- Joined
- May 15, 2017
- Messages
- 987
- Likes
- 759
- Points
- 1,045
1. Nmap (Network Mapper)
Network Mapper, or Nmap, is a free and open-source utility that eases numerous security auditing tasks, such as managing service upgrade schedules and monitoring service uptime and network inventory. This top Kali Linux tool's functionality is based on the raw IP packets used in different methods to provide results. The results obtained include the available hosts in the network, the services offered, their operating systems, and much more. Nmap is compatible with multiple major operating systems and has binary packages available.
Features:
Preinstalled in Kali Linux, the Metasploit Framework is a Ruby-based collection of tools. The modular penetration testing platform allows for dealing with exploit code by writing, testing, and execution. Users can find tools that support various functions such as network enumeration, evading detection, testing security vulnerabilities and executing attacks. It comprises two types of data stores: global and module. While the worldwide datastore is open for usage by all datastores, module one can be used only where the datastore is defined.
Features:
This network packet analyzer offers detailed information on captured packet data. Widely used across numerous industries and educational institutes, Wireshark offers happenings and occurrences in the network. The tool can read and write numerous types of captured file formats, including but not limited to Microsoft Network Monitor, Pcap NG, Siffer Pro and others. Wireshark supports identifying security issues and troubleshooting networking problems. Also, it is widely used among developers and QA engineers.
Features:
Another of the best Kali Linux tools, Aircrack-ng, is a suite of tools that allows protection by examining WiFi network security. It is suited for testing password strength, monitoring, attacking, cracking and testing the mentioned security type. Requiring heavy scripting, all the tools in the suite are command-line. It also supports operating systems such as Linux, NetBSD, OpenBSD, FreeBSD, macOS, Windows, Solaris and eComStation 2.
Features:
It is the web security tester toolkit. The kit allows the automation of repetitive testing tasks and gains in-depth information with manual and semi-automated security testing tools. Burp Suite offers to test OWASP's top 10 vulnerabilities while providing the latest hacking techniques. It comes with easy documentation, report production and sharing options. The suite is also available at the enterprise level, where the functionalities include securing the complete web portfolio and integrating dynamic scanning.
Features:
It is another open-source tool that enhances security. The password recovery tool allows auditing passwords across different operating systems. John the Ripper Jumbo also supports operating systems such as Windows, MacOS, Linux, and database servers. Further, it is suited for network traffic capture, encryption of private keys, disks and filesystems, archives and document files.
Features:
It is a web app scanner that is available in free and open-source form. OWASP ZAP has advanced features such as web sockets, port scanners, intercepting proxy, traditional and Ajax spiders, and active and passive scanners. The ZAP allows for assessing messages between the browser and web application, modifying the contents per the requirement and forwarding them to the destination. Developers, testers and security testing specialists use it.
Features:
It is the tool preferred by researchers and security consultants. It is the parallelized login cracker that works by combining a variety of brute-force attackers to identify the username/password pair. Hydra assists in attacking on multiple and different protocols. The tool is fast and flexible, with a user-friendly interface that allows the easy addition of new modules. Hydra is a commonly used tool for remote and unauthorized access into the system.
Features:
It is an Open-Source (GPL) web service scanner. Nikto's functionality includes performing detailed tests to assess numerous aspects. Its capability includes evaluating 1250 servers to identify their versions, more than 6700 potentially dangerous files/programs and over 270 servers for version-specific problems. It is built on Libwhisker2 and specifically runs in a Perl environment. It offers speed and supports host authentication, SSL, attack encoding, and other functions.
Features:
Browser Exploitation Framework (BeEF) is a penetration testing tool that functions on web browsers. It is an important tool for assessing the target environment. It uses client-side attack vectors for stated evaluation and multiple web browsers for launching directed command modules. This helps to identify numerous unique attack vectors, as each browser has a different security context. BeEF is an effective platform to assist ethical hackers, security professionals and penetration testers in performing security checkups.
