Tools

Author: cysectools
Date: April 22, 2024

CysecTools

Common Abbreviations:

  • SFS (Summary from Site): is the summary of what the tool is or does reference directly from their respective website.

  • SFW (Summary From Wikipedia): is the summary of the tool referenced from wikipedia.

  • MOT (My Own Tool): used to identify the tools that are created solely by me.

NMAP

NMAP:

(SFS): Nmap (“Network Mapper”) is a free and open-source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

METASPLOIT

METASPLOIT:

(SFS): Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

WIRESHARK

WIRESHARK:

(SFW): Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software, and communications protocol development, and education.

JOHN THE RIPPER

JOHN THE RIPPER:

(SFS): John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems. John the Ripper jumbo supports hundreds of hash and cipher types, including for: user passwords of Unix flavors (Linux, *BSD, Solaris, AIX, QNX, etc.), macOS, Windows, “web apps” (e.g., WordPress), groupware (e.g., Notes/Domino), and database servers (SQL, LDAP, etc.); network traffic captures (Windows network authentication, WiFi WPA-PSK, etc.); encrypted private keys (SSH, GnuPG, cryptocurrency wallets, etc.), filesystems and disks (macOS .dmg files and “sparse bundles”, Windows BitLocker, etc.), archives (ZIP, RAR, 7z), and document files (PDF, Microsoft Office’s, etc.) These are just some of the examples – there are many more.

SNORT

(SFS): Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.

GHIDRA

(SFS): A software reverse engineering (SRE) suite of tools developed by NSA’s Research Directorate in support of the Cybersecurity mission.

It truly is a good tool in my humble opinion. I use it during my malware analysis process. At first glance, it may seem confusing, but with practice, it will prove to be a very important and useful tool to keep in your belt.

BURP SUITE

Burp Suite:

(SFW): Burp Suite is a software security application used for penetration testing of web applications. Both a free and a paid version of the software are available. The software is developed by the company PortSwigger.