Cybersecurity Tools
by category:
@ Information gathering: @
Nmap
Shodan
Maltego
TheHarvester
Recon-NG
Amass
Censys
Gobuster
OSINT Framework
>> Nmap:
” Nmap is a versatile network scanning tool used for reconnaissance, identifying hosts, services, and vulnerabilities.” “Its robust features enable network administrators and security professionals to analyze network security postures effectively.”
>> Shodan :
Shodan (Sentient Hyper-Optimised Data Access Network) is a search engine designed to map and gather information about internet-connected devices and systems. Shodan is sometimes referred to as a search engine for the internet of things (IoT).
>> Maltego:
Maltego is the all-in-one tool for link analysis. Maltego offers real-time data mining and information gathering, as well as the representation of this information on a node-based graph, making patterns and multiple order connections between said information easily identifiable.
>> theHarvester:
theHarvester is a command-line tool included in Kali Linux that acts as a wrapper for a variety of search engines and is used to find email accounts, subdomain names, virtual hosts, open ports / banners, and employee names related to a domain from different public sources (such as search engines and PGP key servers).
>> Recon-ng:
Recon-ng is a web-based, open-source reconnaissance tool (OSINT). It’s written in Python and is often used with the Kali Linux penetration distribution.
>> Amass:
Amass is an open-source tool for network mapping and information gathering. It’s used by information security professionals to perform network mapping of attack surfaces and external asset discovery. Amass uses active reconnaissance techniques and open source information gathering.
>> Censys:
Censys is a platform that helps information security practitioners discover, monitor, and analyze devices that are accessible from the Internet.
>> Gobuster:
Gobuster is a brute-force scanner tool that enumerates directories and files on websites. It can also help find DNS subdomains and virtual host names. Gobuster is written in the Go programming language.
>> OSINT Framework:
The OSINT framework is a methodology that integrates data, processes, methods, tools and techniques to help the security team identify information about an adversary or their actions quickly and accurately. An OSINT framework can be used to: Establish the digital footprint of a known threat.
@ Exploitation: @
Burpsuite
Metasploit Framework
SQL map
ZAP
ExpliotDB
Cobaltstrike
>> Burp suite:
Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
>> Metasploit Framework:
Metasploit is the world’s leading open-source penetrating framework used by security engineers as a penetration testing system and a development platform that allows to create security tools and exploits. The framework makes hacking simple for both attackers and defenders.
>> SQLmap
SQLmap is an open-source tool that automatically finds and exploits SQL injection vulnerabilities. We can use it to test web applications for SQL injection vulnerabilities and gain access to a vulnerable database. SQLmap is a favorite tool among pen-testers for its ease of use and flexibility.
OWASP Zed Attack Proxy, is an open-source web application security scanner used for finding vulnerabilities during software development and testing. It helps identify security flaws like cross-site scripting (XSS), SQL injection, and other common web application vulnerabilities.
>> ExploitDB:
Exploit Database (ExploitDB) is an archive of exploits for the purpose of public security, and it explains what can be found on the database. The ExploitDB is a very useful resource for identifying possible weaknesses in your network and for staying up to date on current attacks occurring in other networks.
>> Cobalt Strike:
Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named ‘Beacon’ on the victim machine.
@ Password cracking: @
john The ripper
Hydra
Hashcat
OPHCrack
Medusa
>> john The ripper:
John the Ripper (JTR) is a free, open-source software tool used by hackers, both ethical and otherwise, for password cracking. The software is typically used in a UNIV/Linux and Mac OS X environment where it can detect weak passwords. John the Ripper jumbo supports many cipher and hash types.
>> Hydra:
Hydra is commonly used by penetration testers together with a set of programmes like crunch, cupp etc, which are used to generate wordlists. Hydra is then used to test the attacks using the wordlists that these programmes created. Hydra is set to be updated over time as more services become supported.
>> Hashcat:
Hashcat is a password recovery tool. It had a proprietary code base until 2015, but was then released as open source software. Versions are available for Linux, macOS, and Windows.
