Nmap is an abbreviation of ‘Network Mapper’, as is a very well known free open source hackers tool. Nmap is used for network discovery and security auditing. Many system admins use nmap for network inventory, open ports, managing service upgrade schedules, and monitoring host or service uptime. The tool uses raw IP packets in creative ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions and possible patches) and what type and version of packet filters/ firewalls are being used by the target.
The Metasploit Project is a hugely popular pentesting or hacking tool that is used by cybersecurity professionals and ethical hackers. Metasploit is essentially a computer security project that supplies information about known security vulnerabilities and helps to formulate penetration testing and IDS testing.
Cain & Abel is a password recovery tool that is mostly used for Microsoft Operating Systems. This popular hacking tool allows the user to seek the recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks. Cain, as it is often referred to, can also record VoIP conversations, decode hashed scrambled passwords, recover wireless network keys and more! If you need a solid password cracking platform then look no further, Cain is certainly your friend.
Angry IP Scanner, also known as ‘ipscan’ is a freely available (open-source and cross-platform) hacking network scanner that is both fast and easy to use. The main purpose of this hacking tool is to scan IP addresses and ports to find open doors and ports. Worth noting that Angry IP Scanner also has a bunch of othere uses as well. Common users of this hacking tool includes network administrators and system engineers.
John the Ripper is a popular password cracking pentesting tool that is most commonly used to perform dictionary attacks. John the Ripper takes text string samples (from a text file, referred to as a wordlist, containing popular and complex words found in a dictionary or real passwords cracked before), encrypting it in the same way as the password being cracked (including both the encryption algorithm and key), and comparing the output to the encrypted string. This tool can also be used to perform a variety of alterations to dictionary attacks.
Although often considered as yet another password cracker, THC Hydra is hugely popular and has a very active and experienced development team. Essentially THC Hydra is a fast and stable Network Login Hacking Tool that will use dictionary or brute-force attacks to try various password and login combinations against an log in page. This hacking tool supports a wide set of protocols including Mail (POP3, IMAP, etc.), Databases, LDAP, SMB, VNC, and SSH.
Burp Suite has several features that can help the penetration tester or ethical hacker. Two commonly used applications used within this tool include the ‘Burp Suite Spider’ which can enumerate and map out the various pages and parameters of a web site by examining cookies and initiates connections with these web applications, and the ‘Intruder’ which performs automated attacks on web applications.
Snort is an awesome hacking and network tool that can be configured in one of three modes: it can either be used as a sniffer, packet logger, or within network intrusion detection. In the (more commonly used) sniffer mode, this hackers program will read (sniff) network packets and display them on a GUI. In the packet logger mode, Snort will audit and log packets to the disk. In intrusion detection mode, Snort monitors network traffic and analyzes it against a rule set defined by the user.
Ettercap has a huge following and is widely used by cybersecurity professionals. Ettercap works by placing the users network interface into promiscuous mode and by ARP poisoning the target machines, i.e. facilitating a ‘Main In The Middle’ or MITM attack. Once successfull Ettercap (and the hacker) can deploy various attacks on the victims. A popular feature about Ettercap is its’ ability to support various plugins.
Wapiti has a very loyal following. As a pentesting tool (or framework) Wapiti is able to scan and detect hundreds of possible vulnerabilities. Essentially this Multi Purpose Hacker Tools can audit the security of web applications by performing “black-box” scans, i.e. it does not study the source code of the application but will scan the HTML pages of the application seeking scripts and forms where it can inject data.