nmap
Nmap is an abbreviation of 'Network Mapper', as is a very well known free open source hackers tool. Nmap is used for network discovery and security auditing. Many system admins use nmap for network inventory, open ports, managing service upgrade schedules, and monitoring host or service uptime. The tool uses raw IP packets in creative ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions and possible patches) and what type and version of packet filters/ firewalls are being used by the target.
Nmap is a very popular hacking tool that was originally created to act as a method of being able to scan large networks, but it works absolutely fine o single hosts (targets). Nmap works on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. Nmap was traditionally a command-line tool, but there is a GUI available called 'Zenmap'.
Metasploit
The Metasploit Project is a widely used and extremely popular cybersecurity project that allows a penetration tester (or hacker) the ability to seek security vulnerabilities within networks and machines and is able to help audit systems. In addition, Metasploit also accommodates efficient management and testing of Intrusion Detection Systems. The most popular 'divison' of this 'multi purpose hacking tool' is the open source Metasploit Framework Project, commonly referred to as simply 'Metasploit'. This tool helps the user develop and execute (known or otherwise) exploit code against a remote target machine. Many Metasploit users use the tool for anti-forensic and evasion purposes, many of which are built into the Metasploit Framework.
Maltego
Maltego is a digital forensics platform that was created to deliver a cyber threat picture to the environment in which an organization operates. The unique perspective that Maltego offers to both network and resource based entities is the aggregation of information posted all over the internet - whether it's the current configuration of a router poised on the edge of your network or the current whereabouts of your Vice President on his international visits, Maltego can locate, aggregate and visualize this information.
OWASP Zed Attack Proxy Project
The Zed Attack Proxy (ZAP) is now one of the most popular OWASP projects. This hacking and pentesting tool is a very efficient and 'easy to use' program that finds vulnerabilities in web applications. ZAP is a popular tool because it does have a lot of support and the OWASP community is really an excellent resource for those that work within Cyber Security.
ZAP provides automated scanners as well as various tools that allow you the cyber pro to discover security vulnerabilities manually. Understanding and being able to master this tool would also be advantageous to your career as a penetration tester.
To learn more about the OWASP Top Threats and Mitigations click here.
As ever, we'd really appeciate any comments you might have especially with regards to having used this tool. Please drop a comment below or indeed, you might have another video that we could include within this page?
ZAP provides automated scanners as well as various tools that allow you the cyber pro to discover security vulnerabilities manually. Understanding and being able to master this tool would also be advantageous to your career as a penetration tester.
To learn more about the OWASP Top Threats and Mitigations click here.
As ever, we'd really appeciate any comments you might have especially with regards to having used this tool. Please drop a comment below or indeed, you might have another video that we could include within this page?
0 commentaires:
Enregistrer un commentaire