1). Nmap:
Nmap stands for network mapper. This tool is open-source software that is widely used for network discovery and security auditing. Nmap is used to discover hosts and services on computer network by sending packets and analysing the responses.
Features:
•Port scanning, Host discovery, OS detection, Version detection, Scriptable integration with the target.
2). Wireshark:
Wireshark is a free and open-source packet analyzer. It is used for Network troubleshooting, analysis, software and communications protocol development. It is a packet sniffer, and analysis tool. It captures network traffic and and stores that data for offline analysis.
Features:
•Live capture and offline analysis, Deep inspection of hundreds of protocols with more being added all the time, standard three-pane packet browser and many more...
You can download it from : https://www.wireshark.org
3). Metasploit:
Metasploit framework is a tool for developing and executing exploit codes against a remote target machine. The metasploit project includes anti-forensic and evasion tools, some of which are built into the metasploit framework. Metasploit is pre-installed in the kali linux operating system. It is programmed in ruby.
4). Meg-Tool:
This wrapper will automate numerous tasks and helps you during your Reconnaissance process. This script finds common issues, low hanging fruit and assists you when you are approaching target. It can be used to fetch many paths for many hosts; fetching one path for all hosts before on going to the next path and repeating.
5). HPING3:
Hping3 -- a network scanning tool is a free packet generator and analyzer for Tcp/Ip protocol. It is one type of a tester for network security it is one of the difacto tool for security auditing testing firewalls and networks and was used to exploit the idlle scan scanning technique. It supports Tcp, Udp, Icmp and Raw- Ip protocols, has a trace route mode, the ability to send the files between a covered channel and many other features.
6). LulzBuster:
Lulzbuster is a very fast and smart web directory and file enumeration tool written in C. Almost every site has files and folders that no link leads to. Among them very interesting one come across for example, forgotten backup copies of a website or database, phpMyadmin entries in admin panel, and other pages that are not intended for general access.
7). Sqlmap:
Sqlmap is a open source pentesting tool which automates the process of detecting and exploiting the sql injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate pentester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system etc.,
8). WebKiller:
Webkiller is another information gathering tool with good features to scan the target. In this tool we have all the option to perform information gathering and this tool is completely build on python programming.
9). Pompem- Exploit and vulnerability finder:
Pompem is a open source tool, designed to automate the search for exploits and vulnerability in the most important databases. Developed in python and has a system of advanced search that help the work of pentesters and ethical hackers. It performs searches in the packerstorm security, CX security, Zero day, vuners, and many more..
10). ATSCAN:
Atscan is a advance dork search and mass exploit scanner.
Features:
• wordpress theme and plugin detection.
• find Admin page
• sqli/Xss/Afd scanner
•filter wordpress and joomla sites.
•collects Ip's
•collects E-mails and many more...
Post a Comment
0 Comments