Henry Dalziel | Pentesting Tools | September 14, 2015
Yes and No.
Here’s a super-quick logic why they should, and shouldn’t, be legal:
Let’s talk a look at the ‘YES’ argument in more depth (i.e. Hacking Tools SHOULD be made more public with more exposure)
We launched the ‘Concise Hacker Tools’ directory a while back now which has become the web’s #1 resource for ‘Hacking Tools’ (some call them ‘Pentesting Tools’). The mere fact that we launched our directory indicates which side of the fence we are on with this argument, but we wanted to post this article to try and get some feedback from the community at large.
We launched our Hacking Tools directory because in Cyber Security – Cyber Professionals (Information Security Pro’s) must use ‘tools’ to do their job. If you think of an Ethical Hacker (Penetration Tester) or a Network Engineer as a plumber you’ll almost certainly agree with us that they are wholly dependent on how well they use their tools. For a plumber a plunger is their best friend, for an Ethical Hacker or Network Engineer – nmap would be their best friend!
“…A good tradesman doesn’t blame his tools…”
That’s an age-old quote and it’s true (…to an extent….) but let’s face it, being able to use Pentesting Tools such as network scanners and password crackers makes life easier for Cyber Security folk out there. Period.
Let’s talk a look at the ‘No’ argument in more depth (i.e. Hacking Tools SHOULD be made less public with less exposure)
The obvious comment here is that – good luck! Imagine trying to police the Internet and remove tutorials, tips etc on where to access, download and use Hacker Tools. Even if there was an effort to clean up the Internet and remove Cyber Tools that could be used to bring down sites etc, then they’d just be re-populated in the Dark Web.
What brought about this post? It all came from an email we received a while back which I can’t find anymore. In that email a blogger asked in an upset tone to remove our ‘Hacking Tools’ directory. Why? Because his blog was hacked into and (apparently) the hacker obtained his ‘know-how’ from us. Although that sequence of events is doubtful it did spawn the creativity to launch this post which we hopes stimulates discussion.
Our bottom line is this: we want to help the Cyber Security community, not least because the tools that we mention in our Cyber Security Hacking Tools Directory are used by 90% of the community we serve and to better work with these tools makes all of our jobs a whole lot easier.
What do you guys think? Do you think that there are too many sites out there that promote how to use these tools that often end up in the hands of script-kiddies? Did you learn from sites such as ours regarding using these tools and if so which sites do you recommend? Let us know we’d love to have your feedback.