Linux Hacking Tools
Posted by Unknown on 14:48 with No comments
LINUX HACKING TOOLS
# 1
Nmap is an abbreviation of 'Network Mapper', as is a very well known free open source hackers tool. Nmap is used for network discovery and security auditing. Many system admins use nmap for network inventory, open ports, managing service upgrade schedules, and monitoring host or service uptime. The tool uses raw IP packets in creative ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions and possible patches) and what type and version of packet filters/ firewalls are being used by the target.
Nmap is a very popular hacking tool that was originally created to act as a method of being able to scan large networks, but it works absolutely fine o single hosts (targets). Nmap works on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. Nmap was traditionally a command-line tool, but there is a GUI available called 'Zenmap'.
# 2
The Metasploit Project is a widely used and extremely popular cybersecurity project that allows a penetration tester (or hacker) the ability to seek security vulnerabilities within networks and machines and is able to help audit systems. In addition, Metasploit also accommodates efficient management and testing of Intrusion Detection Systems. The most popular 'divison' of this 'multi purpose hacking tool' is the open source Metasploit Framework Project, commonly referred to as simply 'Metasploit'. This tool helps the user develop and execute (known or otherwise) exploit code against a remote target machine. Many Metasploit users use the tool for anti-forensic and evasion purposes, many of which are built into the Metasploit Framework.
# 3
Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features.
It is widely used by network administrators and just curious users around the world, including large and small enterprises, banks, and government agencies.
It runs on Linux, Windows, and Mac OS X, possibly supporting other platforms as well.
# 4
Link & Download: THC Hydra This tool is free to use!
THC Hydra is another classic password cracking tool. Strictly speaking Hydra is a network logon password cracking tool, which is actually very fast. A great feature about Hydra is that you can add modules to increase the functinonality of this hacking tool.
Hydra supports various network protocols including, but not limited to AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, and Rexec.
# 5
Burp Suite is an integrated platform that was built to attack (pentest) web applications. The platform contains dozens of hacking tools with numerous GUI interfaces that facilitate and speed up the process of attacking an application. As ever, the tool is designed to think like a black hat hacker would.
All of the tools within Burp Suite share the same framework for handling and displaying HTTP messages, persistence, authentication, proxies, logging, alerting and extensibility. The free version is limited but will give you an excellent indication and feel of how to attack (pentest) a web application.
Snort's open source network-based intrusion detection system
(NIDS) has the ability to perform real-time traffic analysis and packet
logging on Internet Protocol (IP) networks. Snort performs protocol
analysis, content searching, and content matching. These basic services
have many purposes including application-aware triggered quality of
service, to de-prioritize bulk traffic when latency-sensitive
applications are in use.
The program can also be used to detect probes or attacks,
including, but not limited to, operating system fingerprinting attempts,
common gateway interface, buffer overflows, server message block
probes, and stealth port scans.
Snort can be configured in three main modes: sniffer, packet
logger, and network intrusion detection. In sniffer mode, the program
will read network packets and display them on the console. In packet
logger mode, the program will log packets to the disk. In intrusion
detection mode, the program will monitor network traffic and analyze it
against a rule set defined by the user. The program will then perform a
specific action based on what has been identified.
# 7
Ettercap is an 'old classic' and highly features on online hacking tutorials. Essentially Ettercap is a comprehensive hacking tool designed for MITM attacks - more commonly known as: 'Man In The Middle'.
This hacker tool can detect and sniff traffic of live connections and filter data packets on the fly .
Ettercap can also support active and passive dissection of many protocols and includes many features for network and host analysis.
# 8
Wapiti
Compatible with
Wapiti is a allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.
Wapiti can detect the following vulnerabilities:
- File disclosure (Local and remote include/require, fopen, readfile...)
- Database Injection (PHP/JSP/ASP SQL Injections and XPath Injections)
- XSS (Cross Site Scripting) injection (reflected and permanent)
- Command Execution detection (eval(), system(), passtru()...)
- CRLF Injection (HTTP Response Splitting, session fixation...)
- XXE (XmleXternal Entity) injection
- Use of know potentially dangerous files (thanks to the Nikto database)
- Weak .htaccess configurations that can be bypassed
- Presence of backup files giving sensitive information (source code disclosure)
- Wapiti supports both GET and POST HTTP methods for attacks.
- It also supports multipart and can inject payloads in filenames (upload).
- Display a warning when an anomaly is found (for example 500 errors and timeouts)
- Makes the difference beetween permanent and reflected XSS vulnerabilities.
- Generates vulnerability reports in various formats (HTML, XML, JSON, TXT...)
- Can suspend and resume a scan or an attack
- Can give you colors in the terminal to highlight vulnerabilities
- Different levels of verbosity
- Fast and easy way to activate/deactivate attack modules
- Adding a payload can be as easy as adding a line to a text file
Let us know what you think about this hacking tool or any other one!
Categories: Hacking
0 comments:
Post a Comment