GDPR – Useful Tools for Ethical Hacking/Penetration Testing

A great proportion of hackers prefer the Linux operating system. Linux is loved by the hacking community, mostly because of the amount of control it puts into the user’s hands and it’s open source nature, Linux is also deemed more secure than windows, and less susceptible to attacks.

A larger number of hacking tools are built tailored for Linux. Some of these tools can be used in the command line. As a hacker or an aspiring one, there are a bunch of Linux command line tools available to aid your tasks, most of which are available in Kali or with a simple Git clone command.

Network Penetration Testing Tools

  • Masscan – A super fast tool for scanning a large range of IP addresses within a matter of minutes
  • Nikto – Great for finding web server vulnerabilities
  • Nessus – The defacto all round tool for finding mostly network based vulnerabilities
  • Metasploit – Auxiliary modules for mapping as well as of course the many exploit modules
  • Tcpdump -A versatile packet analyzer which runs under the command line. It permits the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
  • Httptunnel- A tunneling software that can tunnel network connections through restrictive HTTP proxies over pure HTTP “GET” and “POST” requests.
  • Proxytunnel- This is program to stealthily tunnel a connection through a standard HTTPS proxy.

We have a  networking hacking course that is of a similar level to OSCP, get an exclusive  95% discount HERE

Web Application Penetration Testing Tools

  • BurpSuite – The only web proxy you will ever need for manually finding web app vulnerabilities, use the pro version for more features.
  • w3af_console – A pretty nice tool for doing some web app scanning for common vulnerabilities
  • Fuser- A Linux utility to identify processes using files or sockets
  • – An automated database exploitation tool

WiFi Hacking / Penetration Testing Tools

  • Reaver- A tool for brute forcing attacks against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases.

If you would like learn all about WiFi ethical hacking from the ground up, we have a 7.5 hour online course with a totally bonkers discount. Get it HERE.

Password Cracking Tools

  • JTR – John The Ripper is a great tool customising password attacks, we recommend using the Jumbo add on.

Social Engineering Tools

  • SET – Stands for social engineering toolkit, it’s been around for a while, so is likely to be nicely polished by now

Read more…