Hydra is a parallelized login breaker. This tool is utilized to gain unauthorized access to a system remotely. Hydra is extremely fast and flexible and can be used for many diverse types of brute force attacks. Hydra is built into Kali Linux, making it an accessible tool.
WPScan is a black box WordPress security scanner used to test the security of the websites. WPScan looks for which plugins are installed, and which themes are installed, as well as their vulnerabilities. WPScan also examines any weak passwords that could be a potential threat for a brute force attack. WPScan is open source.
Sqlmap is a tool used in penetration testing to detect and exploit SQL flaws. Sqlmap is an open source. SQL databases normally contain sensitive information such as personal data and customer information which is why finding the flaws is important to prevent any potential threats. Sqlmap features a range of switches from database fingerprinting to accessing the underlying file connection via out-of-band connections.
Commix is an open-source command line injection exploiter. It is a penetration testing tool that can automate detection and exploitation of the vulnerabilities in command line injection. Written in Python, this tool works against multiple operating systems. It works on websites as well as web applications. It performs two different command line injection methods that are result based command injection and blind command injection.
Gobuster is an open-source enumeration tool that will search out hidden directories and files. It is utilized using the command line which can be much swifter than some other enumeration tools. The speed of Gobuster is its major advantage over the competition. It utilizes its own language, Go Language, and can scan multiple threads in a swift manner. It also has the ability to enumerate subdomains on a potential target domain. Lastly, it can search for virtual hosts that are located on the system of the source being scanned.
CUPP is an open-source password profiler. This tool is used to exploit passwords by creating wordlists based off a target. The tool is written in Python Language and will create passwords by generating passwords that are based off user defined fields. Knowing particular information about a person will help populate the password generating fields.
Metasploit is an open-source tool based in Ruby. This tool allows the user to write, test and execute exploit code. It allows the user to check for vulnerabilities on networks as well as servers. It works with most operating systems and is highly customizable based on user preference. To utilize this tool, it will require open port information to find a method of breaching the target network, then it will utilize whatever functions that are built into the tool to allow for complete exploitation.
BurpSuite Community Edition is a Java based tool that allows for security testing across web applications. It utilizes multiple tools within its system to test and analyze security vulnerabilities. It is customizable to allow the user to manually operate the functionality of the tool or the user could automate many methods within the BurpSuite tool. It helps in the process of making the website or web application more secure and it will test a particular site or application for any possible vulnerabilities.
XSser is an open-source penetration testing tool that functions by automation of detection and exploitation of XSS injections on a particular site. The tool has options so that it may bypass filters allowing it to inject code where necessary. It is Python Language based and will run on multiple platforms.
Faraday is a common tool used for pen testing, security assessment, and vulnerability scanning. The benefit of using Faraday reuses tools in the community and takes advantage of using them in a multi-user way. Faraday works on Linux, Microsoft Windows, and macOS. Faraday allows companies to export data into their own compliance-ready formats.
Hashcat is an open-source password cracker. This tool will not only work on simple passwords, but complex passwords as well. It works in multiple methods to crack passwords that include dictionary use, rainbow tables and brute-force methodologies. It works on multiple operating systems including Windows, Linux and OSX. It is one of the fastest tools in the field compared to many other open-source password crackers.
Wazuh is an open-source host-based intrusion detection system that generates and sends logs to an Elastic Stack SIEM environment. Wazuh analyzes and collects data on an endpoint and creates an alert when a rule is triggered. Alerts are then sent to the Elastic to log and generate security events. The security events can then be viewed in the Kibana web-interface. Common use cases for Wazuh can include rootkit detection, log data analysis, file integrity checking, and compliance checking.
OpenVAS is an open-source full featured vulnerability scanner. The features of OpenVAS include unauthenticated and authenticated tested, high-level, and low-level internet industrial protocols, and performance tuning for large-scale scans to implement any type of vulnerability test. OpenVAS’ scan engine is updated on a regular basis, as well as offers a CVE (Common Vulnerabilities and Exposures) coverage of 26k.
Nessus is an open-source remote security scanning tool. Nessus works by alerting the user if there is any malicious activity from hackers who can gain access to any computers connected to the network. It runs over 1200 checks on a given computer. Nessus is a small part a good security plan.
Nmap is a utility that is open sourced that will run on all the major systems including Windows, Linux, and Mac OS. This utility is used to scan networks to determine if any hosts are available as well as services that are running with what type of operating system and it will scan to see if any firewalls or packet filtering systems are in place.
Legion is an open-source utility that utilizes Nmap as a part of its tools so that it can scan for vulnerabilities on a system. It also includes nikto, whataweb, Hydra, and many others to help in the scanning of the vulnerabilities of a system. It is fully customizable to allow the end user to manipulate it to specific needs of the scanning. The GUI (Graphical User Interface) of Legion is easily navigated and has the ability to evade IPS detection. It automatically detects common platform enumeration as well as common vulnerabilities and exposures. This tool was chosen because of its complexity as well as ease of use to scan for vulnerabilities on a system.
Nikto is an open-source vulnerability scanner that was created specifically for web servers. It provides system checks on web servers that include outdated server version scans, scrip scans, file scans and specific version scans on the server. Furthermore, it will scan the server for configuration issues that may have many indexing files and can potentially find installed web servers and software that is allocated to the web server. This tool was chosen because it works well for scanning on WordPress for vulnerabilities.