lvx Posted December 8, 2017 Share Posted December 8, 2017 Hey all, just looking to get a good starting point in exploring Kali. Which tools do you find to be the most useful? I'll be working my way through some coursework as well, but thought this might be a good way to trim the fat a bit. The list of tools that gets installed by the katoolin scripts is a little daunting. :) Quote Link to comment Share on other sites More sharing options...
digininja Posted December 8, 2017 Share Posted December 8, 2017 It all depends what you want to do, are you interested in looking at layer 2 protocols, digging through shellcode or testing web apps? And don't forget, Kali is just a Linux install with tools preinstalled, just because they are in there doesn't make them good, not being in there doesn't make them bad. Quote Link to comment Share on other sites More sharing options...
lvx Posted December 8, 2017 Author Share Posted December 8, 2017 Yeah, that's my issue. Normally when I create a toolkit I only put in the tools that I use, not a bunch of extra 8MM wrenches of varying quality. I don't have a specific application for Kali at the moment, just learning. I installed the tools via the katoolin scripts and now am a little at a loss as to where I should start. Either way I'll be making my way through the coursework and will likely grab a book or two. Just figured that people here might have a short list or a few go to tools that could help me separate the wheat from the chaff. Hell, I'll take a list of crap tools that I should cut too. :) Quote Link to comment Share on other sites More sharing options...
digininja Posted December 8, 2017 Share Posted December 8, 2017 Ok, Mona, wfuzz and yersina. Quote Link to comment Share on other sites More sharing options...
lvx Posted December 8, 2017 Author Share Posted December 8, 2017 Thanks, I'll check them out. :) Quote Link to comment Share on other sites More sharing options...
digip Posted December 9, 2017 Share Posted December 9, 2017 I tend to use a few things regularly. nmap, gobuster, nc/ncat/netcat, python and perl for TTY and reverse shells, john for password cracking, occasionally nikto, sqlmap, and hydra There are some other things here and there, but those are my basic staples, at least when attacking linux boxes. I don't really mess with windows, and in general, if it has an unpatched vuln, just throw metasploit at it, but I try to avoid metasploit at all costs. 1, don't use it enough to be fluid with it, and 2, I'm not learning anything if I can just throw it at something and it falls over. Quote Link to comment Share on other sites More sharing options...
lvx Posted December 9, 2017 Author Share Posted December 9, 2017 Great, I'll add those to my short list. ;) Quote Link to comment Share on other sites More sharing options...
i8igmac Posted December 10, 2017 Share Posted December 10, 2017 (edited) every once in a while I might check the kali tools list to see what's been added or if im looking to perform a task ill check the list for tools on that subject https://tools.kali.org/tools-listing Sorry for the big paste. acccheck ace-voip Amap arp-scan Automater bing-ip2hosts braa CaseFile CDPSnarf cisco-torch Cookie Cadger copy-router-config DMitry dnmap dnsenum dnsmap DNSRecon dnstracer dnswalk DotDotPwn enum4linux enumIAX EyeWitness Faraday Fierce Firewalk fragroute fragrouter Ghost