Please enable JavaScript.
Coggle requires JavaScript to display documents.
CEH Tools
Prakash Ayyanagoudar - Coggle Diagram
Scanning Networks
Nmap (Network Mapper): Versatile port scanning tool for discovering open ports, services, and operating systems on target hosts.
Nessus: Comprehensive vulnerability scanner for identifying security vulnerabilities in network devices, servers, and applications.
-
Zenmap: Graphical user interface (GUI) for Nmap, providing visualization of scan results and network topology.
-
Enumeration
Enum4linux: Tool for enumerating information from Windows systems, such as user accounts, shares, and groups.
LDAP Enumeration tools: ldapsearch, ADExplorer, and LDAPenum for querying LDAP (Lightweight Directory Access Protocol) servers to gather information about users, groups, and directories.
SMB Enumeration tools: enum4linux, smbclient, and smbmap for enumerating SMB (Server Message Block) shares, users, and groups on Windows systems.
SNMP Enumeration tools: SNMPwalk and snmpenum for querying SNMP-enabled devices to gather information such as system configuration and network topology.
Vulnerability Analysis
Nessus: Widely-used vulnerability scanner for identifying security vulnerabilities and misconfigurations in network devices, servers, and applications.
OpenVAS: Open-source alternative to Nessus, offering vulnerability scanning and management capabilities.
Nikto: Web server scanner for identifying common vulnerabilities and misconfigurations in web servers and web applications.
Qualys: Cloud-based vulnerability management platform offering vulnerability scanning, assessment, and reporting capabilities.
System Hacking
Metasploit Framework: Penetration testing framework for exploiting security vulnerabilities and conducting post-exploitation activities.
Hydra: Password-cracking tool for brute-forcing authentication credentials, such as usernames and passwords.
John the Ripper: Password-cracking tool capable of cracking various password hashes using dictionary and brute-force attacks.
Cain & Abel: Multi-purpose hacking tool for password recovery, network sniffing, and ARP poisoning.
Mimikatz: Tool for extracting plaintext passwords, hashes, and other credentials from Windows memory.
Malware Threats
VirusTotal: Online service for analyzing suspicious files and URLs to detect malware and malicious behavior.
Wireshark: Network protocol analyzer for capturing and analyzing network traffic, including malware-related activity.
YARA: Pattern-matching tool for identifying and classifying malware based on defined rules and signatures.
Cuckoo Sandbox: Automated malware analysis platform for executing and analyzing suspicious files in a controlled environment.
Malwarebytes: Antimalware software for scanning, detecting, and removing malware infections on Windows and Mac systems.
Sniffing
Wireshark: Open-source packet analyzer for capturing and analyzing network traffic in real-time. It can capture and display the data flowing over a network and provides detailed protocol information.
Tcpdump: Command-line packet analyzer similar to Wireshark, used for capturing and displaying network packets. It can be used for network troubleshooting, security analysis, and packet filtering.
Ettercap: Comprehensive suite for man-in-the-middle (MITM) attacks on LAN. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks.
Cain & Abel: Multi-purpose tool for network analysis, password cracking, and ARP poisoning. It can intercept network traffic, perform brute-force attacks, and recover various kinds of passwords.
Social Engineering
Social Engineering Toolkit (SET): Open-source framework designed to simulate social engineering attacks. It includes various attack vectors such as spear phishing, credential harvesting, and website cloning.
Phishing frameworks: Gophish and Evilginx are tools for creating and executing phishing campaigns to obtain sensitive information from users.
BeEF (Browser Exploitation Framework): Framework for exploiting browser vulnerabilities to control and manipulate web browsers. It can be used for client-side attacks and browser-based exploitation.
Pretexting tools: Maltego and ReelPhish are tools used to create pretext scenarios for social engineering attacks. They assist in gathering information and creating believable scenarios to manipulate targets.
Denial-of-Service (DoS)
LOIC (Low Orbit Ion Cannon): Open-source network stress testing application for launching DoS and DDoS attacks. It floods the target server with TCP, UDP, or HTTP requests to overwhelm its resources.
HOIC (High Orbit Ion Cannon): Similar to LOIC, HOIC is a popular tool for launching DoS attacks. It allows users to customize attack parameters and coordinate attacks with other users.
Slowloris: Stealthy HTTP DoS tool designed to keep a web server's resources tied up by sending HTTP requests very slowly. It exhausts the server's connection pool and prevents new connections from being accepted.
Hping3: Command-line packet crafting tool used for network testing, packet manipulation, and firewall evasion. It can generate various types of packets and send them to a target host to test its response.
Session Hijacking
Wireshark: Packet analyzer used to capture and analyze network traffic, including session hijacking attacks. It can capture and display session cookies, authentication tokens, and other sensitive information.
THC-Hydra: Password-cracking tool capable of performing brute-force attacks against various network protocols, including HTTP, FTP, SSH, and SNMP. It can be used to hijack sessions by guessing valid credentials.
Burp Suite: Web application security testing tool that includes a session management feature. It can intercept and manipulate HTTP requests and responses, allowing attackers to hijack user sessions.
Evading IDS, Firewalls, and Honeypots
Snort: Open-source intrusion detection system (IDS) capable of detecting and preventing network-based attacks. It uses signature-based detection and can be configured to detect and block suspicious traffic.
Suricata: Open-source IDS/IPS engine capable of real-time traffic analysis and intrusion detection. It provides multi-threaded performance and support for protocol decoding and signature matching.
Nmap: Network scanning tool that includes techniques for evading IDS and firewall detection. It can perform stealthy scans by manipulating packet headers and timing intervals to avoid detection.
