3 KiB
Tool Exploration for Information Security
MS Teams Access Code: hrtvl3x
Kali Linux
Kali Linux is a Debian based operating system maintained by the core Debian team to be used for cybersecurity applications specifically. While general OS installations limit certain hardware/software configurations for certain vectors of usage to prevent exploitation, Kali does no such thing - enabling the user to perform various kinds of operations with modularity. Kali is bundled with various readymade tools that allow automation of penetration testing in various stages. It is therefore used by penetration testing teams (both ethical and unethical) to carry out tests/exploits.
Owasp-Zap
Made by the Open Wroldwide Security Application Project (OWASP), Zed Attack Proxy (ZAP) is a web application vulnerability scanner designed for both automated and manual use. It acts a proxy server and inspects web traffic - analyzing network requests and related data for vulnerability exposure. It also has code review built in to assist fixing any possible issues before a piece of software is pushed into production.
Metasploit
Designed to be a portable network tool in HD Moore in 2003, Metasploit has grown out to be an entire open source penetration testing framework, alongside its derivative sub projects like the OpCode Database, Shellcode Archive etc. Metasploit has, by itself, grown to be a collective of various tools throughout the decades, including coverage for most major publicly known exploits/CVEs used in the field - including those that were leaked from the NSA/TAO hacks in the late 2010s. It is a go to toolkit for penetration testers to approach security issues in any testing scenario.
Burpsuite
BurpSuite is a tool focused at web exploitation, used by researchers reverse engineering products for APIs. It features detection and exploitation capabilities for vulnerabilities such as Cross Site Scripting (XSS), SQL Injection, Cross Site Request Forgery (CSRF), XML External Entity Injection, Server Side Request Forgery (SSRF) and more. It is used to exploit and map APIs from various applications as well, and can be then used to map them and perform any of the above mentioned exploits.
Ettercap
Ettercap is a Man in the Middle (MITM) tool used by security researchers to ensure end to end security of data/action pipelines. It allows users to perform the following tests
- Host Lists through ARP requests sent to any subnet mask as specified by the user.
- Unified Sniffing: Kernel IP forwarding is disabled, user sends a request with a specific MAC address that is same as the attacker's one but with different IPs, so the packet is then return to the attacker instead.
- Bridged Sniffing
- ARP Poisoning
- ICMP redirection (Half Duplex MITM)
- DHCP Spoofing
- Port Stealing
- Character Injection et cetera
Hydra
Hydra