Professional Documents
Culture Documents
Introduction
Linux based operating system.
History
Merger of two former distros focused on penetration testing.
WHAX- a slax based operating system. Auditor Security Collection- a live CD based on Knoppix included 300 tools.
Categories
Information gathering Vulnerability assessment Exploitation tools Privilege Escalation Maintaining Access Reverse Engineering RFID tools Stress Testing Forensics Reporting tools Services Miscellaneous
Tools
Metasploit integration RFMON Aircrack-NG Gerix Wifi Cracker Kismet Nmap Ophcrack Ettercap Wireshark BeEF
Metasploit Integration
Open-source project which provides information about security vulnerabilities A tool for developing and executing exploit code against a remote target machine. Steps:
Choosing and configuring exploit Checking targets susceptibility Choosing and configuring payload Choosing encoding technique Execution
RFMON
Radio Frequency MONitor Allows wireless NIC to monitor all traffic received from the wireless network Collected traffic can be used for WEP cracking To monitor own network
Aircrack-ng
Network software suite consisting detector, packet sniffer, WEP cracker and analysis tools. easside-ng: a tool for communicating to an access point, without the WEP key wesside-ng: automatic tool for recovering wep key.
Kismet
A free software used for network detection, packet sniffing and intrusion detection system Works passively: without sending any loggable packets it detects wireless access points and wireless clients. It can sniff packets in Wireshark format.
Nmap
Network MAPper is a security scanner used to discover hosts and services on a network Features:
Host discovery Port Scanning OS detection MAC address
Ophcrack
Ophcrack can crack most Windows passwords within a few minutes It uses LM hash through rainbow tables. LM hash is hash to encrypt Windows passwords. Rainbow table is used to reverse cryptographic hash. By default, ophcrack is bundled with tables that allows it to crack passwords no longer than 14 characters.
Thank you