Setting up your environment for Hacking - Part 1 : Tools

Hello everyone,

In previous posts, I gave you introduction on XSS, one of the vulnerability. In case if you missed it, you can read it here

Introduction to XSS

Hands on | Google XSS Game

The above 2 posts are well reached and I got lots of mails and facebook messages asking "Can you teach me hacking".

Most of the people are noobs and they don't know how to hack or what is hacking. So, In this and the next few posts, I am going to tell you about setting up your environment for hacking (or) to learn hacking.

In this post, I am talking about the common tools used for hacking. Don't worry. They're open source and you can get it for free.

1. FireFox

Firefox is a web browser you must have to perform testing against websites and web applications. Firefox is not as interesting as chrome but it does have lots of add-ons which help us to test against a target. I'll tell about them later.

Visit Firefox Official Page  |  Download Firefox Web Installer

2. Python

Python is a programming language and it is often used to write scripts for automating tasks. It is an Open Source language with huge user base. It is open source and you can download and use it for free. There are lots of python scripts are available in internet, which helps you to automate certain tasks. The latest version is Python 3.7

Visit Python Page | Download Python

3. Burp Suite

Burp Suite is an application made by Port Swigger Inc which provide you many options to pentest websites and web applications. It is a paid software but a free edition is available with limited features.

Few of the usages are


  a. It allows you to Intercept a request, edit the values and send it.

  b. It allows you to Intercept a response and edit it.

  c. It allows you to catch a request and send it multiple times by editing.

  d. It allows you to perform brute force on end points

Many more usages are there.

Visit Official Site | Community Edition for Windows 64 | Cross Platform Jar File


4. OWASP Zap

OWASP (Open Web Application Security Project) is a community which works in the field of ethical hacking. It provide detailed information on vulnerabilities, provide preventive measurements, etc.
ZAP (Zed Attack Proxy) is a tool which automate the process of finding security vulnerabilities in websites and web applications. It is a freeware.

Visit Official Page | Downloads Page | Download for Windows

5. VMware

VMware (Virtual Machine Ware) is a virtualization tool which allows you to create virtual platforms and boot multiple operating systems on your current OS. It'll mock the hardware and provide a platforms for OS to run.

Home Page | Downloads Page | Download for Windows

5. Virtual Box

Virtual Box is another virtualization software by Oracle. It is free and open source.

Home Page | Downloads Page | Download for Windows | Download for Mac

6. Kali Linux

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is an OS that every hacker must have. It have lots of vulnerability testing and exploitation applications pre-installed. It is an open source project built on top of deprecated Back Track Linux. I personally suggest you not to install this separately instead load and install it in the VMware.

Home Page | Downloads Page | ISO File

6. Back Track 

Back Track Linux is the predecessor of Kali Linux. It was a Linux distribution that focused on security, based on the Knoppix Linux distribution aimed at digital forensics and penetration testing use. It is deprecated in 2013 and the project continued as Kali Linux. The latest version of Back Track Linux is Back Track 5R3.

Home Page | Downloads Page | ISO File

7. Metasploit Framework

Metasploit Framework is a computer security project that provides information about security vulnerabilities and aids in penetration testing. It is pre-installed in Kali Linux.

Home Page | Downloads Page | Download for Windows


8. Nmap

Some targets may have hidden gems at certain ports. Nmap is an open port scanner which scan the ports from 1 to 65535 to find open ports. Also you can instruct it to scan between a specific range if you want. It is pre-loaded in Kali Linux.

Home Page | Downloads Page | Download for Windows

If you liked the post, you can Buy me a coffeeBuy me a coffee

-------------------------------------------------------------------------------------------------------------------------
* There are few more important applications to add in the list. I'll sort it and add accordingly.

* I used certain Link Shorteners here. This is not a for-profit blog. But since we're in need of purchasing few things to serve you better, currently we have to do this. This may be lifted in future.

Comments

Popular posts from this blog

Hands On training | Google XSS Game

Download Guarded Profile Picture From Facebook

Introduction to XSS - Methods, Impact and Prevention