10 must-have tools for Kali Linux beginners

The penetration testing operating system Kali Linux (formally known as BackTrack) comes with a ton of tools pre-installed, but there are some that have been around the longest that you should know about and get comfortable using. Here are 10 must-have tools to consider adding to your toolbox if you’re new to the world of digital security. This list isn’t meant to be exhaustive, but it covers some of the most critical, well-known utilities available on Kali Linux today.


Metasploit

The Metasploit Framework (MSF) is an advanced open-source platform that aids in developing, testing and using exploit code. Developed by H.D. Moore in 2003 and built on more than a decade of research, it is today one of the most popular and widely used exploit development platforms available.


Nmap

This is a network exploration tool. It has been used by security professionals, including government agencies and penetration testers, to find possible security breaches in an organization’s computer systems. Basically, Nmap lets you quickly scan your device to check if there are existing threats on it. Many organizations use it to scan networks and improve their information technology. You can also find Nmap on many Kali Linux versions.


Maltego – OSINT (Open Source Intelligence) tool

Maltego is a powerful open-source intelligence and forensics application that provides information-gathering capabilities to Pentesters. Maltego not only allows you to gather information about potential targets but also can be used as an analysis tool once you have obtained some results. It's one of those tools that come in handy during every pentest.


Wireshark

Sometimes referred to as just a shark, Wireshark is a popular packet analyzer and network protocol analyzer that you can use to track down how traffic moves through your network. If someone tells you that they’re using Wireshark on your network, it’s probably not to track down stolen credit card numbers (although it could be!). More likely, someone is trying to find out why something isn’t working correctly on your network.


Ettercap

A powerful tool that’s best described as a Swiss Army knife for hackers. Ettercap is used to perform man-in-the-middle attacks, eavesdrop on network traffic, and get malware onto remote computers. It was created in 2001 by Alberto Ornaghi and has been under development ever since. Ettercap works on all major platforms and can be deployed through either command line or graphical interfaces.


Burp Suite

This is a very powerful web application testing tool that has numerous capabilities. It can help you find vulnerabilities, analyze and edit traffic between your computer and another server, etc. It’s definitely one of my favourite Kali tools.


Screaming Pi

When you’re starting out with security, there’s a pretty good chance you’ll be using a Raspberry Pi or another single-board computer. However, if you have never configured one of these devices before, it can be an involved process just to get it up and running. Luckily, thanks to developers like ttylinux and p1n0p00005 on GitHub, you can configure your Pi with a few quick commands.


Packetninja

A security research and assessment tool that helps perform network analysis on binary packets. You can use it to detect application-layer attacks, determine their impact on a target, and construct proof of concept exploits. There are a plethora of other options here as well—also look at Nikto, Urlscan, Spoofchecker, Nmap, SMAC, Hping3, Sslscan etc. Packetninja is something to consider as a starting point in your security toolkit.


Ophcrack

If you’re on a Windows system and want to start hacking away, it’s good to know there are several useful online repositories. Ophcrack is one of these—it holds both live CDs and images that can be run from your hard drive. The next time your password falls into enemy hands, put Ophcrack to work.


No Machine

Because it’s a live boot distribution, No Machine allows you to run virtual machines from your host computer. Virtualization is key for pen-testing because it enables you to create a second instance of your system as it exists on your hard drive. The virtual machine remains isolated from any changes or damage to your primary operating system. As long as you regularly back up your data, you won’t have anything to worry about in terms of losing important files and documents.

Comments

Post a Comment

Popular posts from this blog

Do You Want to Be a Hacker? Here's How to Get Started

Becoming a hacker isn’t easy, but it’s not impossible, either. You’ll have to work hard at it if you want to become successful and earn respect in the hacking community, but it all starts with one simple step: learning the basics of computer programming. Let’s take an in-depth look at what that means and how you can make your first steps toward becoming a hacker. What Does a Hacker Do, Exactly? Although media portrayals sometimes give hackers a bad rap, it’s important to remember that hackers are really just another job title for techies who like tinkering with software and computers. As such, there are many different roles involved in hacking (as opposed to being an all-inclusive term), including Ethical Hackers, Security Analysts, Digital Forensics Experts and more. The path you take will ultimately depend on your interests and skillset. What Should I Study to Become A Hacker? That depends on what you want to do when you grow up. In general, hackers are software engineers with solid ...
Read more

How Much Money Do Hackers Make? You Might Be Surprised!

When you hear the word hacker, what do you think of? A cyber criminal breaking into bank accounts to steal all the money? An IT technician fixing someone’s computer who happens to have extra time on his hands? Or someone who can’t help but look at any and all programming code to see how it works? For some people, all three of these ideas fit into their idea of a hacker; but for others, there may be only one idea that comes to mind when thinking about hacking and hackers—especially those who haven’t spent much time learning about coding and computers. An Overview of the Hacking Industry Hackers aren’t all bad. In fact, they can be considered good guys who do bad things in some cases. But before we explore how much money hackers make, let’s take a look at their place in our world. Most of the time, people's personal information is stolen by these types of malicious software (malware) programs and then used to gain access to various accounts such as bank accounts and social media plat...
Read more