MUST HAVE SECURITY TOOLS
Previously published, May 20, 2022 on Medium
Author Davies Ombasa
Starting a career in cybersecurity requires knowledge in diverse fields (Click here to check out my blog post on ‘Starting a career in Cybersecurity’). It also requires one to familiarize themselves with a number of tools. These tools play a big role in automating some of the rigorous tasks that one has to carry out. While there are numerous of tools out there that you can use, there is a baseline of the must know tools that cut across all. An understanding of these will provide good grounding to perform. This is not a comprehensive list. However, for a newbie, it will provide a good starting zone. Also worth mentioning; all these tools are FREE!
CAUTION: These tools should only be used on networks that you have authorization to test.
1. Nmap — this is network mapper that provides you with various options to map out your network. It helps you in fingerprinting what is within your network. Some of its key features include:
Port scanning and service discovery — list of available ports on targets and what services are running on them.
Host discovery — lists devices that are connected to a network (list live IPs).
Fingerprinting — can discover what potential operating system is running on a target.
Vulnerability assessment — provides what potential vulnerabilities exist on a target system.
For a full list of its various capabilities, check out the official reference guide https://nmap.org/book/man.html
The tool can be installed on the command line by running the sudo apt install nmap on your terminal (for Debian users). There’s a GUI version that can be downloaded at https://nmap.org/download
The various options it offers can be listed via the man nmap | nmap — help or visiting the guide at https://nmap.org/book/man.html
2. Wireshark — network sniffing / malware analysis — wireshark is a packet analyzer that provides a mechanism of viewing the contents of a packet. It enables you to see what has been encapsulated in a packet as it traverses the various layers of networking. It can be used for:
Packet analysis — MAC Address, IP Address, Port Numbers, Payloads etc.
Statistics on end points — IP and MAC addresses and traffic flow.
Follow TCP/HTTP conversations.
Malware analysis — can be used alongside other tools to analyse how a malware operates.
The application can be downloaded from https://www.wireshark.org/#download
3. Metasploit — Metasploit Framework Console is a tool that can be used to carry out vulnerability exploitation. It offers a central mechanism for launching exploits and management of targets. Exploits vary from remote code execution, creating reverse shells, data exfiltration etc. It can be used for:
Command and control — the meterpreter shell is used to achieve this.
Launching attacks and exploits.
Pivoting and privilege escalation once a target has been infiltrated.
The tool comes preinstalled in Kali Linux and Parrot OS.
4. Msfvenom — this can be used for creating exploits to be used in testing your targets. It offers pre-configured exploits that one can easily generate without having the knowledge of programming. It will also assist you in encoding your payloads. The exploits can be used in Windows, Linux, Android among other systems. It’s capabilities include:
Creation and encryption of payloads
Supports multiple platforms and architectures
Installation: The tool comes preinstalled in Kali Linux and Parrot OS.
5. Aircrack — this suite can be used for cracking wireless networks i.e WEP, WPA and WPA2. Uses word-lists, dictionaries and other mechanisms to retrieve or break the key that has been used. It is used in combination with other wireless hacking tools such as airmon-ng & airodump.
The tool suite can be installed using <curl -s https://packagecloud.io/install/repositories/aircrack-ng/release/script.deb.sh | sudo bash >
6. Password crackers — there are various tools that one can use to cracks password hashes.
Hashcat & John The Ripper are two tools are commonly used in cracking of passwords hashes. They use dictionaries and word-lists to calculate password hashes and compares them with the provided hash for a match.
The tools can be installed using: <sudo apt install john> <sudo apt install hashcat>
7. Cryptography tools— cryptography is one of the easiest ways to evade firewall detection and hiding of data from unintended persons. As a cybersecurity expert you need to have the capability to see through what is visible being portrayed. Some of the tools that can help you achieve this include:
Steghide — can be used to hide data in plain-sight e.g a password can be embedded into a picture. The picture will be sent to the target who can then extract the password.
The tool suite can be installed using <sudo apt install steghide>
Exiftool — displays metadata that is included in a file, picture, video, audio etc.
The tool suite can be installed using <sudo apt install exiftool>
8. Burpsuite — it is a proxy tool that is used to intercept HTTP requests and responses. This can be further modified to either request or serve intended information which may be different from the expected results.
Can also be used for intercepting passwords and any other critical information sent in plaintext.
The tools described here are just a starting point if your are new in the cybersecurity field. As your experience grows, you will discover more tools and resources that you can use. Feel free to share what tools you use on you day to day life on the comments section.
About the Author: Davies Ombasa is a Certified Ethical Hacker, Cybersecurity Research and Practitioner. He specializes on OSINT, penetration testing and application security.
Twitter - @davies_ombasa
Medium - Davies Ombasa