Kali Linux is just a tool. It is illegal when you use a tool for hacking and not when you install it for useful purposes like learning or teaching or using it in the way to fortify your software or your network. It is not illegal to install any Operating System which is available for download and is properly licensed. This article is to help you learn tools which you can use to fortify your network and do not encourage any attacks or crime.
Aircrack-ng is one of the best wireless password hack tools for WEP/WAP/WPA2 cracking utilized worldwide!
It works by taking packets of the network, analyses it via passwords recovered. It also possesses a console interface. In addition to this, Aircrack-ng also makes use of standard FMS (Fluhrer, Mantin, and Shamir) attack along with a few optimizations such as the KoreK attacks and PTW attack to quicken the attack which is faster than the WEP.
If you find Aircrack-ng hard to use, simply check for tutorials available online.
Apktool is indeed one of the popular tools found on Kali Linux for reverse engineering Android apps. Of course, you should make good use of it – for educational purposes.
With this tool, you can experiment some stuff yourself and let the original developer know about your idea as well. What do you think you’ll be using it for?
- BeEF (The Browser Exploitation Framework)
BeEF, as the name implies, is a penetration tool that focuses on browser vulnerabilities. With it you can asses the security strength of a target environment using client-side attack vectors.
- Autopsy Forensic Browser
Autopsy is a digital forensic tool to investigate what happened on your computer. Well, you can also use it to recover images from SD card. It is also being used by law enforcement officials. You can read the documentation to explore what you can do with it.
- Burp Suite Scanner
Burp Suite Scanner is a professional integrated GUI platform for testing the security vulnerabilities of web applications.
- Fern Wifi Cracker
Fern Wifi Cracker is a Python-based GUI wireless security tool for auditing network vulnerabilities. With it, you can crack and recover WEP/WPA/WPS keys as well as several network-based attacks on Ethernet-based networks.
- GNU MAC Changer
GNU MAC Changer is a network utility that facilitates an easier and quicker manipulation of network interfaces’ MAC addresses.
Hashcat is known in the security experts’ community among the world’s fastest and most advanced password cracker and recovery utility tool. It is open-source and features an in-kernel rule engine, 200+ Hash-types, a built-in benchmarking system, etc.
Hydra will be one of the best Kali Linux tools that comes pre-installed to crack login/password pairs. It may not be actively maintained anymore – but it is now on GitHub, so you can contribute working on it as well.
- John the Ripper
John the Ripper is another popular cracking tool used in the penetration testing (and hacking) community. It was initially developed for Unix systems but has grown to be available on over 10 OS distros.
It features a customizable cracker, automatic password hash detection, brute force attack, and dictionary attack (among other cracking modes).
- King Phisher
Phishing attacks are very common nowadays. And, King Phisher tool helps test, and promote user awareness by simulating real-world phishing attacks. For obvious reasons, you will need permission to simulate it on a server content of an organization.
- Kismet Wireless
Kismet Wireless is a intrusion detection system, network detector, and password sniffer. It works predominantly with Wi-Fi (IEEE 802.11) networks and can have its functionality extended using plugins.
Lynis is a powerful tool for security auditing, compliance testing, and system hardening. Of course, you can also utilize this for vulnerability detection and penetration testing as well.
It will scan the system according to the components it detects. For example, if it detects Apache – it will run Apache-related tests for pin point information.
Maltego is propriety software but is widely used for open-source forensics and intelligence. It is a GUI link analysis utility tool that provides real-time data mining along with illustrated information sets using node-based graphs and multiple order connections.
- Metasploit Framework
Metasploit Framework is an open source framework with which security experts and teams verify vulnerabilities as well as run security assessments in order to better security awareness.
It features a plethora of tools with which you can create security environments for vulnerability testing and it works as a penetration testing system.
Netcat, usually abbreviated to nc, is a network utility with which you can use TCP/IP protocols to read and write data across network connections.
You can use it to create any kind of connection as well as to explore and debug networks using tunneling mode, port-scanning, etc.
Nessus is a remote scanning tool that you can use to check computers for security vulnerabilities. It does not actively block any vulnerabilities that your computers have but it will be able to sniff them out by quickly running 1200+ vulnerability checks and throwing alerts when any security patches need to be made.
Nikto2 is a free and open-source web scanner for performing quick comprehensive tests against items on the web. It does this by looking out for over 6500 potentially dangerous files, outdated program versions, vulnerable server configurations, and server-specif problems.
- Nmap (“Network Mapper”)
Nmap or “Network Mapper” is one of the most popular tools on Kali Linux for information gathering. In other words, to get insights about the host, its IP address, OS detection, and similar network security details (like the number of open ports and what they are).
It also offers features for firewall evasion and spoofing.
Pixiewps is a C-based brute-force offline utility tool for exploiting software implementations with little to no entropy. It was developed by Dominique Bongard in 2004 to use the “pixie-dust attack” with the intention to educate students.
Depending on the strength of the passwords you’re trying to crack, Pixiewps can get the job done in a mater of seconds or minutes.
Similar to WPScan, but not just focused for WordPress. Skipfish is a web application scanner that would give you insights for almost every type of web applications. It’s fast and easy to use. In addition, its recursive crawl method makes it even better.
For professional web application security assessments, the report generated by Skipfish will come in handy.
Snort is a free and open-source NIDS with which you can detect security vulnerabilities in your computer.
With it you can run traffic analysis, content searching/matching, packet logging on IP networks, and detect a variety of network attacks, among other features, all in real-time.
- Social Engineering Toolkit (SET)
If you are into pretty serious penetration testing stuff, this should be one of the best tools you should check out. Social engineering is a big deal and with SET tool, you can help protect against such attacks.
If you were looking for an open source penetration testing tool – sqlmap is one of the best. It automates the process of exploiting SQL injection flaws and helps you take over database servers.
Wifite2 is a free and open-source Python-based wireless network auditing utility tool designed to work perfectly with pen-testing distros. It is a complete rewrite of Wifite and thus, features an improved performance.
It does a good job at decloaking and cracking hidden access points, cracking weak WEP passwords using a list of cracking techniques, etc.
WireShark is an open-source packet analyzer that you can use free of charge. With it you can see the activities on a network from a microscopic level coupled with pcap file access, customizable reports, advanced triggers, alerts, etc.
It is reportedly the world’s most widely-used network protocol analyzer for Linux.
WordPress is one of the best open source CMS and this would be the best free WordPress security auditing tool. It’s free but not open source.
If you want to know whether a WordPress blog is vulnerable in some way, WPScan is your friend.
In addition, it also gives you details of the plugins active. Of course, a well-secured blog may not give you a lot of details, but it is still the best tool for WordPress security scans to find potential vulnerabilities.
- THC Hydra
THC Hydra uses brute force attack to crack virtually any remote authentication service. It supports rapid dictionary attacks for 50+ protocols including ftp, https, telnet, etc.
You can use it to crack into web scanners, wireless networks, packet crafters, gmail, etc.
Yersinia, named after the yersinia bacteria, is a network utility too designed to exploit vulnerable network protocols by pretending to be a secure network system analyzing and testing framework.
It features attacks for IEEE 802.1Q, Hot Standby Router Protocol (HSRP), Cisco Discovery Protocol (CDP), etc.