Kali Linux comes with tons of pre-installed penetration testing tools, around about 600 tools included. As a beginner penetration tester, it sounds horrible. How could one learn or use all of those tools as a beginner? The truth is, you don’t need to master all of those, indeed, there are a lot of tools built into Kali Linux which have the same concept and purpose. But, among them, there are always the best. In this article I will cover the Top 25 Best Kali Linux tools for the beginner Penetration Tester. But if you’ve just installed Kali Linux, before you read further to this, it is a good jump start into Kali. Auto Mass Traffic Generation Software Review Auto Mass Traffic software is a tool that claims to help you generate massive online traffic for your internet marketing business. It comes with extensive training material in the form of instructional videos, diagrams, and written documentation. ANONYMITY During penetration testing, it is crucial to prepare to stay anonymous. Don’t fool yourself by revealing your own identity while hacking, cover it! MacChanger There are several reasons changing the MAC address is important, I use MacChanger while pentesting a wireless network with MAC filtering enabled and have to assign an approved MAC address to the wireless adapter. Or just literally to change to a random MAC while pentesting. PASSWORD ATTACKS 10. Hash-Identifier and findmyhash Hash-identifier is a tool to identify the different types of hashes used to encrypt data and especially passwords. Findmyhash is a tool to crack encrypted passwords or data using online services. For example we got encrypted data: 098f6bcd4621d373cade4e832627b4f6. First thing you are going to need to do is identify the hash type. To do that, launch “hash-identifier” in terminal, and input the hash value on it. Hash-identifier detected this decrypted data is using hash algorithm MD5. After its hash type is known, then we use another tool, findmyhash to crack the data. Now, type in the terminal: ~$ findmyhash MD5 -h 098f6bcd4621d373cade4e832627b4f6 The result would be like this: 9. Crunch Crunch is a utility to create custom wordlists, where you can specify a standard character set or a character set you specify. Pioneer ld s2 user manual. Crunch can generate all possible combinations and permutations. The basic syntax for crunch looks like this: ~$ crunch max -t -o Now, let’s go over what’s included in the syntax above. • • min = The minimum password length. • max = The maximum password length. • characterset = The character set to be used in generating the passwords. • -t = The specified pattern of the generated passwords. For instance, if you knew that the target’s birthday was 0231 (February 31st) and you suspected they used their birthday in their password, you could generate a password list that ended with 0231 by giving crunch the pattern @@@@@@@0321. This word generate passwords up to 11 characters (7 variable and 4 fixed) long that all ended with 0321. • -o = save the wordlist into a file name given. John The Ripper (OFFLINE PASSWORD CRACKING SERVICE) John The Ripper is one of the most popular password testing and cracking programs as it combines a number of password crackers into one package, auto-detects password hash types, and includes a customization cracker. In Linux, “passwd” file located at /etc/passwd contains all user information. Hash SHA encrypted password of each of the users found is stored in /etc/shadow file. THC Hydra (ONLINE PASSWORD CRACKING SERVICE) Hydra is the fastest network login cracker which supports numerous attack protocols. THC Hydra supports these protocols: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST, HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle Listener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. For more depth and detail tutorial about hydra visit my previous article titled Crack Web Based Login Page With Hydra in Kali Linux () WIRELESS ATTACK 6. Aircrack-NG Suite Aircrack-ng is a network software suite consisting of a scanner, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. Aircrack-NG suite, includes: • aircrack-ng Cracks WEP keys using the Fluhrer, Mantin and Shamir attack (FMS) attack, PTW attack, and dictionary attacks, and WPA/WPA2-PSK using dictionary attacks. • airdecap-ng Decrypts WEP or WPA encrypted capture files with known key. • airmon-ng Placing different cards in monitor mode. • aireplay-ng Packet injector (Linux, and Windows with CommView drivers). • airodump-ng Packet sniffer: Places air traffic into pcap or IVS files and shows information about networks. • airtun-ng Virtual tunnel interface creator. • packetforge-ng Create encrypted packets for injection. • ivstools Tools to merge and convert. • airbase-ng Incorporates techniques for attacking client, as opposed to Access Points. • airdecloak-ng Removes WEP cloaking from pcap files. 'N' versions of Windows: Windows Mixed Reality immersive (VR) headsets are not supported on 'N' versions of Windows. Рўрёс‚рё рљр°сђ р”сђр°р№рірёрѕрі рўрѕсђсђрµрѕс‚. Best Free Traffic Generator Software• airolib-ng Stores and manages ESSID and password lists and compute Pairwise Master Keys. • airserv-ng Allows to access the wireless card from other computers. • buddy-ng The helper server for easside-ng, run on a remote computer. • easside-ng A tool for communicating to an access point, without the WEP key. • tkiptun-ng WPA/TKIP attack. • wesside-ng Automatic tool for recovering wep key. Fluxion Fluxion is my favorite Evil Twin Attack tool. Fluxion doesn’t perform bruteforce attack to break the key. Fluxion creates a open twin AP of the target (Wi-Fi) network. When someone tries to connect to that network a fake authentication page pops up asking for key. ![]() When victim enters the key, fluxion captures that key and checks whether the key is a valid password by matching the key and the handshake. To install Fluxion, run the following commands: ~$ git clone --recursive ~$ cd fluxion Open the fluxion wizard by typing: ~$./fluxion.sh When first run, fluxion does dependency checking, and installs them automatically. After that go a long with the fluxion wizard instructions. EXPLOITATION TOOLS 4. Social Engineering Toolkit (SET) The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social-Engineering. SET has a number of custom attack vectors such as phishing, spear-phishing, malicious USB, mass mail, etc. This toolkit is a free product by Trustedsec.com. To start using SET, type in terminal “seetolkit”. METASPLOIT FRAMEWORK Metasploit Framework initially was intended to be a maintainable framework which automates the process of exploiting rather than manually verifying it. Metasploit is a popular framework through history, it has rich modules aimed at a variety of targets such as Unix, BSD, Apple, Windows, Android, WebServers, etc. Below, is an example usage of metasploit, exploiting Windows OS using popular NSA Exploit EternalBlue and DoublePulsar. SNIFFING AND SPOOFING 2. WireShark Wireshark is a very popular network analyzer tool that’s most widely used in network security auditing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |