The hacking toolkit: 13 essential network security utilities
Image 1 of 12
A slideshow of the top tools hackers use to snoop, swipe, and attack corporate systems
A slideshow of the top tools hackers use to snoop, swipe, and attack corporate systems
Image: iStock / TeamOktopus
Hacking grabs headlines because it’s very easy to visualize shadowy cabals of nefarious Bad Guys perched behind glowing monitors pecking at secret sauce software that will soon cripple your network, or swipe critical corporate data.
To be clear, this does happen every day. Corporate and SMB networks are at risk at all times of being penetrated and exploited. However, with a few exceptions, hacking teams rarely conspire in the shadows. Most groups function more like businesses that rely on time-tested software to achieve tactical goals.
SEE: Enterprise encryption: Trends, strategic needs, and best practices (Tech Pro Research story)
“Magic bullet” software does not exist. There is no single app that will be used to attack, or help defend all desktop, mobile, and IoT networks. Instead, a suite of open source and commercial software is used to map networks, sniff packets, and crack passwords. These are the most widely used exploitation tools.
Read more
- How to safely access and navigate the Dark Web (TechRepublic)
- Review: ‘Down the Deep Dark Web’ is a movie every technologist should watch (TechRepublic)
- 10 things you didn’t know about the Dark Web (ZDNet)
- Stolen data on the dark web is cheaper than you might think (ZDNet)
- How Squarespace became a multimillion dollar publishing giant (TechRepublic)
- From Russia with Tech: The top 5 most interesting Russian startups(TechRepublic)
- Election Tech: Leadership is more powerful than technology (TechRepublic)
The Social Engineer Toolkit
Humans are often the weakest link in the security chain. The Social Engineer Toolkit is a suite of apps that will send spearfishing attacks, spoof SMS messages, and mask malware as media files.
Image: http://www.social-engineer.org
Metasploit
The world-famous Metasploit by Rapid7 is network penetration software for IT professionals and network managers that features updated exploit lists, as well as spearfishing, network mapping, and password brute force tools.
Image: Rapid7
Nmap
Nmap is a great way to map a network. The free, open source auditing tool identifies network shape, and locates firewalls, IP filters, and other network ports.
Image: http://Nmap.org
Cain and Abel
Need to retrieve a lost a password? Cain and Abel will sniff your network, locate password files, then crack the encryption. The decryption app works with other types of locked files, including Wi-Fi passwords and cached voice conversations.
Image: http://www.oxid.it/
John the Ripper
John the Ripper is a speedy, open source password decryption utility for Linux and Macs that can autodetect password hashes, then automatically apply a variety of attacks, including dictionary and brute force hacks.
Image: http://www.openwall.com/
Hash Suite
Hash Suite is a fast and powerful password cracking application for Windows. The software isn’t free but is reasonably priced and, for SMBs in particular, worth the investment.
Image: http://openwall.net
Wireshark
Wireshark is a widely used packet sniffer that can identify, track, and visualize all network IP traffic.
Image: https://www.wireshark.org/
Ettercap
Ettercap is an unambiguous, unapologetic man-in-the-middle exploitation tool that can intercept IP traffic, grab passwords, and eavesdrop on network activity.
Image: https://ettercap.github.io
Burp Suite
Need to manage your network and perform a number of security tests? Try the Burp, a comprehensive, modular, and automated network scanning application.
Image: https://portswigger.net
PuTTY
Ditch the kludgey Windows command line and communicate with servers and telnet securely using PuTTY, the popular, open source terminal emulator.
Image: http://www.putty.org/
Maltego
Maltego is a network data mining, forensics, and link visualization tool developed by security firm Paterva.
Image: https://www.paterva.com
