Let’s start with a comparison between one thing and another, typically for the purpose of explanation or clarification.
A bricklayer with many years of experience goes to land to perform a job. He knows the tools at his disposal. When he needs to dig the ground to make the foundation, for example, he goes to the truck and gets a digger. In short, he is able to use a wide range of tools to perform various tasks and make the effort he must exert much less.
A “newbie” bricklayer, on the other hand, isn’t intimately acquainted with these tools, so he sticks to the only tools he knows and tries to do everything with them. He finds himself with a wheelbarrow trying to gather sands to mix with cement.
So as a cybersecurity expert, you don’t want to find yourself with a little knowledge of these tools that attackers are basically using and consequently incomplete.
So here today, we will be looking at some hacking tools you should learn to use. Though they are not the most common hacking tools.
I have deliberately chosen some that I use that you may not have heard or seen them before. Hopefully, this will help you increase your knowledge.
Shodan is like Google for infosec guys. There is a ton of valuable information. Open ports, webcams, refrigerators, unsecured devices, etc.
Mimikatz is a tool made for collecting Windows passwords and hashes. It’s a well-known tool and can also perform pass-the-hash, pass-the-ticket, or build Golden tickets.
WiFi Phisher is the best hacking tool for setting up access points to gain wireless credentials during red team engagements. It has a ton of functionality and can do pretty much anything you need. Some of the captive portal configurations are just amazing.
azGoPhish was designed for creating phishing campaigns for user security awareness training. it can be a powerful tool for phishing and credential collection. The tools make it super easy to clone any login page or email
HexorBase is a database application that was developed for auditing and maintaining several databases simultaneously. It is also able to perform SQL queries and brute force attacks against the common database types.
Armitage is also a fantastic Java-based GUI front-end for one of the most well known hacking tools – the Metasploit Framework. It was developed to help these security professionals understand hacking and the power of Metasploit better.
So guys if you want to be a pro cybersecurity specialist or infosec ninja, you have to learn the tools of your trade.
There are tons of hacking tools, so which ones should you start with?
That’s a good question. Hopefully, this article will give you a starting point so that you can diversify your knowledge and become a pro cybersecurity specialist or infosec ninja.
Happy hacking guys!