Kali Linux Tools
Kali Linux is a Linux based operating system, mostly used in penetration testing. Kali.org has recently released its new update with some extra functionalities. There are different types of tools that are present in Kali Linux to perform different operations.
Types of tools in Kali Linux
- Information Gathering
- Vulnerability Analysis
- Web Application Analysis
- Database Assessment
- Password Attacks
- Wireless Attacks
- Reverse Engineering
- Exploitation Tools
- Sniffing and Spoofing
- Post Exploitation
- Reporting Tools
- Social Engineering Tools
1. Information Gathering:
These software or applications have a job of collecting and formatting the data in a form that could further be used. This is similar to cookies used by different websites or your browsing history used by Google to personalize every advertisement and providing the best services to you. Kali operating system provides these tools to the developer and penetration testing community to help in gathering and formulating captured data. Some of the tools are:
- Stealth scan
Nmap is the most famous in these tools. Go to “Applications” then in “Information Gathering”, you will find these tools.
2. Vulnerability Analysis:
Vulnerability is a state or condition of being exposed to the possibility of being attacked or harmed in one or the other way. These tools are used to check a system or machine for any kind of flow and vulnerability available in them, which could lead to any security breach and data loss. These tools also help in fixing those vulnerability as identification make the user aware of the flow. For example: If windows release its new operating system, before providing it into the end-user they send for vulnerability analysis and fixes. Some of the tools:
All these tools are very common in the community. Go to “Applications” then in “Vulnerability Analysis”, you will find these tools.
3. Web Application Analysis:
Web Application is a dynamic response web page that helps in a better and interactive client-server relationship. These tools identify and access websites through the browser to check any bug or loophole present, which could lead any information or data to lose. For example, there is a website with a payment gateway then these web analyzers check if sufficient authentication and authorization present of the site. These web application uses:
- SQL injections
- Denial of service
- URL manipulation
Some of the tools are:
Burpsuite, vega, and web scarab are some most famous tools. Go to “Applications” then in “Web Application Analysis”, you will find these tools.
4. Database Assessment:
These applications are made to access the database and analyze it for different attacks and security issues. These assessment shows some opportunities for improvement and changes. They develop a report of the analysis done on the database system. They perform:
- Configuration checking
- Examining user account
- Privilege and role grants
- Authorization control
- Key management
- Data encryption
Some of the tools are:
- Jsql injection
Sqlmap is the most famous database assessment tool. This tool injects SQL injection for scanning, detecting, and exploitation. Go to “Applications” then in “Database Assessment”, you will find these tools.
5. Password Attacks:
These are basically a collection of tools that could handle the wordlist or password list to be checked on any login credentials through different services and protocols. Some tools are wordlist collectors and some of them are the attacker. Some of the tools are:
John the Ripper and Medusa are the most famous tools. Go to “Applications” then in “Password Attacks”, you will find these tools.
6. Wireless Attacks:
These tools are wireless security crackers, like breaking wifi – routers, working and manipulating access points. Wireless attacks are not limited to password cracking these are also used in information gathering and knowing behavior of victims over the internet. For example, the Victim is connected to a compromised access point or a fake access point then it can be used as a Man-in-The-Middle attack. Some of the tools are:
- Fern- wifi –cracker
- Ghost Phisher
Aircrack-ng and Ghost Phisher are the most famous tools. Go to “Applications” then in “Wireless Attacks”, you will find these tools.
7. Reverse Engineering:
Reverse Engineering is to break down the layers of the applications or software. This is used in creating cracks and patches for different software and services. These tools reach the source code of the application, understand its working and manipulate according to needs. For example, Reverse engineering tools are also used by High-End companies to know the logic and idea behind the software. Some of the tools are:
- nasm shell
Most famous tools are ollydbg and apltools. Go to “Application” then in “Reverse Engineering”, you will find these tools.
8. Exploitation Tools:
These tools are used to exploit different systems like personal computers and mobile phones. These tools can generate payloads for the vulnerable system and through those payloads information from the devices can be exploited. For example, the Victim’s system is compromised using payloads over internet or installing it if physically accessible. Some of the tools are:
- Beef xss framework
- Social engineering toolkit(root)
The most famous tool is Metasploit (there are courses to learn Metasploit alone). Go to “Applications” then in “Exploitation Tools”, you will find these tools.
9. Sniffing and Spoofing:
Secretly accessing any unauthorized data over network is sniffing. Hiding real identity and creating fake identity and use it for any illegal or unauthorized work is spoofing. IP spoofing and MAC spoofing are two famous and mostly used attacks. Some of the tools are:
The most used tool is Wireshark. Go to “Applications” then in “Sniffing and Spoofing”, you will find these tools.
10. Post Exploitation:
These tools use back doors to get back to the vulnerable system i.e. to maintain access to the machine. As the name suggests these are useful or mostly used after an attack has previously been made on the victim’s machine. For example, After an attack victim removed the vulnerability from the system, in this situation if attacker wants to access data again, then these tools are helpful. Some of the tools are:
- Veil –Pillage framework
- Powershell empire
The most famous tool is Powersploit. Go to “Applications” then in “Post Exploitation Tools”, you will find these tools.
These tools are used by forensic specialist to recover information from any system or storage devices. This helps in collecting information during evidence searching for any cybercrime. Some of the tools are:
The most famous tool is Autopsy, it has also been used by security forces, many judicial and investigating officials. Go to “Applications” then in “Forensics”, you will find these tools.
12. Reporting Tools:
After all the assessment and vulnerability testing analysts have to report all those to the client in an organised and authenticated way. These tools develop statistics and information to help in analysing. Some of the tools are:
- Faraday IDE
Most famous tools are faraday, Dradis, and Pipal. Go to “Applications” then in “Reporting Tools”, you will find these tools.
13. Social Engineering:
As the name suggests these tools generate similar services that people use in daily life and extract personal information using those fake services. These tools use and manipulate human behavior for information gathering. For example, Phishing is one of the example of social engineering, in this, a similar looking home page of any social platform is created and then login details are compromised. Some of the tools are:
- Ghost Phisher
- msf payload creator
- SET(social engineering toolkit)
The most famous social engineering tool is SET. Go to “Applications” then in “Social Engineering Tools”, you will find these tools.