Honeyd: Open-source honeypot framework designed to simulate network services and lure attackers into interacting with them. It can be used to gather information about attackers and study their behavior.
Hacking Web Servers
Burp Suite: Comprehensive web application security testing tool that includes features for scanning, crawling, and attacking web servers. It can identify vulnerabilities such as SQL injection, cross-site scripting (XSS), and insecure configurations.
Nikto: Open-source web server scanner that performs comprehensive tests against web servers for various vulnerabilities and misconfigurations. It checks for outdated software versions, misconfigured files, and common security issues.
SQLMap: Automated SQL injection tool used to detect and exploit SQL injection vulnerabilities in web applications and web servers. It can retrieve database information, dump tables, and execute arbitrary SQL commands.
DirBuster: Brute-force directory and file enumeration tool used to discover hidden content and directories on web servers. It can be used to identify sensitive files, backup files, and administrative interfaces.
OWASP ZAP (Zed Attack Proxy): Open-source web application security testing tool that helps find security vulnerabilities in web applications during the development and testing phases. It includes features for automated scanning, manual testing, and reporting.
Hacking Web Applications
Burp Suite: Widely-used web application security testing tool that includes features for scanning, intercepting, and attacking web applications. It can identify vulnerabilities such as injection flaws, broken authentication, and insecure direct object references.
OWASP ZAP: Open-source alternative to Burp Suite for web application security testing. It provides similar functionality for scanning, intercepting, and attacking web applications, with a focus on open-source development and community collaboration.
SQLMap: Automated SQL injection tool used to detect and exploit SQL injection vulnerabilities in web applications. It can identify SQL injection points, extract database information, and execute arbitrary SQL commands.
XSStrike: Cross-site scripting (XSS) detection and exploitation framework used to find and exploit XSS vulnerabilities in web applications. It includes features for payload generation, injection, and exploitation.
BeEF (Browser Exploitation Framework): Client-side attack framework used to exploit vulnerabilities in web browsers and web applications. It can hijack browser sessions, steal credentials, and perform other malicious actions.
SQL Injection
SQLMap: Automated SQL injection tool used to detect and exploit SQL injection vulnerabilities in web applications and web servers. It can identify SQL injection points, extract database information, and execute arbitrary SQL commands.
Havij: Automated SQL injection tool for detecting and exploiting SQL injection vulnerabilities in web applications. It provides a graphical user interface (GUI) for easier interaction and exploitation of SQL injection flaws.
SQLninja: Automated SQL injection exploitation tool used to identify and exploit SQL injection vulnerabilities in web applications and web servers. It provides various injection techniques and evasion mechanisms for bypassing security measures.
No specific tools required for detection and prevention. Understanding of SQL injection techniques and manual testing methods is essential for detection and prevention.
-
Mobile Platform Security
MobSF (Mobile Security Framework): Open-source framework for mobile application security testing and analysis. It provides static and dynamic analysis of Android and iOS applications, including vulnerability scanning and reporting.
Frida: Dynamic instrumentation toolkit for Android and iOS applications. It allows developers and security researchers to inject JavaScript code into running applications to perform dynamic analysis and manipulation.
Drozer: Comprehensive Android security assessment framework for penetration testers and security researchers. It provides features for analyzing Android applications, identifying vulnerabilities, and exploiting security weaknesses.
APKTool: Reverse engineering tool for decompiling and analyzing Android application packages (APK files). It allows security researchers to disassemble, modify, and recompile Android applications for security analysis.
IoT Security
Shodan: Search engine for discovering internet-connected devices, including IoT devices such as cameras, routers, and smart home appliances. It provides information about device vulnerabilities, configurations, and services.
Wireshark: Packet analyzer for capturing and analyzing network traffic, including IoT device traffic. It can be used to monitor and analyze communication between IoT devices and identify security threats.
Nmap: Network scanning tool for identifying and mapping IoT devices on a network. It can scan for open ports, detect device types, and gather information about device configurations.
Firmware analysis tools: Binwalk and Firmware Analysis Toolkit (FAT) for analyzing firmware images extracted from IoT devices. They can identify file systems, extract files, and analyze firmware components for vulnerabilities.
Cloud Computing Security
AWS CLI (Command Line Interface): Command-line tool for managing Amazon Web Services (AWS) resources, including EC2 instances, S3 buckets, and IAM policies. It allows users to automate AWS operations and manage cloud resources programmatically.
Azure CLI: Command-line tool for managing Microsoft Azure resources, including virtual machines, storage accounts, and networking resources. It provides a unified interface for interacting with Azure services and automating cloud operations.
GCP CLI: Command-line tool for managing Google Cloud Platform (GCP) resources, including Compute Engine instances, Cloud Storage buckets, and Kubernetes clusters. It allows users to automate GCP operations and manage cloud resources from the command line.
Cloud security monitoring tools: AWS CloudTrail, AWS GuardDuty, and Google Cloud Security Command Center (SCC) for monitoring and analyzing security events in cloud environments. They provide visibility into cloud activity, detect security threats, and generate alerts for suspicious behavior.
Cryptography
OpenSSL: Open-source toolkit for implementing cryptographic functions and protocols. It provides libraries and command-line utilities for encryption, decryption, digital signatures, and certificate management.
John the Ripper: Password-cracking tool capable of brute-forcing various password hashes, including MD5, SHA-1, and bcrypt. It supports multiple cracking modes and hash formats for recovering plaintext passwords.
Hashcat: Advanced password recovery tool for cracking password hashes using GPU acceleration. It supports a wide range of hash algorithms and attack modes for efficient password cracking.
GPG (GNU Privacy Guard): Open-source encryption software for secure communication and file encryption. It provides encryption and digital signature capabilities using public-key cryptography algorithms.