Skip to main content

The Top Ten Hacker Tools of 2015 (CTNews)





Cyber Hacking (“Cyber Security” formally) there are millions of tools which are available on the Internet either as Freewares or as Sharewares.


If you are security researcher, pentester or a system admin, you need to have this on your PCs/laptops to find the vulnerabilities and plug them. Concise Courses conducted an online poll to determine top ten hacking tools out of some of the famous ones. Here is the list which came out the winner on the poll.



1. Nmap:  Network Mapper

Abbreviated as nmap is a versatile tool for Network Security, plus it is free and open source.It  is largely used by network administrators for network discovery and security auditing. System admins use nmap for network inventory, determining open ports, managing service upgrade schedules, and monitoring host(A term used for “a computer on a network”) or service uptime. The tool uses raw IP packets in many creative ways to determine what hosts are available on the network, what services (application name and version) they offer,which type of protocols are being used for providing the services,what operating systems (and OS versions and possible patches) and what type and version of packet filters/ firewalls are being used by the target.

2. Metasploit:

A tool for exploiting (Utilising network weakness for making a “backdoor”) vulnerabilities (Weak Points) on Network. This tool is neither free nor open source. But when it comes to features offered it deserves the price it claims. The Metasploit Project is a hugely popular pentesting (penetration testing) or hacking tool that is used by cybersecurity professionals and ethical hackers. Metasploit is essentially a computer security project that supplies information about known security vulnerabilities and helps to formulate penetration testing and IDS testing.

3. Cain and Abel:

Cain & Abel is a password recovery tool that is mostly used for Microsoft Operating Systems. This popular hacking tool allows the user to seek the recovery of various kind of passwords by sniffing the network(capturing some of the data packets), cracking encrypted passwords using Dictionary, Brute-Force(Generation of hashes out of words and then comparison of encrypted hash with the generated one,this method takes less time than dictionary attack method) and Cryptanalysis attacks. Cain, as it is often referred to, can also record VoIP(Voice over IP protocol,used for making calls over using internet) conversations, decode hashed scrambled passwords, recover wireless network keys and more.It can crack various types of hashes including NTLM,MD2,MD5,SHA-1,SHA-2 and many more.These functionalities make Cain and Abel one of the best password recovery tool.

4. Angry IP Scanner: 

Angry IP Scanner, also known as ‘ipscan’ is a freely available (open-source and cross-platform) hacking network scanner that is both fast and easy to use. The main purpose of this hacking tool is to scan IP addresses and ports to find open doors and ports. Worth noting that Angry IP Scanner also has a bunch of other uses as well. Common users of this hacking tool include network administrators and system engineers.

5.John The Ripper: 

John the Ripper is a popular password cracking pentesting tool that is most commonly used to perform dictionary attacks. John the Ripper takes text string samples (from a text file, referred to as a wordlist, containing popular and complex words found in a dictionary or real passwords cracked before), encrypting it in the same way as the password being cracked (including both the encryption algorithm and key), and comparing the output to the encrypted string. This tool can also be used to perform a variety of alterations to dictionary attacks.Including Brute Force and Rainbow attacks.

6. THC Hydra:

Although often considered as yet another password cracker, THC Hydra is hugely popular and has a very active and experienced development team. Essentially THC Hydra is a fast and stable Network Login Hacking Tool that will use dictionary or brute-force attacks to try various password and login combinations against an log in page. This hacking tool supports a wide set of protocols including Mail (POP3, IMAP, etc.), Databases, LDAP(Lightweight Directory Access Protocol),SMB, VNC, and SSH(Secure Shell,used by VPN Softwares).

7. Burp Suite:

A pentesting tool,Burp Suite has several features that can help the penetration tester or ethical hacker. Two commonly used applications used within this tool include the ‘Burp Suite Spider’ which can enumerate and map out the various pages and parameters of a web site by examining cookies and initiates connections with these web applications, and the ‘Intruder’ which performs automated attacks on web applications.

