Sergio Ginocchio
  • Home
  • About
  • Cyber Security Operations and Leadership Program
    • Cyber Security Fundamentals >
      • Vulnerability Assessment
    • Cryptography >
      • Cryptographic Techniques for Network Security
    • Security Architecture
    • Operational Policy >
      • Summary of Major US and Industry Rules
      • Data Classification and Security Policy Models
      • Privacy Policy
    • Risk Management
    • Management and Cyber Security
    • Secure Software Design and Development
    • Network Visualization and Vulnerability Detection >
      • SIEM Tools Trade Study
      • Vulnerability Scanning Tools
      • Viewing Network Communications with Wireshark
    • Cyber Threat Intelligence
    • Cyber Incident Response and Computer Forensics
  • Reference Link Library
    • Major Industry Websites
    • Government Resources
    • Cybersecurity News
    • Cyber Security Tools >
      • Tools
    • Certification and Training
    • Books
    • Coursework Final Papers
  • Media Presentation
  • Home
  • About
  • Cyber Security Operations and Leadership Program
    • Cyber Security Fundamentals >
      • Vulnerability Assessment
    • Cryptography >
      • Cryptographic Techniques for Network Security
    • Security Architecture
    • Operational Policy >
      • Summary of Major US and Industry Rules
      • Data Classification and Security Policy Models
      • Privacy Policy
    • Risk Management
    • Management and Cyber Security
    • Secure Software Design and Development
    • Network Visualization and Vulnerability Detection >
      • SIEM Tools Trade Study
      • Vulnerability Scanning Tools
      • Viewing Network Communications with Wireshark
    • Cyber Threat Intelligence
    • Cyber Incident Response and Computer Forensics
  • Reference Link Library
    • Major Industry Websites
    • Government Resources
    • Cybersecurity News
    • Cyber Security Tools >
      • Tools
    • Certification and Training
    • Books
    • Coursework Final Papers
  • Media Presentation

Cybersecurity Tools

Using these tools for penetration testing and for offensive security comes with responsibilities. As a cyber security professional one has the responsibility of using these tools ethically. When using these tools for penetration testing or security assessments always obtain written consent of the system owners for the systems being tested or assessed. 

Tool Name Tool Category Summary of Tool Functionality Use Cases / examples
Nmap Information Gathering, Vulnerability Analysis “Network Mapper” though not necessarily a pen-testing tool, it is a must-have for the ethical hackers. This is a very popular tool that predominantly aids in understanding the characteristics of any target network. The characteristics can include: host, services, OS, packet filters/firewalls etc. It works on most of the environments and is open sourced. Start nmap tool from Applications->Information Gathering->Nmap. To scan a single ip: nmap 192.168.1.18 it will show ports that are open and mac address info. (or a range of ips like 192.168.1.0/24) To scan a site: nmap facebook.com it will show DNS info, ports open,
nikto Vulnerability Analysis Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. Can scan webservers for vulnerabilities e.g. to scan cybersecurityinc.net : Start nikto applicationnikto -host 199.34.228.71
metasploit Exploitation Tools Metasploit is a framework of exploits, shellcodes, fuzzing tools, payloads,encoders etc. More over we can regard it as a collection of exploitation tools bundled into a single framework. It is avaliable in all major Linux, Windows, OS X platforms. It’s main objective is to test your/company’s/organization’s defences by attacking them. Something like “Offense for Defense”. This is actually where a penetration tester/Security Analyst begins attacking the victim after a huge recon. Metasploit has a wide range of tools & utilities to perform attacks agianst all operating systems including Android & iOS. with this command db_nmap -v -sV you can collect info about the hosts on network. Collect info into postgress db and later import into armitage db_export -fmydb.xml
armitage Exploitation Tools Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you. Used with metasploit. This has a graphical interface. Can do the following: Scan host. After Scan is complete you can use the Attack -> Find Attack to get suggestions on what to exploit.
Wireshark Sniffing & Spoofing It can be used on web applications, networks, servers etc. It has a command-line and a GUI clickable interface, works on Linux, Apple Mac OS X and Microsoft Windows. This is a commercial product, although there might be free limited trials available. Start wireshark from Applications->Sniffing & Spoofing->Wireshark or by typing wireshark on a terminal. Select Capture or double-click on network interface (eth0) to capture network traffic from your device
Sqlmap Database Assesment Sqlmap is a good open source pen testing tool. This tool is mainly used for detecting and exploiting SQL injection issues in an application and hacking over of database servers. It comes with command-line interface. Platform: Linux, Apple Mac OS X and Microsoft Windows are supported platforms.
SET Social Engineering Tools SET (Social-Engineer Toolkit)SET is a unique tool in terms that the attacks are targeted at the human element than on the system element. It has features that let you send emails, java applets, etc containing the attack code. It goes without saying that this tool is to be used very carefully and only for ‘white-hat’ reasons. It has a command-line interface, works on Linux, Apple Mac OS X and Microsoft Windows.
Hydra Password Attacks Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.
maltego Information Gathering, Password Attacks, Exploitation Tools, Web Applications Maltego is an amazing relationship analysis tool that can track who or what is connected to what or who. The software can explore links between people, social networks, organizations, web sites, Internet infrastructure, phrases and has tags on Twitter, affiliations and files and produces graphical network diagrams.
OWASP ZAP Web Applications, Sniffing & Spoofing The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.
John the Ripper Password Attacks John the Ripper is a Password Cracker tool. This tool works on most of the environments, although it’s primarily for UNIX systems. It is considered one of the fastest tools in this genre. Password hash code and strength-checking code are also made available to be integrated to your own software/code which I think is very unique. This tool comes in a pro and free form.
Aircrack-ng Wireless Attacks Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools. In fact, Aircrack-ng is a set of tools for auditing wireless networks. May need an addition USB network card to use this tool in a virtualBox.