>> Ophcrack:
Ophcrack is a free open-source program that cracks Windows log-in passwords by using LM hashes through rainbow tables. The program includes the ability to import the hashes from a variety of formats, including dumping directly from the SAM files of Windows
>> Medusa:
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application: * Thread-based parallel testing.
@Vulnerability Scanning @
OpenVAS
Nikto
Nessus
Nexpose
>> OpenVAS:
OpenVAS is the scanner component of Greenbone Vulnerability Management, a software framework of several services and tools offering vulnerability scanning and vulnerability management.
>> Nessus:
Nexus Vulnerability Scanner is a tool that scans your application for vulnerabilities and gives you a report on its analysis.
https://www.tenable.com/downloads/nessus?loginAttempted=true
>> Nexpose:
Another comprehensive vulnerability scanner by Rapid7, offering in-depth scanning and analytics for vulnerabilities.
>> Nikto:
A web server scanner that identifies potential security issues like outdated server software, configuration errors, and known vulnerabilities.
@ Social Engineering @
Gophish
HiddenEye
SocialFish
EvilURL
>> GoPhish:
Gophish is an open-source phishing framework that makes it easy to test your organisation’s resilience to real-world phishing attacks. You can create phishing templates using a full HTML editor, launch scheduled email campaigns to groups of users, and track the responses in near real-time.
>> HiddenEye
Hidden Eye is a Modern Phishing Tool with Advanced Functionality And Multiple Tunneling Services {Android-Support-Available}. Supports over 34 pages to clone and phish. Also, supports key loggers.
>> SocialFish
SocialFish is an open-source tool designed for phishing and social engineering attack simulations. It’s primarily used for educational purposes and security awareness testing. The tool is capable of creating convincing phishing pages for popular social media platforms, allowing security professionals to test and assess the vulnerability of users to social engineering attacks. It’s important to note that the use of SocialFish should always comply with ethical standards and legal regulations.
>> EvilURL
EvilURL is a tool used to generate malicious-looking URLs, employing homograph attacks or visual similarities to deceive users into clicking on seemingly benign but potentially harmful links, often used in ethical hacking for awareness and education about phishing threats.
@ Forensics: @
Autopsy
Wireshark
SleuthKit
volatility
>> Autopsy:
Autopsy is a digital forensics platform used to analyze disk images, files, and investigate digital incidents, offering a range of tools for evidence collection, analysis, and reporting in forensic investigations.
>> wireshark:
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues.
>> Sleuthkit
The Sleuth Kit is a library and collection of Unix- and Windows-based utilities for extracting data from disk drives and other storage so as to facilitate the forensic analysis of computer systems.
>> Volatility:
Volatility is an open-source memory forensics framework for incident response and malware analysis. It is written in Python and supports Microsoft Windows, Mac OS X, and Linux.
>> Wireless Hacking:
Aircrack-Ng
Wifite
Airsnort
Kismet
>> Aircrack-Ng:
Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic.
>> wifite:
Wifite is a wireless auditing tool designed to automate the process of testing and cracking Wi-Fi networks, using various attacks and strategies to assess network security vulnerabilities in ethical hacking scenarios.
>> Airsnort:
AirSnort is an outdated tool used for capturing and decrypting Wi-Fi encryption keys, specifically targeting WEP (Wired Equivalent Privacy) protected networks, allowing users to gain unauthorized access in insecure network environments.
>> Kismet:
Kismet is a wireless network detector, sniffer, and intrusion detection system used for monitoring and analyzing Wi-Fi networks, capturing packets to uncover network information and potential security threats in real-time.
@ Web Application assessment @
>> OWASP ZAP:
OWASP Zed Attack Proxy, is an open-source web application security scanner used for finding vulnerabilities during software development and testing. It helps identify security flaws like cross-site scripting (XSS), SQL injection, and other common web application vulnerabilities.
>> Burp suite
Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
>> Nikto:
>> Gobuster
……………………………..…………Thank You…………………………………
