Ethical Hacking – Part 1

Before going into details of how to ethical hacking we should be clear of what it is.

What is ethical hacking?

An ethical hacking is an attempt to penetrate networks and or computer systems, using the same method as a hacker would use for the purpose of finding and fixing computer security vulnerabilities.

Here are list of the hacking tools that are commonly required for hacking. This will be required for doing any type of ethical hacking.

Reconnaissance (and DNS)

1. Dig – DNS lookup utility
2. DNSMap – DNS mapping is a mechanism which allows hosts on a private LAN to use DNS Services even if the address of an actual DNS Server is unknown.
3. DNSTracer – Trace DNS queries to the source
4. DNSWalk – Checks DNS zone information using nameserver lookups
5. Netmask – Helps determine network masks
6. Relay Scanner – This program is used to test SMTP servers for Relaying problems
7. TCPTraceroute – Traceroute implementation using TCP packets
8. Firewalk – Firewalk is a network auditing tool that attempts to determine what transport protocols a given gateway will pass.

Foot-printing

1. Amap – Performs fast and reliable application protocol detection, independent of the TCP/UDP port they are being bound to.
2. Curl – Get a file from an HTTP, HTTPS or FTP server
3. Fping – Sends ICMP ECHO_REQUEST packets to network hosts
4. Hping3 – Active Network Smashing Tool
5. HTTprint – A web server fingerprinting tool
6. Ike-Scan – IPsec VPN scanning, fingerprinting and testing tool
7. MetoScan – HTTP method scanner
8. Nmap – The Network Mapper
9. Netcat – TCP/IP swiss army knife
10. P0f – Passive OS fingerprinting and masquerade detection utility
11. Zenmap – The Network Mapper Front End

Password Cracking

1. Chntpw – NT SAM password recovery utility
2. Rainbowcrack – Crack LM, MD5 and SHA1 hashes
3. THC PPTP Bruter – A brute forcing program against PPTP VPN endpoints (TCP port 1723)
4. VNCrack – Crack VNC passwords
5. John the ripper – A fast password cracker

Network Sniffing

1. DHCP Dump – DHCP packet dumper
2. Dsniff – Password sniffer
3. SSLDump – Dump SSL traffic on a network
4. Ntop – Displays top network users
5. Wireshark – Interactively dump and analyze network traffic

Spoofing (or Masquerading)

1. File2cable – Sends a file as a raw ethernet frame
2. Netsed – Network packet streaming editor
3. Sing – Send ICMP Nasty Garbage packets to network hosts
4. TCPreplay – Replay network traffic stored in pcap files

Wireless Networking Utilities

1. Aircrack-ng – Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured.
2. Kismet – Wireless sniffing and monitoring
3. THC Leap Cracker – The THC LEAP Cracker Tool suite contains tools to break the NTChallengeResponse encryption technique e.g. used by Cisco Wireless LEAP Authentication.
4. WEPCrack – WEPCrack is an open source tool for breaking 802.11 WEP secret keys.
5. WIDZ – Wireless Intrusion Detection System
6. Cowpatty – Brute-force dictionary attack against WPA-PSK

Miscellaneous

1. GDB – The GNU Debugger.
2. Hexdump – ASCII, decimal, hexadecimal and octal dump tool.
3. Hexedit – View and edit file in hexadecimal or in ASCII
4. Wipe – Securely erase files
5. Madedit -Text/Hex Editor

Next part will have how to use these tools to exploit vulnerabilities.