These tools can be considered as being the Swiss Army Knife of Pentesting and Cyber Hacking. Updated for 2020, enjoy!
Posted by Henry Dalziel | December 16, 2019 | Questions / Comments 5
- C|EH, Security+, MSc Marketing Management;
- Based in Hong Kong for the last five years;
- Cybersecurity Pro & Growth Hacker
We list a bunch of information on cybersecurity/ pentesting tools and hacker software and invariably there is a lot of cross-over with the different categories that exist in the wild.
Many of the tools listed on this page are not only incredibly popular, but they are also very versatile and if deemed so by our team then we’ve gone ahead and taken the liberty of adding them to this page.
Join Our Mailing List & Get Tool Updates / Tutorial Info
Please Share This Resource! [HINT: We'll LOVE YOU for it!]
What is Core Impact?
Core Impact is considered to be the greatest exploitation tool available. It has a huge and regularly updated database of exploits and can do neat tricks like exploiting one computer system than building an encrypted tunnel through that system to reach and exploit other machines.
Is Core Impact Free? No, and this tool is expensive (about $30,000).
Does Core Impact Work on all Operating Systems? Core Impact is natively working on Microsoft Windows.
What are the Typical Uses for Core Impact? With this tool, users can: Leverage true multi-vector testing capabilities across network, web, mobile, and wireless. Run and check for a high level of unique CVEs (in some cases more than other multi-purpose tools) and validate patching efforts to ensure vulnerabilities were remediated correctly.
What is Curl?
Curl is a command line tool and used as a library for transferring data with URL syntax. This tool support a huge range of protocols including but not limited to: FILE, DICT, FTP, FTPS, HTTP, HTTPS, IMAP, Gopher, IMAPS, LDAP, LDAPS, POP3, POP3S, RTSP, RTMP, SCP, SFTP, SMTPS, TFTP and more. It also supports SSL certificates, proxy tunneling, file transfer resume and more.
Is Curl Free? Yes, this tool is free to use.
Does Curl Work on all Operating Systems? Curl works on operating systems like Windows, Linux, and MAC OS X.
What are the Typical Uses for Curl? Curl is used in command lines or scripts to transfer information. It can also be used in television sets, routers, cars, printers, audio equipment, tablets, mobile phones, settop boxes, and media players and is the transfer backbone of the internet for thousands of software applications totally affecting at least one billion users.
What is Etherape?
Etherape is a Graphical Network Monitor that is modeled after etherman. It features an IP, TCP and link layer modes that displays network activity graphically. Links and hosts change in size with traffic. It also has a color coded protocols displays. This tool supports Hardware and Protocols such as FDDI, Ethernet, ISDN, Token Ring, SLIP, PPP and WLAN devices plus a lot of encapsulation formats. EtherApe can filter traffic to be shown and can read packets coming from a file as well as life from the network. Node statistics can also be exported.
Is Etherape Free? Yes, Etherape is free to use.
Does Etherape Work on all Operating Systems? Etherape works on Linux and MAC OS X operating systems.
What are the Typical Uses for Etherape? Etherape is primarily used to track several types of network traffic.
What is Ettercap?
Ettercap is an open-source network security tool made for man in the middle attacks on local area networks. It works by ARP poisoning the computer systems and putting a network interface into promiscuous mode. Thereby it can unleash several attacks on its victims. It also has plugin support so features can be extended by putting new plugins.
Is Ettercap Free? Ethercap is free and can be downloaded through their website which can be found here https://ettercap.github.io/ettercap/
Does Ettercap Work on all Operating Systems? It works on several operating systems including Windows, Mac OS X, and Linux.
What are the Typical Uses for Ettercap? Ettercap is used to content filtering on the fly, sniff live connection and many more. It is also used for security auditing and computer network protocol analysis. It has the capability to intercept traffic on a network segment, conduct active eavesdropping against common protocols and also used to capture passwords.
Firebug is a free and open-source web browser extension that currently works on Firefox and Chrome. Although not stictly speaking a ‘hackers tool’, Firebug helps the penetration tester understand how certain technologies and systems works and therefore he or she is able to find holes that might be able to be exploited.
Is Firebug Free? Yes, Firebug is free.
Does Firebug Work on all Operating Systems? Works on Linux, Microsoft Windows and MAC OS X.
What is Inssider?
Inssider is a wireless network scanner and was designed to overcome limitation of another tool which is NetStumbler. Inssider can track signal strength over time, open wireless access points and save logs with GPS records.
Is Inssider Free? This is now a pay to use application.
