Hacker
Professional
- Messages
- 1,041
- Reaction score
- 852
- Points
- 113
Information GatheringThese are Reconnaissance tools used to gather data on your target network and devices. Tools range from identifying devices to
protocols used.
? Vulnerability Analysis
Tools from this section focus on evaluating systems for vulnerabilities. Typically, these are run against systems found using the
Information Gathering Reconnaissance tools.
? Web Applications
These are tools used to audit and exploit vulnerabilities in web servers. Many of the audit tools we will refer to in this book come
directly from this category. However web applications do not always refer to attacks against web servers, they can simply be web-based tools for networking services. For example, web proxies will be found under
this section.
? Password Attacks
This section of tools primarily deals with brute force or the offline computation of passwords or shared keys used for authentication.
? Wireless Attacks
These are tools used to exploit vulnerabilities found in
wireless protocols. 802.11 tools will be found here, including tools such as aircrack, airmon, and wireless password cracking tools. In addition, this section has tools related to RFID and Bluetooth vulnerabilities as well. In many cases, the tools in this section will need to be used with a wireless adapter that can be configured by Kali to be put in promiscuous mode.
? Exploitation Tools
These are tools used to exploit vulnerabilities found in systems. Usually, a vulnerability is identified during a Vulnerability Assessment of a target.
? Sniffing and Spoofing
These are tools used for network packet captures, network packet manipulators, packet crafting applications, and web spoofing. There are also a few VoIP reconstruction applications.
Maintaining AccessMaintaining Access tools are used once a foothold is established into a target system or network. It is common to find compromised systems having multiple hooks back to the attacker to provide alternative routes in the event a vulnerability that is used by the attacker is found and remediated.
? Reverse Engineering
These tools are used to disable an executable and debug programs. The purpose of reverse engineering is analyzing how a program was developed so it can be copied, modified, or lead to development of other programs. Reverse Engineering is also used for malware analysis to determine what an executable does or by researchers to attempt to find vulnerabilities in software applications.
? Stress Testing
Stress Testing tools are used to evaluate how much data a
system can handle. Undesired outcomes could be obtained from overloading systems such as causing a device controlling network communication to open all communication channels or a system shutting down (also known as a denial of service attack).
? Hardware Hacking
This section contains Android tools, which could be classified as mobile, and Ardunio tools that are used for programming and controlling other small electronic devices.
? Forensics
Forensics tools are used to monitor and analyze computer network traffic and applications.
Reporting ToolsReporting tools are methods to deliver information found during a penetration exercise.
System ServicesThis is where you can enable and disable Kali services.
Services are grouped into BeEF, Dradis, HTTP, Metasploit, MySQL, and SSH
Source : From A Book — (>_<)