Kali Tools by Type [1]
Information Gathering Vulnerability Analysis Wireless Attacks Web Applications Sniffing & Spoofing Password Attacks Hardware Hacking
acccheck BBQSQL Aircrack-ng apache-users Burp Suite acccheck android-sdk
ace-voip BED Asleap Arachni DNSChef Burp Suite apktool
Amap cisco-auditing-tool Bluelog BBQSQL fiked CeWL Arduino
Automater cisco-global-exploiter BlueMaho BlindElephant hamster-sidejack chntpw dex2jar
bing-ip2hosts cisco-ocs Bluepot Burp Suite HexInject cisco-auditing-tool Sakis3G
braa cisco-torch BlueRanger CutyCapt iaxflood CmosPwd smali
CaseFile copy-router-config Bluesnarfer DAVTest inviteflood creddump
CDPSnarf DBPwAudit Bully deblaze iSMTP crunch Reverse Engineering
cisco-torch Doona coWPAtty DIRB isr-evilgrade DBPwAudit apktool
Cookie Cadger DotDotPwn crackle DirBuster mitmproxy findmyhash dex2jar
copy-router-config Greenbone Security Assistant eapmd5pass fimap ohrwurm gpp-decrypt diStorm3
DMitry GSD Fern Wifi Cracker FunkLoad protos-sip hash-identifier edb-debugger
dnmap HexorBase Ghost Phisher Grabber rebind HexorBase jad
dnsenum Inguma GISKismet jboss-autopwn responder THC-Hydra javasnoop
dnsmap jSQL Gqrx joomscan rtpbreak John the Ripper JD-GUI
DNSRecon Lynis gr-scan jSQL rtpinsertsound Johnny OllyDbg
dnstracer Nmap hostapd-wpe Maltego Teeth rtpmixsound keimpx smali
dnswalk ohrwurm kalibrate-rtl PadBuster sctpscan Maltego Teeth Valgrind
DotDotPwn openvas-administrator KillerBee Paros SIPArmyKnife Maskprocessor YARA
enum4linux openvas-cli Kismet Parsero SIPp multiforcer
enumIAX openvas-manager mdk3 plecost SIPVicious Ncrack Reporting Tools
Fierce openvas-scanner mfcuk Powerfuzzer SniffJoke oclgausscrack CaseFile
Firewalk Oscanner mfoc ProxyStrike SSLsplit PACK CutyCapt
fragroute Powerfuzzer mfterm Recon-ng sslstrip patator dos2unix
fragrouter sfuzz Multimon-NG Skipfish THC-IPV6 phrasendrescher Dradis
Ghost Phisher SidGuesser PixieWPS sqlmap VoIPHopper polenum KeepNote
GoLismero SIPArmyKnife Reaver Sqlninja WebScarab RainbowCrack MagicTree
goofile sqlmap redfang sqlsus Wifi Honey rcracki-mt Metagoofil
hping3 Sqlninja RTLSDR Scanner ua-tester Wireshark RSMangler Nipper-ng
InTrace sqlsus Spooftooph Uniscan xspy SQLdict pipal
iSMTP THC-IPV6 Wifi Honey Vega Yersinia Statsprocessor
lbd tnscmd10g Wifitap w3af zaproxy THC-pptp-bruter
Maltego Teeth unix-privesc-check Wifite WebScarab TrueCrack
masscan Yersinia Webshag WebScarab
Metagoofil Forensics Tools WebSlayer wordlists
Miranda Exploitation Tools Binwalk WebSploit zaproxy
Nmap Armitage bulk-extractor Wfuzz
ntop Backdoor Factory Capstone WPScan Maintaining Access
p0f BeEF chntpw XSSer CryptCat
Parsero cisco-auditing-tool Cuckoo zaproxy Cymothoa
Recon-ng cisco-global-exploiter dc3dd dbd
SET cisco-ocs ddrescue Stress Testing dns2tcp
smtp-user-enum cisco-torch DFF DHCPig http-tunnel
snmp-check Commix diStorm3 FunkLoad HTTPTunnel
sslcaudit crackle Dumpzilla iaxflood Intersect
SSLsplit exploitdb extundelete Inundator Nishang
sslstrip jboss-autopwn Foremost inviteflood polenum
SSLyze Linux Exploit Suggester Galleta ipv6-toolkit PowerSploit
THC-IPV6 Maltego Teeth Guymager mdk3 pwnat
theHarvester SET iPhone Backup Analyzer Reaver RidEnum
TLSSLed ShellNoob p0f rtpflood sbd
twofi sqlmap pdf-parser SlowHTTPTest U3-Pwn
URLCrazy THC-IPV6 pdfid t50 Webshells
Wireshark Yersinia pdgmail Termineter Weevely
WOL-E peepdf THC-IPV6 Winexe
Xplico RegRipper THC-SSL-DOS
Volatility
Xplico
[1] kali.org. (2018). Official Kali Linux Documentation. Retrieved from https://www.kali.org/kali-linux-documentation/