Does Inssider Work on all Operating Systems? It can be used on both Windows and Apple operating systems.
What are the Typical Uses for Inssider? There are several uses for Inssider. It can collect data from wireless card and software. Assist with selecting the best wireless channel available. Render useful Wi-Fi network information such as SSID, MAC, vendor, data rate, signal strength, and security. Show graphs that signal strength over time. Shows which Wi-Fi network channels overlap. It also offers GPS support and data can be exported as Netstumbler (.ns1) files.
What is Kismac?
KisMAC is a wireless network discovery hacking tool. Even though the codebase is different, this popular wireless stumbler provides several of the features of its namesake Kismet. This tool offers a beautiful GUI and was around even before Kismet was ported to MAC OX X. It also offers mapping, logging and Pcap-format import.
Is Kismac Free? Yes, the use of this product is free.
Does Kismac Work on all Operating Systems? No, this hacking tool is exclusively for Mac OS X.
What are the Typical Uses for Kismac? KisMAC has many uses that are all very similar to, and drew influence from – Kismet (which is the Linux/ BSD version of this hacking tool). This software helps network cybersecurity professionals and is shipped under GNU General Public License regulations. KisMAC scans for networks passively on supported wireless cards – including Apple’s AirPort, and AirPort Extreme, and many third-party cards, and indeed on any other card that is supported by Apple Mac. Cracking of WEP and WPA keys, both by brute force, and exploiting flaws such as weak scheduling and poorly generated keys is supported when a card capable of monitor mode is used, and packet reinjection can be done with a supported card (Prism2 and some Ralink cards). GPS mapping can be performed when an NMEA compatible GPS receiver is attached.
What is Kismet?
Kismet is a packet sniffer, network detector and intrusion detection system for 802.11 wireless local area networks. This tool will work with other wireless cards that supports raw monitoring mode and can also sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic.
Is Kismet Free? Kismet is free for use.
Does Kismet Work on all Operating Systems? The tool work on different systems including Linux, FreeBSD, OpenBSD, NetBSD and MAC OS X. It can also run on Microsoft windows.
What are the Typical Uses for Kismet? Kismet is used in a number of open-source and commercial projects. For an inexpensive wireless intrusion detection system, it can be used with other packages. It has also been used in a number of peer-reviewed studies.
What is Metasploit?
In 2003, H.D. Moore, (a Cyber Security Researcher and Program Developer from the US) started the Metasploit Project with the intention being to create a public and freely accessible resource to obtain exploitable code for research and development.
The Metasploit Project is credited with the creation of the ‘Metasploit Framework’, which has become an open-source exploit framework used for IT Security penetration testing and research and – ahem – also blackhat hacking!
In 2009, Metasploit was acquired by Rapid7, but was still managed by HD until 2013 when he handed management of the Metasploit department in order to expand Rapid7’s research capabilities.
In early 2016 HD left Rapid7 for a new venture.
Metasploit is awesome. Like the other top ten tools mentioned in our mega top ten hacking tools post it is a ‘must-learn’ security tool. The Metasploit Framework gives data about security vulnerabilities and helps in IDS signature development and penetration testing.
The tool has been completely rewritten in Ruby. If you are new to Metasploit or are a beginner to the Metasploit Framework then you should consider this tool as being a “Vulnerability Exploitation Tool”.
Is Metasploit Free? Yes and no…the Metasploit Framework is free and can be downloaded here. Since the tool was acquired by Rapid7 there are two core proprietary editions called Metasploit Pro and Metasploit Express. If you’re new to pentesting and are looking to get started in Cyber Security then we’d highly encourage you to get started with the Metasploit Framework because you’ll absolutely learn a ton.
What’s the Difference between Metasploit Framework and Metasploit Pro Framework? Whilst Metasploit Framework is free, its’ functionality is relatively basic. Professional security researchers, pentesters and ethical hackers would likely prefer to use Metasploit Pro which is the fully-fledged security solution for security programs and advanced penetration tests for SME’s and enterprise-level organizations.
Metasploit Pro would be used for in-depth IT security auditing.
What Are Vulnerability Exploitation Tools? Metasploit can be categorized in many ways, but we here at concise like to place this tool, or perhaps better said, ‘Framework’, as being a Vulnerability Exploitation Tool. Vulnerability Exploitation Tools are mainly used to discover if an attacker could find overflow weakness to install malware, or to discover fundamental operating and network system design flaws.
