What is kali linux
What is kali
Kali Linux is an operating system that works on Linux, it is very easy to use this operating system, Kali is the favorite tool of most hackers and ethical hackers, its most important thing is that there are many tools inside it which are The package is installed inside it, it is very easy to install any software, the user who works on it does not like other operating system, today in this post I will tell that inside Kali Linux How many free tools are found that are built in, which you do not need to install, although other tools are also installed in it but I will not talk about it now
Information gathering tool
Some information gating tools are built in inside Kali, now what are these tools, those tools which are available on open source easily find and give such as sub domain, host, IP address of a domain, its location, its region , country etc. These tools also remove the footprint of a person's mobile number, his email, etc. Now why do we use these tools?
Here let me tell you that for this you will have to search for a long time and information will come one by one, but you will get the information you want from these tools, if you want to do data mining of someone, then it is difficult to do it on the search engine. It happens that with the help of maltego, you will immediately generate a graph of the information related to a person or IP by mining the data, whereas it will take more time to do this on open source, with the help of this tool, the active hosts inside your networks and their Information about them such as their IP address can be known to their operating system etc. Below are some tools that are useful for information gating
Dmitry
Ike-scan
Legion
Maltego
Netdiscover
Nmap
p0F
Recon-ng
Spiderfoot
Vulnerability analysis tools
This type of tool scans the shortcomings inside any system such as open ports, any software deficiencies or shortcomings inside the website such as script deficiencies etc. It also tells that these types of tools are called vulnerability testing tools, there are some inbuilt such tools available inside Kali Linux which are as follows
Legion
lynis
Nikto
unix-privesc
Web application analysis tool
First of all let's know what is web application, then web application works on a client-server client needs a browser to use the application, from where the service takes through the server, it takes many operating systems If it works, then through these types of tools, you can scan the site map of any type of website by checking its scripting language, you can find out the flaws inside the server through these tools. Can detect the shortcomings as well as view the hidden files Web application analysis tools are as follows
burpsuit
Commix
httrack
Paros
skipfish
sqlmap
webscarab
wpsacn
ZAP
Database assessment tools
Database Assessment Tools are designed to analyze databases A database is a collection of different types of information that has a field and stores data according to the same field in a database such as hierarchical, network or relational form for which Managed, created through SQL language Database Assessment accesses the flaws inside the database, through which modifications or attempts are made to penetrate the database and all the paths or shortcomings found are rectified Database Assessment Tool The following type is
jSQL Injection
mdb- SQL
oscanner
sidguesser
sqldict
SQLite data
sqlmap
sqlninja
sqlsus
tnscmd10g
Password attack tools
In today's time, these tools are making a very important contribution, with the help of such tools, any password is cracked or recovered, for this, through different types of attacks such as dictionary, bruteforce and rainbow tables, etc., attack on your target. Accordingly, possible combinations of passwords are stored J, Dixonary and Hayes etc. For this the following tools are used which are as follows
cewl
Crunch
hashcat
john
johnny
medusa
ncrack
ophcrack
rainbowcrack
rcracki_mt
Wordlists
Wireless attack tool
This type of attack is done on an access point, in which the attacker tries to connect to any wireless point and authenticates for it and by cracking its password gets connected to the network of that access point. Becomes part of the network and performs its action on any host inside the network, for this many tools are used, some of which are given below
aircrack-ng
chirp
Cowpatty
Fern wifi crack
kismet
mdk3
mfoc
mfterm
pixiewps
reaver
wifite
Reverse engineering tool
First of all, we know that what is reverse engineering, as reverse means going backward, so this is a technique in which a software is analyzed, how are its structures, how are they made, where are they used? How has it been designed, now why reverse engineering was needed, so for an example, I am telling that suppose there is a software of Facebook which is very popular and someone is its competitor, then it can reverse engineering the software of Facebook. With the help of his design, he will try to see how his features are made so that he can acquire his technology and make himself like that, for this many tools come which are as follows.
apktool
bytecode viewer
Clang
Clang++
dex2jar
edb-debugger
jadx-gui
javasnoop
NASMshell
ollydbg
radare2
Exploitation tools
These tools are the most dangerous and the first choice of black hat hackers, there are many exploits inside these tools, which have different functions, hackers attack their victims with the help of these exploits, whether it is DoS denial on their system. For Service Attack or DDos Attack, he uses Exploit only to access a Victim's system. The following Exploitation Tools are available inside Kali Linux
।
armitage
Beef
metasploit
msfpayload
Social engineering toolkit
Terminator
Sniffing and spoofing tools
First of all, let us know what is packet sniffing, then we all know that any information or message in the network goes in the form of packets and for this there is a router which connects the two networks and from the router through the switch or hub. Reaches the user, here the hacker enters inside the network, monitoring or capturing all the packets that go or come inside the network and it keeps on analyzing which user is doing what, what is browsing What is sending to whom and then he tries to interrogate, it is of two types Active and Passive. Now let's talk about spoofing, then spoofing is such a technique in which the hacker tries to take any such data or service of which he is not the official, but the one who is the official of that data or service, he tries to take its place by him. If it is said in the native language, then attacking with a gun on the shoulder of another.
Now the server which is in it feels that whatever is connected with it is authorized while someone else is connected with it in its place and it keeps on providing service, it is also of many types in which IP spoofing is very famous. There are many tools available for snifffig and spoofing which are as follows
driftnet
ettercap
hamster
macchanger
mitmproxy
netsniff-ng
responder
wireshark
Post Explanation tools
Backdoor framework
exe2hex
mimikatz
powersploit
proxychains4
weevely
Forensic tools
Forensic tools recover deleted files, images or meta data inside any system such as Windows or Linux, which is used for forensic analysis, it is called forensic tools, some forensic tools are given below.
autopsy
binwalk
bulk_extract
chkrootkit
foremost
galleta
hashdeep
Reporting tools
These tools take a screenshot of any website's JavaScript, html or CSS and save it in bitmap format, which is used for user analysis, many such tools are given below.
cutycapt
dradis framework
faraday IDE
recordmydevice
Social engineering tools
Social engineering tools are those tools that make a user appear by mail or through a fake website or through an application that they are real and get information from them by deceiving them like phishing. For this also there are many tools which are like this
msfpayload
0 Comments