Ready to Start Your Career?

By: CyberX
May 8, 2019
Hacking Tools You Should Learn in 2019

By: CyberX
May 8, 2019
Let's start with an analogy:A carpenter with many years of experience goes to a house to perform a job. He knows the tools at his disposal. When he needs to shave the bottom of the cabinet, for example, he goes to the truck and gets a belt sander. In short, he is able to use a wide range of tools to perform various tasks and make the effort he must exert much less.A "newbie" carpenter, on the other hand, isn't intimately acquainted with these tools, so he sticks to the five tools he knows and tries to do everything with them. He finds himself with an orbital saw trying to shave a little bit off of the bottom of the cabinet.As a cybersecurity professional, you don't want to find yourself with a limited knowledge of the tools that attackers are using and consequently handicapped.Let's look at some hacking tools you should learn to use. These are not necessarily the most common hacking tools. In fact, I have intentionally chosen some that I use that you may not have heard of before. Hopefully, this will help you increase your knowledge.BONUS: While space is limited in this article, check out the Hacking Tools: For Penetration Testing article where nearly 100 hacking tools are discussed.
Official Website: https://www.shodan.io/
Official Website: https://www.paterva.com/web7/downloads.php
Official website: https://github.com/gentilkiwi/mimikatz
Official Website: https://wifiphisher.org/
Official website: https://getgophish.com/
Official Website: https://github.com/savio-code/hexorbase
Official Website: http://www.fastandeasyhacking.com/
Shodan -
Shodan is like Google for hackers. There is a ton of valuable information. Open ports, webcams, refrigerators, unsecured devices, etc.
Maltego
Maltego is an OSINT (Open Source Intelligence) tool for collecting data about potential targets. When you are preparing for a social engineering attack or simply want to make connections between personnel, the tool is amazing.
Mimikatz
Mimikatz is a tool that was built for collecting Windows passwords and hashes. It’s a well-known tool and can also perform pass-the-hash, pass-the-ticket or build Golden tickets.
Wifi Phisher
WiFi Phisher is one of the best hacking tools for setting up a rogue access point to gain wireless credentials during red team engagements. It has a ton of functionality and can do pretty much anything you need. Some of the captive portal configurations are just amazing.
GoPhish
GoPhish was designed for creating phishing campaigns for user security awareness training. However, it can be a powerful tool for phishing and credential collection. The tools make it super easy to clone any login page or email.
HexorBase
HexorBase is a database application that was developed for auditing and maintaining several databases simultaneously. It is also able to perform SQL queries and brute force attacks against the common database types.
Armitage
Armitage is a fantastic Java-based GUI front-end for one of the most well known hacking tools – the Metasploit Framework. It was developed to help security professionals understand hacking and the power of Metasploit better.