Does Metasploit Work on all Operating Systems? Metasploit runs on Unix (including Linux and Mac OS X) and on Windows, and the Metasploit Framework has been translated in verbose to dozens of languages.
What are Typical Uses for Metasploit? We’ve written a separate blog post on the uses of Metasploit here, but as a summary, there are five uses or ‘steps’ that a pentester or ethical hacker would use Metasploit for. They are:
Step 1: Choosing and configuring an exploit code
This step requires the professional to select code with the purpose of being able to penetrate a target system by taking advantage of a ‘vulnerability’ that is inherently embedded in the target box or network. Metasploit can pull nearly 1,000 exploits for Windows, Unix/Linux and Mac OS X systems
Step 2: Checking the Target
This step allows the hacker to discover with more accuracy if the target is penetrable with the chosen exploit. If not, then select another!
Step 3: Select and configure a payload to send to the target.
This could include, for instance, a remote shell or a VNC server.
Step 4: Get around the IDS/ IPS system (Intrusion Detection System)
This step is all about using Metasploit to encode and encrypt the attack to essential go ‘under the radar.’
Step 5: Executing the exploit
This final step is all about the final and actual hack that can either pwn a box or network and/ or be able to remove data or deface a website (for example).
What is Netcat?
Netcat is an open-source tool used for reading and writing data across UDP or TCP network connections. It is created to be a back-end tool to use directly by other tools or scripts. Netcat was voted as the second most functional network security in 2000. In 2003 and 2006, it gained 4th place in the same category.
Is Netcat Free? Yes, Netcat is free.
Does Netcat Work on all Operating Systems? Netcat works on Linux, Windows and MAC OS X.
What are the Typical Uses for Netcat? This tool focuses on reading and writing data across UDP or TCP network connections. It is created to be a back-end tool to use directly by other tools or scripts.
What is Netsparker?
Netsparker labels itself within a hacking tool category of ‘Web Application Security Scanner’ which is designed to discover and audit web application vulnerabilities such as SQL Injection and Cross-site Scripting (XSS) possibilities. Netsparker works on hundreds of web applications and websites regardless of the Operating System and/ or technology.
Netsparker is used by professionals within the cybersecurity space and is considered by many as being easy to use. An interesting fact about Netsparker is that the developers claim that they have designed a ‘unique detection and safe exploitation technique’ that results in creating accurate reporting. The developers are very confident in that they label their software as being the ‘first and only False Positive Free web vulnerability scanner’.
Is Netsparker Free? No, Netsparker is a paid tool.
Does Netsparker Work on all Operating Systems? Netsparker is a Windows-only tool.
What are the Typical Uses for Netsparker? Uses of this tool include Advanced Scanning. Proof-Based Scanning. Web Services Scanning that is frequently used by companies since communication between network, application and web-based devices is improved. Its also used to report vulnerabilities with a high degree of accuracy and specificity and with this tool, you can actively exploit vulnerabilities.
What is NetStumbler?
Netstumbler is one of the well-known Windows tools for finding open wireless access points. They also distributed a WinCE version created for PDAs and named it MiniStumbler. Netstumbler uses a more active approach to finding WAPs than other tools. The last time we checked NetStumbler didn’t seem to have been updated – but we could be wrong! If we are please go ahead and drop a comment below – we and our community would really appreciate it.
Is NetStumbler Free? Yes, this tool is free but no source code is provided.
Does NetStumbler Work on all Operating Systems? Netstumbler is a Windows-only tool.
What are the Typical Uses for NetStumbler? Netstumbler is commonly used for Wardriving. Finding locations with poor coverage in WLAN. Verifying network configurations. It helps in detecting causes of wireless interference. Detects unauthorized access points and aiming directional antennas for long-haul WLAN links.
What is Ngrep
This tool – ngrep – (which is a concatenation of ‘Network Grep’) is a network packet analyzer that works within the command line, and is reliant on the pcap library and the GNU regex library. ngrep is similar to tcpdump, but it offers more in that it will show the ‘regular expression’ in the payload of a packet, and also demonstrate the matching packets on a screen or console. The end result is that the user (typically a penetration tester or network security engineer) will see all unencrypted traffic being passed over the network. You need to put the network interface into promiscuous mode in order for this to work.
Is Ngrep Free? Downloading and using of Ngrep is free.
Does Ngrep Work on all Operating Systems? It works on operating systems running Linux, Windows and MAC OS X.
What are the Typical Uses for Ngrep? Ngrep is used to store traffic on the wire and store pcap dump files and read files generated by tools like tcpdump or wireshark.
