached by 'zero-copy' mechanisms so that no need to copy packets from kernel space to user space.
- netsniff-ng also supports early packet filtering in the kernel.
- netsniff-ng can capture different pcap formats and also supports analysis, replaying and dumping of raw 802.11 frames.
- mitmproxy is an interactive man-in-the-middle proxy for HTTP and HTTPS.
- Intercept and modify HTTP and HTTPS requests and responses.
- Provides a console interface that allows traffic flows to be inspected and edited.
- Supports Reverse and transparent proxy modes.
- SSL/TLS certificates for interception are generated on the fly.
- SSLsplit is a tool for MIM attacks against SSL/TLS encrypted network connections.
- Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit.
- Dynamically generates a certificate and signs it with private key of CA certificate.
- Useful for network forensics and penetration testing.
- Mimikatz is an open-source application that allows users to view and save authentication credentials.
- It uses admin rights on Windows to display passwords of currently logged in users.
- Attackers commonly use Mimikatz to steal credentials and escalate privileges.
- Provides functionality for a user to pass a Kerberos ticket to another computer.
- Passes a unique key obtained from a domain controller to impersonate a user.
- Powersploit is a series of Microsoft PowerShell scripts used in post-exploitation.
- It is a task automation and configuration management framework.
- Consists of a command-line shell and associated scripting language built on the .NET framework.
- Used to gain access to meterpreter on a system.
- Autopsy is a cyber forensic tool for the analysis of Windows and Unix file systems.
- Analyze various file systems such as NTFS, FAT, FFS, EXT2FS.
- Performs forensic investigations like file hashing, deleted file recovery, file analysis and case management.
- Uploaded images makes easier to make an in-depth analysis of the image.
- Hashdeep is a set of tools to compute MD5, SHA1, SHA256 and whirlpool hashsums of arbitrary no of files recursively.
- Compares hashsums with a list of known hashes.
- Shows estimated time when processing large files.
- Chunk hashing capability such as piecewise hashing.
- Pipal is an open source tool built in Ruby for password analysis.
- It gives you the stats and information to analyze the passwords.
- Analyzing password dumps that are in internet or during a pentest activity.
- Analyzes password lists and wordlists.
- MSF Payload Creator is a wrapper to generate multiple types of payloads.
- Generates various Meterpreter payloads using msfvenom which is a part of Metasploit framework.
- Supports various payloads such as APK, ASP, BASH, Perl, PHP, Windows, Python, etc.
- User can create mass payloads with the help of "batch" command.
- CrackMapExec is an open-source penetration testing tool that is used to identify and exploit vulnerabilities in Windows networks.
- Primarily designed for offensive security testing and can be used to perform various tasks such as reconnaissance, privilege escalation, lateral movement, and password cracking.
- Used on multiple platforms including Windows, Linux, and macOS.
- Supports multiple protocols like SMB, LDAP, RDP, and HTTP, as well as credential harvesting, brute-force attacks, and pass-the-hash attacks.
- CrackMapExec is often used in conjunction with other security testing tools such as Metasploit, Nmap, and Impacket.
- WhatWeb is a free, open-source reconnaissance tool that is used to identify web technologies used by a target website.
- Written in Ruby and can be run on multiple operating systems, including Windows, Linux, and macOS.
- WhatWeb utilizes various techniques, such as header analysis and HTML body analysis, to identify web technologies used by a target website.
- Identifies various types of web technologies, including content management systems (CMS), web servers, and programming languages.
- Supports various options and parameters, such as custom headers and cookies