5 Hacking tools for black hat 🎩 hacker
1. John the Ripper
John the Ripper is one of the most popular password crackers of all time. It's also one of the best security tools available to test password strength in your operating system, or for auditing one remotely.
This password cracker is able to auto-detect the type of encryption used in almost any password, and will change its password test algorithm accordingly, making it one of the most intelligent password cracking tools ever.
This ethical hacking tool uses brute force technology to decipher passwords and algorithms such as:
DES, MD5, Blowfish
Kerberos AFS
Hash LM (Lan Manager), the system used in Windows NT / 2000 / XP / 2003
MD4, LDAP, MySQL (using third-party modules)
Another bonus is that JTR is open source, multi-platform and fully available for Mac, Linux, Windows and Android.
2. Wapiti
Wapiti is a free open-source command-line based vulnerability scanner written in Python. While it's not the most popular tool in this field, it does a good job of finding security flaws in many web applications.
Using Wapiti can help you to discover security holes including:
XSS attacks
SQL injections
XPath injections
XXE injections
CRLF injections
Server side request forgery
Other features include:
Runs in verbose mode
Ability to pause and resume scans.
Highlights vulnerabilities found inside the terminal
Generates reports and export into HTML, XML, JSON and TXT
Activates and deactivates multiple attack modules
Removes parameters from certain URLs
Excludes URLs during an attack
Bypasses SSL certificate verification
URL extractor from javascript
Timeout configuration for large scans
Sets custom user-agent and HTTP headers
3. Maltego
Maltego is the perfect tool for intel gathering and data reconnaissance while you're performing the first analysis of your target.
In this case, it can be used to correlate and determine relationships between people, names, phone numbers, email addresses, companies, organizations and social network profiles.
Along with online resources like Whois data, DNS records, social networks, search engines, geolocation services and online API services it can also be used to investigate the correlation between internet-based infrastructures including:
Domain names
DNS servers
Netblocks
IP addresses
Files
Web Pages
Main features include:
GUI-based interface
Analyzes up to 10.000 entities per graph
Extended correlation capabilities
Data sharing in real time
Correlated data graphics generator
Exports graphs to GraphML
Generates entity lists
Can copy and paste information
This application is available for Windows, Linux, and Mac OS, and the only software requirement is to have Java 1.8 or greater installed.
4. AirCrack-ng
AirCrack-ng is a respected Wifi security suite for home and corporate security investigations. It includes full support for 802.11 WEP and WPA-PSK networks and works by capturing network packets. It then analyzes and uses them to crack Wifi access.
For old-school security professionals, AirCrack-ng includes a fancy terminal-based interface along with a few more interesting features.
Main features:
Plug In A Compatible Packet Injection WiFi Card Into Your Computer's USB Port
Plug in the external WiFi adapter into your computer's USB port. If your computer already has a factory WiFi card, then nevermind. If you are using virtualization software, there is going to be an icon that you need to click on and select the device. Make sure to add the USB device filter if you are using VirtualBox.
Recommended USB Wi-Fi Plug-And-Play Cards For Kali Linux
Here is my list of top three recommended USB plug-and-play cards Wi-Fi cards for Kali Linux:
TP-Link WN722 (2.4GHz, first version only)
![](data:image/svg+xml;charset=utf-8,<svg height="300px" width="176px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
Alfa AWUS036NHA (2.4GHz)
![](data:image/svg+xml;charset=utf-8,<svg height="250px" width="250px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
Alfa AWUS036H (2.4GHz)
![](data:image/svg+xml;charset=utf-8,<svg height="300px" width="202px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
Support for Linux, Mac and Windows Wifi detection
Launches PTW, WEP and Fragmentation attacks
Supports WPA Migration Mode
Fast cracking speed
Multiple Wifi card support
Integration with 3rd party tools
As a bonus, it comes bundled with a lot of Wifi auditing tools including:
5.Canvas
Canvas is a great alternative to Metasploit, offering more than 800 exploits for testing remote networks.
Main features
Remote network exploitation
Targets different kind of systems
Targets selected geographic regions
Takes screenshots of remote systems
Downloads passwords
Modifies files inside the system
Escalates privileges to gain administrator access
This tool also lets you use its platform to write new exploits or use its famous shellcode generator. It also integrates an alternative to nmap called scanrand, which is especially useful for port scanning and host discovery over mid to large networks.
Supported platforms include:
Linux
MacOSX (requires PyGTK)
Windows (requires Python and PyGTK)
No comments:
Post a Comment