Top 20 Kali Linux Tools in 2021

The 20 Kali Linux penetration tools discussed in this article are selected based on the <span>most commonly used</span> and <span>most favored</span> criteria. Therefore, some excellent tools may not be included. If you have better suggestions, please leave a comment for us to make corrections!

Top 20 Kali Linux Tools in 2021
Kali-Linux-tools

Information Gathering Tools

01 traceroute

<span>traceroute</span> is a tool used to detect the number of gateways between the host sending the data packets and the target host. The principle of <span>traceroute</span> is to attempt to send probe packets with the minimum TTL (Time to Live) to trace the gateways that the packets pass through to reach the target host, and then listen for a response from the gateway’s ICMP.

traceroute bbskali.cn
Top 20 Kali Linux Tools in 2021

The IP address hops listed above also include my current Internet service provider and the router gateway. This scanning step covers the range of public IP addresses.

02 nmap

Nmap is a well-known network scanning tool. In previous articles, we have many tutorials on this topic, which you can check out if interested. After obtaining the IP address using <span>traceroute</span>, we can use nmap to obtain the corresponding ports and services.

Nmap -v -sS [target IP you want] -Pn
Top 20 Kali Linux Tools in 2021

Post-Exploitation Tools

03 Msfconsole

Many of you must have used this; indeed, it is one of the most highly rated tools under Kali Linux. Exploitation can be defined as the identification of vulnerabilities in systems, applications, or services by an attacker. An exploit has four main attributes: payload, Auxiliary, Encoders, and Post.

Top 20 Kali Linux Tools in 2021

The specific usage of the tool will not be discussed here.::bli:dog::

Sniffing and Spoofing Tools

04 wireshark

Wireshark is a network analysis tool. By displaying filtered packets, attackers can capture exposed passwords. It can also display results related to specified ports and ICMP traffic.

Top 20 Kali Linux Tools in 2021

05 Bettercap

With Bettercap, you can bypass HSTS preloading, HSTS, and SSL/TLS using SSLstrip+ and dns2proxy (DNS server). It redirects clients accessing specific domain names to fake domain names through HTTP redirection.

06 Social Engineering Toolkit (SET)

SET is an open-source penetration framework that implements various custom attack vectors during its execution. These include mass email, spear phishing, phishing, and malicious USB.

Top 20 Kali Linux Tools in 2021

WIFI Security Tools

07 fluxion

Fluxion targets users through its created open dual AP. Users need to connect to the set Wi-Fi network instance, which will cause a pop-up of a forged authentication network page. The user then unknowingly inputs the Wi-Fi password, achieving the purpose of <span>phishing</span>.

Top 20 Kali Linux Tools in 2021

08 Aircrack-NG Suite

Aircrack-NG can be considered a god-like existence; no matter what kind of WiFi attack method, it is indispensable.

Top 20 Kali Linux Tools in 2021

Password Cracking

09 Hydra

It is an online password cracking service. This password attack tool is rated as one of the fastest tools in the field of cybersecurity. Its support for many attack protocols makes it a reputable network login cracker. Some of its notable and supported protocols include XMPP, Cisco AAA, VNC, Cisco Auth, VMware-auth, Cisco-auth, Telnet, CVS, Teamspeak (TS2), FTP, Subversion, SSHKEY, SOCKS5, SMTP Enum, SMTP, SIP, Rlogin, RDP, PostgreSQL, ORACLE SID, ORACLE Listener, HTTP(S)-HEAD, and HTTP(S)-FORM-GET. Example:

hydra -l user -P passlist.txt ftp://192.168.0.1
Top 20 Kali Linux Tools in 2021

10 John

John is a well-known offline password cracking service. John the Ripper can effectively crack programs and test passwords. Its functional algorithm can be broken down into three steps. First, it pre-packages and combines the functions of multiple password cracking programs at once. Second, it automatically detects the hash value of the target password. Finally, it integrates a custom password cracker to complete the attack. For example, Linux systems will have user passwords in the file path /etc/password.

Top 20 Kali Linux Tools in 2021

11 Crunch

Crunch can be considered a lightweight password dictionary generation tool that generates the passwords we need through various combinations.

crunch <min> max<max> <characterset> -t <pattern> -o <output filename>

12 Hash-Identifier and FindMyHash

Weakly encrypted user passwords or data will become victims of hash identifier password attacks, as hash identifier tools will identify and expose various hashes associated with them. On the other hand, Findmyhash will utilize online services to successfully crack encrypted user data and passwords. The use of the Hash-Identifier tool first requires penetration testers or attackers to identify the relevant user password or data hash type. It will decrypt the provided data or password and identify the hash algorithm used. Next, the Findmyhash tool will crack the provided user data or password.

Top 20 Kali Linux Tools in 2021

Database Tools

13 sqlmap

Utilize the SQLMap tool to quickly automate the completion of websites with SQL injection vulnerabilities.

Top 20 Kali Linux Tools in 2021

Web Related Tools

14 JoomScan and WPScan

The JoomScan tool scans and analyzes Joomla CMS web applications. In contrast, the WPScan tool scans and analyzes any vulnerabilities on WordPress CMS web applications. Tools like CMSMap and ONLINE CMS Scanner can easily identify the CMS type of the target website.

Top 20 Kali Linux Tools in 2021

15 HTTRACK

HTTRACK can effectively clone web pages or websites. It is mainly used to create fake website clones or server attacks through phishing.

16 OWASP-ZAP

Java-based platform for testing web applications. It features an intuitive GUI with attack, spider, fuzz testing, proxy, and scripting capabilities for web applications.

Top 20 Kali Linux Tools in 2021

17 BurpSuite

The main function is to act as a proxy interceptor, allowing it to hijack the traffic between web servers and web browsers. Of course, it is also an indispensable tool!

Top 20 Kali Linux Tools in 2021

18 Web Vulnerability Scanner Nikto

Mainly assesses web applications and web servers, exposing obvious security vulnerabilities or other related issues.

Top 20 Kali Linux Tools in 2021

19 dirb

dirb is a web directory crawling tool. It mainly identifies the directories of web programs, such as obtaining the backend directory of a website.

Top 20 Kali Linux Tools in 2021

20 WhatWeb

WhatWeb is a web fingerprinting tool that can obtain the CMS framework of web programs and various web environments.

Top 20 Kali Linux Tools in 2021
For more tutorials, follow us

Collection of Cybersecurity Tools

https://wlxq.wxctf.com

Top 20 Kali Linux Tools in 2021

Leave a Comment