Features:
The tool is a brute-force scanner used for security testing. It recognizes hidden directories, virtual hosts and subdomains. Specifically, it effectively deals with URIs (directories and files) in websites, Virtual Host names on target web servers, DNS subdomains (with wildcard support), Open Google Cloud buckets, Open Amazon S3 buckets and TFTP servers. It has Dir, DNS, Fuzz and Vhost modules.
Features:
It is a command line search tool designed for off-line searches via the checked-out copy of the exploit database. SearchSploit is commonly used for offline security assessments on air-gapped or security networks. The repository comprises shellcodes, papers and binary resources.
Features:
Highly advanced password recovery tool that attacks back-end password hashes. The updated version provides the combined capabilities of CPU—and GPU-based hashcat. The tool is capable of cracking multiple hashes and utilizing multiple devices simultaneously. Hashcat works on major operating systems such as Windows, Linux and macOS. It also comprises an integrated thermal watchdog and supports automatic performance tuning.
Features:
It automates exploiting and detecting SQL injection flaws while gaining control of database servers. The tool effectively extracts data from the database, accessing underlying files and command execution on the server. The database fingerprinting feature also makes it a valuable tool.
Features:
It informs about exploits, security vulnerabilities and corresponding proof-of-concept code. The database effectively provides details about the affected source or system, as well as relevant exploit code and technical descriptions. The database obtains the information through direct submissions, public sources and mailing lists. Exploit-DB exploits can be used to simulate real-time cyber attacks for weakness identification.
Features:
It allows social-engineering penetration testing and is widely used by security researchers and penetration testers. It attacks humans through SMS, fake phone numbers or the development of cloned phishing pages. In addition, it performs web and mass mailer attacks, generates infectious media and creates a payload and listener.
Features:
This in-built tool in Kali Linux includes real-time information gathering and data mining. It is an effective tool for proper representation through node-based graphs, making patterns and multiple-order connections. The tool works in major operating systems such as Windows, Linux and Mac. The applications expand to cybersecurity and digital forensics, and the tool integrates with geographic data.
Features:
Netcat is a freely distributed, feature-rich tool for network debugging and exploration. It uses the TCP/IP protocol and acts as a back-end tool that is easy to use by other programs and scripts. The tool can also use any local source port and root loose source. Further, it performs total DNS forward and reverse checking.
Features:
Network Mapper, or Nmap, is a free and open-source utility that eases numerous security auditing tasks, such as managing service upgrade schedules and monitoring service uptime and network inventory. This top Kali Linux tool's functionality is based on the raw IP packets used in different methods to provide results. The results obtained include the available hosts in the network, the services offered, their operating systems, and much more. Nmap is compatible with multiple major operating systems and has binary packages available.
Features:
- Supports advanced techniques for effective network mapping.
- Can scan voluminous quantities of networks.
- Freely available with full source code and open for modification and redistribution.
- Portable across different operating systems.
Preinstalled in Kali Linux, the Metasploit Framework is a Ruby-based collection of tools. The modular penetration testing platform allows for dealing with exploit code by writing, testing, and execution. Users can find tools that support various functions such as network enumeration, evading detection, testing security vulnerabilities and executing attacks. It comprises two types of data stores: global and module. While the worldwide datastore is open for usage by all datastores, module one can be used only where the datastore is defined.
Features:
- Exhibits user-friendliness with ease of configuration.
- The presence of command utilities like hardware, plugins and memdump.
- Comprises scripts and resources for running functionalities.
- Allows automation of manual tasks with extensions.
- Offers editable files that encourage the storage of wordlists, templates, binaries, logos and images.
This network packet analyzer offers detailed information on captured packet data. Widely used across numerous industries and educational institutes, Wireshark offers happenings and occurrences in the network. The tool can read and write numerous types of captured file formats, including but not limited to Microsoft Network Monitor, Pcap NG, Siffer Pro and others. Wireshark supports identifying security issues and troubleshooting networking problems. Also, it is widely used among developers and QA engineers.
Features:
- Offers statistical insights.
- Captures live packet data from the network interface.
- Import the packets from text files and color them according to the filters.
- Search for packets on different criteria.
- Flexible to function on UNIX and Windows.
