Ethical Hacking Tools - Ethical Hacking

What are the tools used to prevent Hacking?

The famous tools used to prevent hacking and unauthorized access to a computer are:

NMAP

NMAP stands for Network Mapper. Network discovery and security auditing is done by NMAP too. It is basically designed for scanning of large networks but it works for single hosts as well. For tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime, it is found to be useful.

Nmap uses raw IP packets to determine −

  • what hosts are available on the network,
  • what services those hosts are offering,
  • what operating systems they are running on,
  • what type of firewalls are in use, and other such characteristics.

Nmap runs on all major computer operating systems such as Windows, Mac OS X, and Linux.

Metasploit

Metasploit is a powerful tool. It is a product of Rapid7 and its resources are found at: www.metasploit.com. Two versions of Metasploit are available - commercial and free edition. It is used with Web UI or with command prompt.

The operations performed by Metasploit are−

  • Conduct basic penetration tests on small networks
  • Run spot checks on the exploitability of vulnerabilities
  • Discover the network or import scan data
  • Browse exploit modules and run individual exploits on hosts

Burp Suit

Burp Suit is very popular and is used for undertaking the security tests for web application. The various tools of Burp Suit enables to work in collaboration supporting the testing process right from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Burp is simple and easy to use and facilitates the administrators with full control so that all the advanced manual techniques are combined with the efficient testing automation. Burp can be easily configured and it contains features to assist even the most experienced testers with their work.

Angry IP Scanner

Angry IP scanner is a lightweight, cross-platform IP address and port scanner. Any range IP addresses can be scanned by Angry IP scanner. It is easy to be used anywhere and is freely copied. It uses multithreaded approach to increase the scanning period, where for each scanned IP address a separate scanning thread is created.

Angry IP Scanner pings each IP address to check if it’s alive, and then, it resolves its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be saved to TXT, XML, CSV, or IP-Port list files. With help of plugins, Angry IP Scanner can gather any information about scanned IPs.

Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It easily recovers various kinds of passwords by using any one among the following methods:

  • sniffing the network,
  • cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks,
  • recording VoIP conversations,
  • decoding scrambled passwords,
  • recovering wireless network keys,
  • revealing password boxes,
  • uncovering cached passwords and analyzing routing protocols.

Cain & Abel is a useful tool for security consultants, professional penetration testers and for using for ethical reasons.

Ettercap

Ettercap stands for Ethernet Capture. It is a network security tool used for attacks like Man-in-the-Middle. Some of its features include - sniffing of live connections, content filtering on the fly and many other interesting tricks. It also has some inbuilt features for host and network analysis. The active and passive dissections of the protocols are supported by Ettercap.

Ettercap can be run on all the popular operating systems such as Windows, Linux, and Mac OS X.

EtherPeek

EtherPeek is a tool to simplify the network analysis in a multiprotocol heterogeneous network environment. EtherPeek tool can be easily installed as it is a small tool.

EtherPeek proactively sniffs traffic packets on a network. By default, EtherPeek supports protocols such as AppleTalk, IP, IP Address Resolution Protocol (ARP), NetWare, TCP, UDP, NetBEUI, and NBT packets.

SuperScan

SuperScan is a powerful tool used for scanning TCP ports and resolving hostnames, used by network administrators. It has a user friendly interface that can be used to −

  • Perform ping scans and port scans using any IP range.
  • Scan any port range from a built-in list or any given range.
  • View responses from connected hosts.
  • Modify the port list and port descriptions using the built in editor.
  • Merge port lists to build new ones.
  • Connect to any discovered open port.
  • Assign a custom helper application to any port.

QualysGuard

QualysGuard is an integrated set of tools meant for simplifying the security operations at a low compliance cost. Critical security intelligence is delivered on demand and the full spectrum of auditing, web applications and the IT systems are automated.

A set of tools that can monitor, detect, and protect your global network are included in QualysGuard.

WebInspect

WebInspect is a web application security assessment tool used for identifying the known and unknown vulnerabilities within the Web application layer.

It is also used for checking the configuration of the web server, and some of the web attacks like parameter injection, cross-site scripting, directory traversal can be attempted,

LC4

LC4 was earlier known as L0phtCrack. It is a password auditing and recovery application. Password strength is tested and Microsoft Windows passwords which are lost can be recovered by LC4. In the process it uses dictionary, brute-force, and hybrid attacks.

The migration of the user to another authentication system is done by recovering the Windows user account passwords.

LANguard Network Security Scanner

LANguard Network Scanner scans the connected machines and monitors the network and provides information about each node. Information about the individual operating system can also be obtained.

It can also detect registry issues and have a report set up in HTML format. For each computer, list the netbios name table, current logged-on user, and Mac address can be listed.

Network Stumbler

Network stumbler is a WiFi scanner and monitoring tool for Windows. WLANs are detected by the network professionals. It can be used to find the non-broadcasting wireless networks by the hackers and networking professionals.

Network Stumbler can be used to verify the configuration of a network, signal strength, interface detection between one or more wireless networks and also by non-authorized connections.

ToneLoc

ToneLoc stands for Tone Locator. It was a popular war dialling computer program written for MS-DOS in the early 90’s. For breaching computer security, nasty hackers use the resulting lists - for guessing user accounts, or locating modems that might provide an entry-point into computer or other electronic systems.

Unauthorized devices on a computer’s telephone network are detected by security personnel by using ToneLoc.

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

Ethical Hacking Topics