Home > Article > Operation and Maintenance > What tools are available in kali linux?
kali linux tools include: 1. Nmap; 2. Lynis; 3. WPScan; 4. Aircrack-ng; 5. Hydra; 6. Wireshark; 7. Metasploit Framework; 8. Skipfish; 9. Maltego, etc. wait.
The operating environment of this tutorial: Kali Linux 2021.4 system, Dell G3 computer.
Kali Linux is a Debian-based Linux distribution designed as a digital forensics operating system. Updated quarterly. Maintained and funded by Offensive Security Ltd. It was first accomplished by Offensive Security's Mati Aharoni and Devon Kearns by rewriting BackTrack, a Linux distribution they had previously written for forensics.
So what are the tools for kali linux
1. Nmap
Nmap (i.e. "Network Mapper ( Network Mapper") is one of the most popular information gathering tools on Kali Linux. In other words, it can obtain information about a host: its IP address, operating system detection, and network security details (such as the number of open ports and their meaning).
It also provides firewall circumvention and spoofing capabilities.
2. Lynis
Lynis is a powerful tool for security auditing, compliance testing and system hardening. Of course, you can also use it for vulnerability detection and penetration testing.
It will scan the system based on the detected components. For example, if it detects Apache - it will run Apache related tests against the portal information.
3. WPScan
WordPress is one of the best open source CMS, and this tool is the best free WordPress security audit tool. It's free, but not open source.
If you’ve ever wondered if a WordPress blog is vulnerable in some way, WPScan is your friend.
Additionally, it provides you with detailed information about the plugins used. Of course, a well-secured blog may not expose you to a lot of details, but it’s still the best tool for WordPress security scans to find potential vulnerabilities.
4. Aircrack-ng
Aircrack-ng is a collection of tools for evaluating WiFi network security. It’s not limited to monitoring and obtaining information – it also includes the ability to compromise networks (WEP, WPA 1 and WPA 2).
If you forget your password for your WiFi network, you can try using it to regain access. It also includes various wireless attack capabilities that you can use to locate and monitor WiFi networks to enhance their security.
5, Hydra
If you are looking for an interesting tool to crack login passwords, Hydra will be one of the best tools pre-installed on Kali Linux one.
It may no longer be actively maintained, but it's now on GitHub, so you can contribute to it too.
6. Wireshark
Wireshark is the most popular network analyzer on Kali Linux. It can also be classified as one of the best Kali Linux tools for network sniffing.
It is actively maintained, so I would definitely recommend you try it.
7. Metasploit Framework
Metsploit Framework (MSF) is the most commonly used penetration testing framework. It is available in two versions: an open source version and its professional version. Using this tool, you can verify vulnerabilities, test for known vulnerabilities, and perform a complete security assessment.
Of course, the free version doesn’t have all the features, so if you care about their differences, you should compare the versions here.
8, Skipfish
Similar to WPScan, but it doesn’t just focus on WordPress. Skipfish is a web application scanner that can provide you with insights into almost any type of web application. It's fast and easy to use. Additionally, its recursive crawling approach makes it easier to use.
Skipfish generates reports that can be used for professional web application security assessments.
9, Maltego
Maltego is an impressive data mining tool for analyzing information online and connecting information dots (if any talk). Based on this information, it creates a directed graph to help analyze the links between this data.
Please note that this is not an open source tool.
It comes pre-installed, but you must register to choose which version to use. If you want to use it personally, the community version is enough (you only need to register an account), but if you want to use it commercially, you need to subscribe to the classic or XL version.
10. Nessus
If your computer is connected to a network, Nessus can help you find vulnerabilities that potential attackers could exploit. Of course, if you are an administrator of multiple computers connected to your network, you can use it and protect those computers.
However, it is not a free tool anymore, you can try it for free for 7 days from the official website.
11. Burp Suite Scanner
Burp Suite Scanner is an excellent network security analysis tool. Unlike other web application security scanners, Burp provides a GUI and some advanced tools.
The Community Edition only limits functionality to some basic hand tools. For pros, you have to consider upgrading. Similar to the previous tool, this is not open source.
I have used the free version, but if you want to know more details, you should check out the features available on their official website.
12. BeEF
BeEF (Browser Exploitation Framework) is another impressive tool. It is tailored for penetration testers to assess web browser security.
This is one of the best Kali Linux tools as many users want to understand and fix client-side issues when talking about web security.
13. Apktool
Apktool is indeed one of the popular tools on Kali Linux for reverse engineering Android applications. Of course, you should utilize it correctly - for educational purposes.
Using this tool, you can try it out yourself and let the original developers know what you think. What do you think you'll do with it?
14, sqlmap
If you are looking for an open source penetration testing tool - sqlmap is one of the best. It automates the process of exploiting SQL injection vulnerabilities and helps you take over a database server.
15. John the Ripper
John the Ripper is a popular password cracking tool on Kali Linux. It is also free and open source. However, if you are not interested in the Community Plus version, there is a Professional version available for commercial use.
16. Snort
Want real-time traffic analysis and packet recording functions? Snort has your back. Even though it's an open source intrusion prevention system, it has a lot to offer.
If you haven’t installed it yet, the official website mentions the installation process.
17. Autopsy Forensic Browser
Autopsy is a digital forensics tool used to investigate what happened on a computer . Well, you can also use it to recover images from SD card. It is also used by law enforcement officials. You can read the documentation to explore what you can do with it.
You should also check out their GitHub page.
18. King Phisher
Phishing attacks are very common now. The King Phisher tool helps with testing and user awareness by simulating real phishing attacks. For obvious reasons, you need permission before simulating an organization's server content.
19, Nikto
Nikto is a powerful web server scanner – making it one of the best Kali Linux tools. It checks for potentially dangerous files/programs, outdated server versions, and more.
20. Yersinia
Yersinia is an interesting framework for performing layer 2 attacks on the network (layer 2 refers to the OSI model data link layer). Of course, if you want your network to be secure, you must consider all seven layers. However, this tool focuses on layer 2 and various network protocols including STP, CDP, DTP, etc.
21、Social Engineering Toolkit (SET)
If you are doing a fairly serious penetration test, this should be one of the best tools you should check out. Social engineering is a big problem, and using SET tools, you can help prevent this type of attack.
Related recommendations: "Linux Video Tutorial"
The above is the detailed content of What tools are available in kali linux?. For more information, please follow other related articles on the PHP Chinese website!