Another of the best Kali Linux tools, Aircrack-ng, is a suite of tools that allows protection by examining WiFi network security. It is suited for testing password strength, monitoring, attacking, cracking and testing the mentioned security type. Requiring heavy scripting, all the tools in the suite are command-line. It also supports operating systems such as Linux, NetBSD, OpenBSD, FreeBSD, macOS, Windows, Solaris and eComStation 2.
Features:
- Offers better documentation through the wiki and manpages.
- Offers support from IRC, GitHub and Forum.
- WEP dictionary attack.
- WAP migration mode.
- Capture with multiple cards.
- Improved racking speed.
It is the web security tester toolkit. The kit allows the automation of repetitive testing tasks and gains in-depth information with manual and semi-automated security testing tools. Burp Suite offers to test OWASP's top 10 vulnerabilities while providing the latest hacking techniques. It comes with easy documentation, report production and sharing options. The suite is also available at the enterprise level, where the functionalities include securing the complete web portfolio and integrating dynamic scanning.
Features:
- Minimizes false positives.
- Scans the modern web, such as Single-page applications and APIs.
- Prerecords complex authentication sequences.
- Modify every HTTP passing message through the browser.
- Allows working HTTP/2-based testing.
It is another open-source tool that enhances security. The password recovery tool allows auditing passwords across different operating systems. John the Ripper Jumbo also supports operating systems such as Windows, MacOS, Linux, and database servers. Further, it is suited for network traffic capture, encryption of private keys, disks and filesystems, archives and document files.
Features:
- User-friendly installation and usage.
- BSDI extended DES-based.
- Windows LM (DES-based) hashes.
- Commercially available in ‘native’ form for target operating systems.
It is a web app scanner that is available in free and open-source form. OWASP ZAP has advanced features such as web sockets, port scanners, intercepting proxy, traditional and Ajax spiders, and active and passive scanners. The ZAP allows for assessing messages between the browser and web application, modifying the contents per the requirement and forwarding them to the destination. Developers, testers and security testing specialists use it.
Features:
- Comprises anti-CSRF tokens for protection against Cross-Site Request Forgery (CSRF) attacks.
- It has a scan policy and uses authentication methods across different places, such as during automatic re-authentication.
- Tracks the HTTP sessions on specific sites while forcing all the requests on the particular session.
- Offers insights through statistics available via API.
It is the tool preferred by researchers and security consultants. It is the parallelized login cracker that works by combining a variety of brute-force attackers to identify the username/password pair. Hydra assists in attacking on multiple and different protocols. The tool is fast and flexible, with a user-friendly interface that allows the easy addition of new modules. Hydra is a commonly used tool for remote and unauthorized access into the system.
Features:
- Offers support for custom scripts.
- Supports various protocols such as IMAP, POP3, FTP and SSH.
- Possesses modular architecture.
- Provides support for website forms.
It is an Open-Source (GPL) web service scanner. Nikto's functionality includes performing detailed tests to assess numerous aspects. Its capability includes evaluating 1250 servers to identify their versions, more than 6700 potentially dangerous files/programs and over 270 servers for version-specific problems. It is built on Libwhisker2 and specifically runs in a Perl environment. It offers speed and supports host authentication, SSL, attack encoding, and other functions.
Features:
- Performs scanning operations for configuration-related issues.
- Offers multiple port scanning on a specific server while running multiple web servers.
- States maximum scan time.
- Performs scanning via proxy and with HTTP authentication.
Browser Exploitation Framework (BeEF) is a penetration testing tool that functions on web browsers. It is an important tool for assessing the target environment. It uses client-side attack vectors for stated evaluation and multiple web browsers for launching directed command modules. This helps to identify numerous unique attack vectors, as each browser has a different security context. BeEF is an effective platform to assist ethical hackers, security professionals and penetration testers in performing security checkups.
Features:
- Provides real-time interaction with hooked browsers.
- Exploits Cross-Site Scripting (XSS).
- Mimics real-world attack scenarios.
- Allows unhindered access to hooked browsers in case of a change in IP address.
- User-friendly interface that eases the management of hooked browsers.
