Ethical Hacking - Overview
Ethical Hacking - Tools
A hacking tool is a program designed to assist with or a piece of software which can be used for hacking purposes and save hackers time.
Nmap stands for Network Mapper. It is an open source tool that is used widely for network discovery , hosts and service on a computer network thus building a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses.
The software provides a number of features for probing computer networks, including host discovery and service and operating system detection.These features are extensible by script that provide more advanced service detection, vulnerability detection and other features Nmap can adapt to network conditions including latency and congestion during a scan. The Nmap user community continues to develop and refine the tool.
Nmap uses raw IP packets to determine −
what hosts are available on the network,
what services those hosts are offering,
what operating systems they are running on,
what type of firewalls are in use, and other such characteristics.
In 2003, H.D.Moore , (a Cyber Security Researcher and Program Developer from the US) started the Metasploit Project with the intention being to create a public and freely accessible resource to obtain exploitable code for research and development. The Metasploit project is credited with the creation of the Metasploit Framework, which has become an open-source exploit framework used for IT Security penetration testing and research.
In 2009, Metasploit was acquired by Rapid7, but was still managed by HD until 2013 when he handed management of the Metasploit department in order to expand Rapid7’s research capabilities. In early 2016 HD left Rapid7 for a new venture.
SuperScan is a powerful tool for network administrators to scan TCP ports and resolve hostnames. It has a user friendly interface that you can use to −
Perform ping scans and port scans using any IP range.
Scan any port range from a built-in list or any given range.
View responses from connected hosts.
Modify the port list and port descriptions using the built in editor.
Merge port lists to build new ones.
Connect to any discovered open port.
Assign a custom helper application to any port.
WebInspect is a web application security assessment tool that helps identify known and unknown vulnerabilities within the Web application layer.
It can also help check that a Web server is configured properly, and attempts common web attacks such as parameter injection, cross-site scripting, directory traversal, and more.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
-Verify that your network is set up the way you intended.
-Find locations with poor coverage in your WLAN.
-Detect other networks that may be causing interference on your network.
-Detect unauthorized "rogue" access points in your workplace.
-Help aim directional antennas for long-haul WLAN links.
-Use it recreationally for WarDriving.
LANguard Network Security Scanner
LANguard Network Scanner monitors a network by scanning connected machines and providing information about each node. You can obtain information about each individual operating system.
It can also detect registry issues and have a report set up in HTML format. For each computer, you can list the netbios name table, current logged-on user, and Mac address.
LC4 was formerly known as L0phtCrack. It is a password auditing and recovery application. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, and hybrid attacks.
LC4 recovers Windows user account passwords to streamline migration of users to another authentication system or to access accounts whose passwords are lost.
ToneLoc stands for Tone Locator. It was a popular war dialling computer program written for MS-DOS in the early 90’s. War dialling is a technique of using a modem to automatically scan a list of telephone numbers, usually dialling every number in a local area code.
Malicious hackers use the resulting lists in breaching computer security - for guessing user accounts, or locating modems that might provide an entry-point into computer or other electronic systems.
It can be used by security personnel to detect unauthorized devices on a company’s telephone network.
Ettercap stands for Ethernet Capture. It is a network security tool for Man-in-the-Middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. Ettercap has inbuilt features for network and host analysis. It supports active and passive dissection of many protocols.
You can run Ettercap on all the popular operating systems such as Windows, Linux, and Mac OS X.
EtherPeek is a wonderful tool that simplifies network analysis in a multiprotocol heterogeneous network environment. EtherPeek is a small tool (less than 2 MB) that can be easily installed in a matter of few minutes.
EtherPeek proactively sniffs traffic packets on a network. By default, EtherPeek supports protocols such as AppleTalk, IP, IP Address Resolution Protocol (ARP), NetWare, TCP, UDP, NetBEUI, and NBT packets.
QualysGuard is an integrated suite of tools that can be utilized to simplify security operations and lower the cost of compliance. It delivers critical security intelligence on demand and automates the full spectrum of auditing, compliance and protection for IT systems and web applications.
QualysGuard includes a set of tools that can monitor, detect, and protect your global network.
Cain & Abel
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It helps in easy recovery of various kinds of passwords by employing any of the following methods −
sniffing the network,
cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks,
recording VoIP conversations,
decoding scrambled passwords,
recovering wireless network keys,
revealing password boxes,
uncovering cached passwords and analyzing routing protocols.
Cain & Abel is a useful tool for security consultants, professional penetration testers and everyone else who plans to use it for ethical reasons.
Angry IP Scanner
Angry IP scanner is a lightweight, cross-platform IP address and port scanner. It can scan IP addresses in any range. It can be freely copied and used anywhere. In order to increase the scanning speed, it uses multithreaded approach, wherein a separate scanning thread is created for each scanned IP address.
Angry IP Scanner simply pings each IP address to check if it’s alive, and then, it resolves its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be saved to TXT, XML, CSV, or IP-Port list files. With help of plugins, Angry IP Scanner can gather any information about scanned IPs.
Burp Suite is a popular platform that is widely used for performing security testing of web applications. It has various tools that work in collaboration to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Burp is easy to use and provides the administrators full control to combine advanced manual techniques with automation for efficient testing. Burp can be easily configured and it contains features to assist even the most experienced testers with their work.