Is Ntop Free?
Yes, Ntop is free to use.
Does Ntop Work on all Operating Systems? Ntop works on Linux, Microsoft Windows and MAC OS X operating systems.
What are the Typical Uses for Ntop? Ntop is used to show network usage in real time. You can use web browsers like Google Chrome or Mozilla to manage and navigate through traffic information to understand more about network status. It monitors and supports protocols like Decnet, DLC, AppleTalk, TCP/UDP/ICMP, (R)ARP, Netbios and IPX.
What is Paros Proxy?
Parox Proxy is a java-based web proxy used for assessing vulnerabilities in web application. This tool supports viewing and editing of HTTP/HTTPS messages to change items such as form fields and cookies. It also has a web traffic recorder, hash calculator, web spider and a scanner for testing common web application attacks such as cross-site scrtipting and SQL injection.
Is Paros Proxy Free? Paros Proxy is totally free.
Does Paros Proxy Work on all Operating Systems? Paros Proxy works on Linux, Windows and MAC OS X.
What are the Typical Uses for Paros Proxy? Paros Proxy is created for users who need to evaluate their web applications’ security. It has the ability to intercept and modify HTTP and HTTPS data between a server and client.
What is Rat Proxy?
This tool is a large passive and semi-automated security audit tool. It is optimized for sensitive, accurate detection and automatic annotation of security-relevant design patterns and potential problems based on the observation of existing user-initiated traffic in web 2.0 environments.
Is Rat Proxy Free? Yes. It is free to use.
Does Rat Proxy Work on all Operating Systems? Rat Proxy works on Linux, Mac OS X and Windows.
What are the Typical Uses for Rat Proxy? Typical uses of this tool include detection and broad classes prioritization of security problems such as script inclusion issues, dynamic cross-site trust model considerations, insufficient XSRF and XSS defenses, content serving problems and a lot more.
Our list of classic Hacking Tools suddenly looks rather pale compared to this new exciting data exfiltration tool called ‘USBee’.
Called ‘USBee’ because it functions in a similar fashion to a bee flying through the air, this blackhat tool (we can’t see a whitehat use for it…) does feel like the start of a new era. The Cyber Security community has known about this for a while now, indeed, several years ago (one of many) documents leaked by former National Security Agency contractor Edward Snowden specifically described how a modified USB device allowed hackers to remove data out of targeted computers, even when they were physically disconnected from the Internet or other networks (‘Air-Gapped’). What Edward Snowden revealed was code named ‘CottonMouth’.
Researchers have been able to reverse engineer this technology and develop software that actually goes a step further by turning unmodified USB devices into transmitters that can send large amounts of data out of similarly ‘air-gapped’ boxes.
It’s worth mentioning that this is not the first time these researchers from Ben-Gurion University; have exploited a USB devices to make air-gapped computers secretly communicate data BitWhisper, AirHopper, GSMem, and Fansmitter, but the difference here is that their previous examples, the hackers had to introduce a malicious USB device that already contained modified hardware. With USBee, the team (Mordechai Guri, Matan Monitz and Yuval Elovici) – created software that tricks the infected host into using an average and ‘clean’ USB drive as a transmitter. USBee sends data at about 80 bytes per second, which is sufficient enough to steal 4096-bit encryption key in under ten seconds. Once transmitted, the data is read by a GNU-radio-powered receiver and demodulator.
How does it work? The malware works by using the “USB data bus in order to create electromagnetic emissions from a connected USB device” which then [is able to] “modulate any binary data over the electromagnetic waves and transmit it to a nearby receiver.” Here is the official white paper.
There are limitations This cyber-attack does have its’ restrictions, however, the host (target) must first be infected somehow, and to intercept the code, the hacker would need to place a receiver close by (the range is about 9-26 feet).
What is P0f?
p0f is a passive fingerprinting tool that can identify the machines you connect to, machines that connect to your box and even machines that go near your box even if that device is behind a packet firewall.
Is P0f Free? Use of this tool is free.
Does P0f Work on all Operating Systems? P0f works on Linux, Microsoft and MAC OS X operating systems.
What are the Typical Uses for P0f? P0f is used to identify the target host’s operating system by simply examining packets captured even when the device is behind a packet firewall. It can also detect what kind of remote system is hooked up to or how far it is located. The latest beta can detect illegal network hook-ups. P0f can detect types of NAT setups and packet filters and can sometimes determine the ISP of the other person.
You may also like...
We've interviewed over 25 Cybersecurity Professionals to ask them that exact question...