top of page
  • Writer's pictureCSNP
    • Nov 7, 2022
    • 4 min read

SECURITY TOOLS FOR A CYBERSECURITY PROFESSIONAL

MUST HAVE SECURITY TOOLS


Previously published, May 20, 2022 on Medium


Author Davies Ombasa


Starting a career in cybersecurity requires knowledge in diverse fields (Click here to check out my blog post on ‘Starting a career in Cybersecurity’). It also requires one to familiarize themselves with a number of tools. These tools play a big role in automating some of the rigorous tasks that one has to carry out. While there are numerous of tools out there that you can use, there is a baseline of the must know tools that cut across all. An understanding of these will provide good grounding to perform. This is not a comprehensive list. However, for a newbie, it will provide a good starting zone. Also worth mentioning; all these tools are FREE!

CAUTION: These tools should only be used on networks that you have authorization to test.


1. Nmap this is network mapper that provides you with various options to map out your network. It helps you in fingerprinting what is within your network. Some of its key features include:

  • Port scanning and service discovery — list of available ports on targets and what services are running on them.

  • Host discovery — lists devices that are connected to a network (list live IPs).

  • Fingerprinting — can discover what potential operating system is running on a target.

  • Vulnerability assessment — provides what potential vulnerabilities exist on a target system.

For a full list of its various capabilities, check out the official reference guide https://nmap.org/book/man.html

Installation:

The tool can be installed on the command line by running the sudo apt install nmap on your terminal (for Debian users). There’s a GUI version that can be downloaded at https://nmap.org/download

The various options it offers can be listed via the man nmap | nmap — help or visiting the guide at https://nmap.org/book/man.html



2. Wireshark network sniffing / malware analysis — wireshark is a packet analyzer that provides a mechanism of viewing the contents of a packet. It enables you to see what has been encapsulated in a packet as it traverses the various layers of networking. It can be used for:

  • Packet analysis — MAC Address, IP Address, Port Numbers, Payloads etc.

  • Statistics on end points — IP and MAC addresses and traffic flow.

  • Follow TCP/HTTP conversations.

  • Malware analysis — can be used alongside other tools to analyse how a malware operates.

Installation:

The application can be downloaded from https://www.wireshark.org/#download

3. Metasploit — Metasploit Framework Console is a tool that can be used to carry out vulnerability exploitation. It offers a central mechanism for launching exploits and management of targets. Exploits vary from remote code execution, creating reverse shells, data exfiltration etc. It can be used for:

  • Command and control — the meterpreter shell is used to achieve this.

  • Launching attacks and exploits.

  • Pivoting and privilege escalation once a target has been infiltrated.

Installation:

The tool comes preinstalled in Kali Linux and Parrot OS.


4. Msfvenom — this can be used for creating exploits to be used in testing your targets. It offers pre-configured exploits that one can easily generate without having the knowledge of programming. It will also assist you in encoding your payloads. The exploits can be used in Windows, Linux, Android among other systems. It’s capabilities include:

  • Creation and encryption of payloads

  • Supports multiple platforms and architectures

Installation: The tool comes preinstalled in Kali Linux and Parrot OS.

5. Aircrack — this suite can be used for cracking wireless networks i.e WEP, WPA and WPA2. Uses word-lists, dictionaries and other mechanisms to retrieve or break the key that has been used. It is used in combination with other wireless hacking tools such as airmon-ng & airodump.