8 Classic Hacking Tools A Budding Hacker Can Use Today
Ethical hacking and its evil twin, cracking are not Rocket Science, people engaging with those activities only have two things that differentiate them from the regular Joe and Jill of computing:
- The know-how
- The tools they use.
Of course, knowing how to conduct an ethical hacking job, AKA penetration testing and its counterpart, making lives miserable for other people through cracking and blackhat hacking requires considerable time and practice to become skilled. The first requires a lot of time to master the techniques, while the second is much easier, as the most common tools to do penetration testing is available for everyone to download. The hacking tools themselves are not evil nor good, but the person using the tools makes them either instrument harm or for protection.
Here are some of the available hacking tools in the Internet today:
Tcpdump (https://www.tcpdump.org/)
It is a computer network debugging tool that runs under the command line. It allows the user to intercept and display TCP / IP and other packets transmitted or received through a network to which the computer is attached. On some Unix-like operating systems, a user must have superuser privileges to use tcpdump, because the packet of capture mechanisms for those systems require elevated privileges. However, the -Z option can be used to release privileges to an unprivileged user after the capture has been created. On other Unix-like operating systems, the packet capture mechanism can be configured to allow non-privileged users to use it, if that is to do, superuser privileges are not necessary. The user can, optionally, apply a filtering BPF to limit the number of packets seen by tcpdump, which makes the output more usable in networks with a high volume of traffic.
Snort (https://www.snort.org/)
It is a free and open source Network Intrusion Prevention System (PIN) and network intrusion detection (NIDS) capable of performing logging and real-time traffic analysis on IP networks.Snort performs analysis protocol, content search/collation, and is commonly used to actively or passively block to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, Web application attacks, SMB probes, and OS attempts of fingerprinting, among other characteristics. The software is mainly used for intrusion prevention purposes, going through the attacks that are being carried out. Snort can be combined with other software types such as SnortSnarf, Sguil, OSSIM, and the Basic and Security Engine Analysis (BASE) to provide a visual representation of intruder data. With the patches for the Snort font bleeding edge threats, the support for the packets of flow with the ClamAV antivirus scan and the network with SPADE anomaly in the network layers 3 and 4 is possible with historical observation.
Hping (http://www.hping.org/)
Free hping is a packet generator and analyzer for the TCP / IP protocol. Hping is one of the de facto instruments for security audit and firewall and network testing and was used to exploit technical scanning exploration inactivity (also invented by the hping author), and now applied in the Nmap Security Scanner. The new version of hping, hping3, is a collection of scripts using the Tcl language and runs a base chain engine, readable description of the TCP / IP packets so that the programmer can write scripts related to the low-level TCP / IP of handling and analysis packages in a very short time. Like most of the tools used in computer security, hping is useful for both system administrators and crackers (or script kiddies).
Kismet (https://sectools.org/tool/kismet/)
It is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card that supports raw monitoring mode and can smell 802.11a, 802.11b, and 802.11g traffic. Kismet is unlike most other wireless network detectors in the sense that it works passively. This means that without the sending of any loggable packets, it is able to detect the presence of both wireless access points and wireless connection to clients, associates and each of them with others. Kismet also includes basic wireless IDS features such as the detection of wireless assets including the inhalation of NetStumbler programs, as well as a number of wireless network attacks.
Netcat (http://netcat.sourceforge.net/)
Netcat is a utility for creating read and write networks to network connections over TCP or UDP. The original version of Netcat is a UNIX program. Its author is known as Hobbit * *. Version 1.1 was published in March 1996. Netcat is fully POSIX compatible and there are several implementations, including a rewrite from scratch known as GNU Netcat.
Wireshark (https://www.wireshark.org/)
Wireshark is a sniffer of free application software packages used for troubleshooting network problems, analysis, communications protocol software and development, and education. In June 2006, the project was renamed Ethereal, due to issues related to brands. The functionality provided by Wireshark is very similar to tcpdump, but it has a front-end GUI, and many more information classification and filtering options. It allows the user to see all the traffic that passes through the network (usually an Ethernet network, but the support is added to the others) by putting the network interface in promiscuous mode. Wireshark uses the cross-platform widgets GTK + Toolkit, and is cross-platform, running on various operating systems including Linux, Mac OS X, and Microsoft Windows. Released under the terms of the GNU General Public License, Wireshark is free software.
Chkrootkit (http://www.chkrootkit.org/)
It is a Unix-based program intended to help system administrators control their system of known rootkits. It is a shell script using UNIX / Linux tools such as strings and grep commands to search for basic signature system programs and to compare a path of the / proc files with the output of the PS (process state) to look for discrepancies. It can be used from a “rescue disk“ (typically a Live CD) or you can optionally use an alternative directory from which to execute all of your own commands. These techniques allow chkrootkit to trust the commands to which they depend a little more. There are inherent limitations to the reliability of any program that tries to detect compromises (such as rootkits and viruses). Most recent May rootkits specifically try to detect and compromise copies of chkrootkit programs or take other measures to evade detection by them.
John the Ripper (https://www.openwall.com/john/)
It is a free password crack software tool initially developed for the UNIX operating system. It is one of the most popular password / break programs because it combines a cookie password number in a packet, automatically detects the hash types of the password, and includes a customizable cracker. It can run against various encrypted crypt password formats including several types of password hashes most commonly found in various flavors of Unix (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT / 2000 / XP / 2003 LM hash. Additional modules have expanded their ability to include MD4 based on hashes of passwords and passwords stored in LDAP, MySQL, and others