8. Nessus Remote Security Scanner

Recently went closed source, but is still essentially free. Works with a client-server framework. Nessus is the worlds Nessus Remote Security Scanner most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the worlds largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications. (This tool is not in the Concise list)

9. Ettercap:

Ettercap has a huge following and is widely used by cyber security professionals. Ettercap works by placing the user’s network interface into promiscuous mode and by ARP poisoning(ARP : Address resolution protocol is used to determine a host’s MAC address (address of its Network Interface Card) by knowing its IP address. ARP poisoning is a process where a hacker gives wrong information of either its MAC or IP address to the network.) the target machines, i.e. facilitating a ‘Man In The Middle’ or MITM attack. Once successful Ettercap (and the hacker) can deploy various attacks on the victims. A popular feature about Ettercap is its’ ability to support various plugins.

10. Wapiti:

Wapiti has a very loyal following. As a pentesting tool (or framework) Wapiti is able to scan and detect hundreds of possible vulnerabilities. Essentially this Multi Purpose Hacker Tools can audit the security of web applications by performing “black-box” scans, i.e. it does not study the source code of the application but will scan the HTML pages of the application seeking scripts and forms where it can inject data.
 

Comments

Post a Comment

Popular posts from this blog

Kali Linux Commands Cheat Sheet

Kali Linux commands cheat sheet. All basic commands from A to Z in Kali Linux has been listed below. A   -> apropos : Search Help manual pages (man -k)  -> apt-get : Search for and install software packages (Debian/Ubuntu)  -> aptitude : Search for and install software packages (Debian/Ubuntu)  -> aspell : Spell Checker  -> awk : Find and Replace text, database sort/validate/index B  -> basename : Strip directory and suffix from filenames  -> bash : GNU Bourne-Again SHell  -> bc : Arbitrary precision calculator language  -> bg : Send to background  -> break : Exit from a loop  -> builtin : Run a shell builtin  -> bzip2 : Compress or decompress named file(s) C   -> cal : Display a calendar  -> case : Conditionally perform a command  -> cat : Concatenate and print (display) the content of files  -> cd : Change Directory  -> cfdisk : Partition table manipulator for Linux  -> chgrp : Change group owne
Post a Comment
Read more

How to Install and run Kali Linux on any Android Smartphone

Tutorial for installing and running Kali Linux on Android smartphones and tablets Kali Linux is one the best love operating system of white hat hackers, security researchers and pentesters. It offers advanced penetration testing tool and its ease of use means that it should be a part of every security professional’s toolbox. Penetration testing involves using a variety of tools and techniques to test the limits of security policies and procedures. Now a days more and more apps are available on Android operating system for smartphones and tablets so it becomes worthwhile to have Kali Linux on your smartphone as well. Kali Linux on Android smartphones and tablets allows researchers and pentesters to perform ” security checks” on things like cracking wep Wi-Fi passwords, finding vulnerabilities/bugs or cracking security on websites.  This opens the door to doing this from a mobile device such as a phone or a tablet. You can also install Kali Linux Distribution
Post a Comment
Read more

The History of Apple mac OS Malware (CTNews)

Mac Malware : A Brief history of malware for Apple’s Mac OS from 2004 to present Mac users are pretty sure Apple’s integrated systems will never encounter any malware, how true is that? Lets check a brief history of Mac malware. Microsoft Windows users were the ones who were mostly affected with the computer malware, trojans, viruses. Just a few decades back, Mac users, on the contrary, would always feel proud to be using the right equipment because they believed Apple’s integrated systems would never encounter any malware. However, security researchers would tell us a different story.  Few decades back, Microsoft Window’s larger user base made it easy for hackers to target the user of this OS. However, now Apple’s market and in turn Mac users are also growing and at the same time Mac-oriented malware too is gaining popularity. This article is a recap of Apple’s complicated history with malware. 2004: Renepo: A shell script worm : This was designed specific
Post a Comment
Read more