Kali Linux tools and their uses:
Kali Linux comes with over 600 pre-installed tools for penetration testing, ethical hacking, digital forensics, and security auditing. Below is an extensive categorized list of Kali Linux tools and their uses:
1. Information Gathering Tools π΅️♂️
Used for reconnaissance and collecting target information.
| Tool Name | Use Case |
|---|---|
| Nmap | Network scanning and mapping. |
| theHarvester | Collects emails, subdomains, and more from public sources. |
| Maltego | Data visualization for OSINT and correlation. |
| Recon-ng | Web-based information gathering. |
| Whois | Gets domain registration details. |
| Dnsenum | Retrieves DNS records and subdomains. |
| Dnsrecon | DNS reconnaissance and enumeration. |
| Shodan | Searches for internet-connected devices. |
| SpiderFoot | Automates OSINT reconnaissance. |
| Netdiscover | Active/passive network scanning. |
2. Vulnerability Analysis Tools π
Used to detect weaknesses in networks, applications, and systems.
| Tool Name | Use Case |
|---|---|
| Nikto | Web server vulnerability scanner. |
| OpenVAS | Open-source vulnerability scanner. |
| Lynis | System and compliance auditing tool. |
| SQLmap | Detects and exploits SQL injection vulnerabilities. |
| Wapiti | Web vulnerability scanner. |
| Uniscan | Web application vulnerability scanner. |
| Yersinia | Attacks network protocols like DHCP, STP, CDP. |
3. Exploitation Tools π₯
Used for exploiting vulnerabilities in systems and applications.
| Tool Name | Use Case |
|---|---|
| Metasploit Framework | Popular penetration testing framework. |
| MSFvenom | Generates payloads for exploits. |
| BeEF | Exploits web browsers. |
| Commix | Finds and exploits command injection vulnerabilities. |
| Evil-WinRM | Remote access tool for Windows. |
4. Wireless Attacks Tools π‘
Used for auditing and attacking Wi-Fi networks.
| Tool Name | Use Case |
|---|---|
| Aircrack-ng | Cracks WEP and WPA/WPA2 passwords. |
| Reaver | WPS attack to retrieve WPA/WPA2 passphrase. |
| Wifite | Automated Wi-Fi attack tool. |
| Fern WiFi Cracker | GUI-based Wi-Fi hacking tool. |
| Kismet | Wireless network detector and sniffer. |
5. Password Cracking Tools π
Used for cracking and recovering passwords.
| Tool Name | Use Case |
|---|---|
| John the Ripper | Offline password cracking. |
| Hashcat | GPU-based password recovery. |
| Hydra | Online password brute-force attack. |
| Medusa | Brute-force attack on remote authentication. |
| CeWL | Custom wordlist generator. |
6. Web Application Testing Tools π
Used for assessing the security of web applications.
| Tool Name | Use Case |
|---|---|
| Burp Suite | Web vulnerability scanner and proxy tool. |
| OWASP ZAP | Automated web security scanner. |
| XSSer | Detects and exploits XSS vulnerabilities. |
| Nikto | Scans web servers for vulnerabilities. |
| WhatWeb | Identifies web technologies used on a site. |
7. Sniffing & Spoofing Tools π΅️
Used for network traffic analysis and data manipulation.
| Tool Name | Use Case |
|---|---|
| Wireshark | Packet capture and analysis. |
| Ettercap | Man-in-the-middle attack tool. |
| Bettercap | Advanced MITM attack framework. |
| Macchanger | Changes MAC address of a network adapter. |
8. Post Exploitation Tools π
Used after gaining access to maintain control and further exploit systems.
| Tool Name | Use Case |
|---|---|
| Netcat | Remote access and debugging. |
| Weevely | PHP web shell for post-exploitation. |
| Mimikatz | Extracts Windows passwords and credentials. |
| Empire | Post-exploitation framework. |
9. Forensics Tools π΅️♂️
Used for digital forensic investigations.
| Tool Name | Use Case |
|---|---|
| Autopsy | Digital forensic analysis of hard drives. |
| Volatility | Memory forensics tool. |
| Binwalk | Extracts and analyzes firmware images. |
| ExifTool | Extracts metadata from images and files. |
10. Social Engineering Tools π
Used for manipulating people into revealing sensitive information.
| Tool Name | Use Case |
|---|---|
| Social Engineering Toolkit (SET) | Simulates phishing and social engineering attacks. |
| Evilginx | Phishing attack framework. |
| HiddenEye | Advanced phishing tool. |
11. Reverse Engineering Tools π
Used for analyzing and modifying software or malware.
| Tool Name | Use Case |
|---|---|
| Ghidra | NSA's reverse engineering framework. |
| Radare2 | Open-source reverse engineering framework. |
| apktool | Reverse engineers Android applications. |
| OllyDbg | Debugs and disassembles Windows binaries. |
12. Hardware Hacking Tools π
Used for testing and exploiting hardware devices.
| Tool Name | Use Case |
|---|---|
| USB Rubber Ducky | Keystroke injection tool. |
| BadUSB | HID attack tool. |
| RFIDler | RFID hacking and testing. |
| HackRF | Software-defined radio for wireless attacks. |
13. Cryptography Tools π
Used for encryption, decryption, and cryptanalysis.
| Tool Name | Use Case |
|---|---|
| GPG | Encrypts and decrypts files using GPG keys. |
| Ciphertest | Tests cryptographic algorithms. |
| Hashdeep | Computes and matches hash values. |
14. Maintaining Access Tools π΅️♂️
Used for keeping control over compromised systems.
| Tool Name | Use Case |
|---|---|
| Weevely | PHP web shell for maintaining access. |
| Meterpreter | Post-exploitation payload in Metasploit. |
| SSH Backdoor | Creates persistent SSH access. |
15. VoIP and SIP Attack Tools π
Used for attacking VoIP and SIP-based systems.
| Tool Name | Use Case |
|---|---|
| SIPVicious | VoIP auditing and enumeration. |
| VOIPONG | Sniffs VoIP traffic. |
Conclusion
Kali Linux is packed with tools designed for ethical hacking, security testing, and penetration testing. The tools listed above are just a fraction of the 600+ available in Kali Linux. π
Comments
Post a Comment