aadit/MIT-Curricular
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update IS/Lab/Lab1/Tools.md

Browse source
This commit is contained in:
aadit 2025-07-22 08:38:07 +05:30
parent a865f5becb
commit e68d8a0cb4
1 changed files with 18 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

30
IS/Lab/Lab1/Tools.md
View file

@ -1,16 +1,22 @@
# Tool Exploration for Information Security
## Kali Linux
## Owasp-Zap
## Metasploit
## [Kali Linux](https://www.kali.org/)
Kali Linux is a Debian based operating system maintained by the core Debian team to be used for cybersecurity applications specifically. While general OS installations limit certain hardware/software configurations for certain vectors of usage to prevent exploitation, Kali does no such thing - enabling the user to perform various kinds of operations with modularity. For example, Kali lets a user set a defined Mac Address for their Wireless Card/SoC to perform an IP takeover, or lets a user capture the entire WPA(X) handshake to decrypt it. It is therefore used by penetration testing teams (both ethical and unethical) to carry out tests/exploits.
## [Owasp-Zap](https://www.zaproxy.org/)
Made by the Open Wroldwide Security Application Project (OWASP), Zed Attack Proxy (ZAP) is a web application vulnerability scanner designed for both automated and manual use. It acts a proxy server and inspects web traffic - analyzing network requests and related data for vulnerability exposure. It also has code review built in to assist fixing any possible issues before a piece of software is pushed into production.
## [Metasploit](https://www.metasploit.com/)
Designed to be a portable network tool in HD Moore in 2003, Metasploit has grown out to be an entire open source penetration testing framework, alongside its derivative sub projects like the OpCode Database, Shellcode Archive etc. Metasploit has, by itself, grown to be a collective of various tools throughout the decades, including coverage for most major publicly known exploits/CVEs used in the field - including those that were leaked from the NSA/TAO hacks in the late 2010s. It is a go to toolkit for penetration testers to approach security issues in any testing scenario.
## Burpsuite
## Ettercap
Hydra
Mosquitto
nmap
netcat
sqlmap
sqlninja
msfvenom
microsoft threat model (STRIDE)
PyCharm
## Hydra
## Mosquitto
## nmap
## netcat
## sqlmap
## sqlninja
## msfvenom
## microsoft threat model (STRIDE)
## PyCharm