The tool is a brute-force scanner used for security testing. It recognizes hidden directories, virtual hosts and subdomains. Specifically, it effectively deals with URIs (directories and files) in websites, Virtual Host names on target web servers, DNS subdomains (with wildcard support), Open Google Cloud buckets, Open Amazon S3 buckets and TFTP servers. It has Dir, DNS, Fuzz and Vhost modules.
Features:
- The tool is fast and accurate.
- Supports the HTTP and HTTPS protocols.
- Operates in recursive mode.
- Identifies specific file extensions assisting in enumeration.
- Based on wordlists with an option for customization.
It is a command line search tool designed for off-line searches via the checked-out copy of the exploit database. SearchSploit is commonly used for offline security assessments on air-gapped or security networks. The repository comprises shellcodes, papers and binary resources.
Features:
- It offers the piping output feature, an alternative method of removing unwanted results.
- Allows both basic and title searches.
- It is user-friendly and offers colored output.
- It provides the option to copy to a clipboard or folder.
Highly advanced password recovery tool that attacks back-end password hashes. The updated version provides the combined capabilities of CPU—and GPU-based hashcat. The tool is capable of cracking multiple hashes and utilizing multiple devices simultaneously. Hashcat works on major operating systems such as Windows, Linux and macOS. It also comprises an integrated thermal watchdog and supports automatic performance tuning.
Features:
- Fastest password cracker globally.
- First and sole in-kernel rule engine at the international level.
- Supports sessions and restores.
- Allows reading password candidates from stdin and file.
- Built-in benchmarking system.
It automates exploiting and detecting SQL injection flaws while gaining control of database servers. The tool effectively extracts data from the database, accessing underlying files and command execution on the server. The database fingerprinting feature also makes it a valuable tool.
Features:
- It supports multiple DBMS systems such as Microsoft SQL, MySQL, Microsoft Access, and IBM DB2.
- Enumerates the password hashes, roles, users, privileges, tables, columns, and databases.
- It allows the dump of database tables and supports the execution of arbitrary commands and the retrieval of standard output.
- Offers support searching for specific database names, tables, and columns across the database tables.
- Encourages establishing out-of-band stateful TCP connection between attacker machine and database server.
It informs about exploits, security vulnerabilities and corresponding proof-of-concept code. The database effectively provides details about the affected source or system, as well as relevant exploit code and technical descriptions. The database obtains the information through direct submissions, public sources and mailing lists. Exploit-DB exploits can be used to simulate real-time cyber attacks for weakness identification.
Features:
- Freely available and easy to navigate.
- Offers search functionality based on keyword, date, platform, author and other criteria.
- Encourages community contributions.
It allows social-engineering penetration testing and is widely used by security researchers and penetration testers. It attacks humans through SMS, fake phone numbers or the development of cloned phishing pages. In addition, it performs web and mass mailer attacks, generates infectious media and creates a payload and listener.
Features:
- It is one of the hardest and most prevalent attacks, defying any protection.
- Integrates with third-party modules.
- Offers access to Fast-Track Penetration Testing platform.
- Provides the option to make changes from the configuration menu.
- Runs on major platforms such as Windows, Linux and Unix.
This in-built tool in Kali Linux includes real-time information gathering and data mining. It is an effective tool for proper representation through node-based graphs, making patterns and multiple-order connections. The tool works in major operating systems such as Windows, Linux and Mac. The applications expand to cybersecurity and digital forensics, and the tool integrates with geographic data.
Features:
- Offers quick and accurate results.
- Exhibits connected links between the searched items.
- Helps find hidden information.
- Allows usage in different types of entities.
- It exhibits a flexible framework that can be easily adapted to your requirements.
Netcat is a freely distributed, feature-rich tool for network debugging and exploration. It uses the TCP/IP protocol and acts as a back-end tool that is easy to use by other programs and scripts. The tool can also use any local source port and root loose source. Further, it performs total DNS forward and reverse checking.
Features:
- Comprises outbound and inbound connections.
- It has a tunneling mode as well.
- Presence of randomizer and port-scanning capabilities.
- Optional RFC854 telnet codes parser and responder.