Phisher GoLismero goofile hping3 ident-user-enum InSpy InTrace iSMTP lbd Maltego Teeth masscan Metagoofil Miranda nbtscan-unixwiz Nmap ntop OSRFramework p0f Parsero Recon-ng SET SMBMap smtp-user-enum snmp-check SPARTA sslcaudit SSLsplit sslstrip SSLyze Sublist3r THC-IPV6 theHarvester TLSSLed twofi URLCrazy Wireshark WOL-E Xplico Vulnerability Analysis BBQSQL BED cisco-auditing-tool cisco-global-exploiter cisco-ocs cisco-torch copy-router-config DBPwAudit Doona DotDotPwn HexorBase Inguma jSQL Lynis Nmap ohrwurm openvas Oscanner Powerfuzzer sfuzz SidGuesser SIPArmyKnife sqlmap Sqlninja sqlsus THC-IPV6 tnscmd10g unix-privesc-check Yersinia Exploitation Tools Armitage Backdoor Factory BeEF cisco-auditing-tool cisco-global-exploiter cisco-ocs cisco-torch Commix crackle exploitdb jboss-autopwn Linux Exploit Suggester Maltego Teeth Metasploit Framework MSFPC RouterSploit SET ShellNoob sqlmap THC-IPV6 Yersinia Wireless Attacks Airbase-ng Aircrack-ng Airdecap-ng and Airdecloak-ng Aireplay-ng Airmon-ng Airodump-ng airodump-ng-oui-update Airolib-ng Airserv-ng Airtun-ng Asleap Besside-ng Bluelog BlueMaho Bluepot BlueRanger Bluesnarfer Bully coWPAtty crackle eapmd5pass Easside-ng Fern Wifi Cracker FreeRADIUS-WPE Ghost Phisher GISKismet Gqrx gr-scan hostapd-wpe ivstools kalibrate-rtl KillerBee Kismet makeivs-ng mdk3 mfcuk mfoc mfterm Multimon-NG Packetforge-ng PixieWPS Pyrit Reaver redfang RTLSDR Scanner Spooftooph Tkiptun-ng Wesside-ng Wifi Honey wifiphisher Wifitap Wifite wpaclean Forensics Tools Binwalk bulk-extractor Capstone chntpw Cuckoo dc3dd ddrescue DFF diStorm3 Dumpzilla extundelete Foremost Galleta Guymager iPhone Backup Analyzer p0f pdf-parser pdfid pdgmail peepdf RegRipper Volatility Xplico Web Applications apache-users Arachni BBQSQL BlindElephant Burp Suite CutyCapt DAVTest deblaze DIRB DirBuster fimap FunkLoad Gobuster Grabber hURL jboss-autopwn joomscan jSQL Maltego Teeth PadBuster Paros Parsero plecost Powerfuzzer ProxyStrike Recon-ng Skipfish sqlmap Sqlninja sqlsus ua-tester Uniscan Vega w3af WebScarab Webshag WebSlayer WebSploit Wfuzz WPScan XSSer zaproxy Stress Testing DHCPig FunkLoad iaxflood Inundator inviteflood ipv6-toolkit mdk3 Reaver rtpflood SlowHTTPTest t50 Termineter THC-IPV6 THC-SSL-DOS Sniffing & Spoofing Burp Suite DNSChef fiked hamster-sidejack HexInject iaxflood inviteflood iSMTP isr-evilgrade mitmproxy ohrwurm protos-sip rebind responder rtpbreak rtpinsertsound rtpmixsound sctpscan SIPArmyKnife SIPp SIPVicious SniffJoke SSLsplit sslstrip THC-IPV6 VoIPHopper WebScarab Wifi Honey Wireshark xspy Yersinia zaproxy Password Attacks acccheck BruteSpray Burp Suite CeWL chntpw cisco-auditing-tool CmosPwd creddump crowbar crunch DBPwAudit findmyhash gpp-decrypt hash-identifier Hashcat HexorBase THC-Hydra John the Ripper Johnny keimpx Maltego Teeth Maskprocessor multiforcer Ncrack oclgausscrack ophcrack PACK patator phrasendrescher polenum RainbowCrack rcracki-mt RSMangler SQLdict Statsprocessor THC-pptp-bruter TrueCrack WebScarab wordlists zaproxy Maintaining Access CryptCat Cymothoa dbd dns2tcp http-tunnel HTTPTunnel Intersect Nishang polenum PowerSploit pwnat RidEnum sbd shellter U3-Pwn Webshells Weevely Winexe Hardware Hacking android-sdk apktool Arduino dex2jar Sakis3G smali Reverse Engineering apktool dex2jar diStorm3 edb-debugger jad javasnoop JD-GUI OllyDbg smali Valgrind YARA Reporting Tools CaseFile cherrytree CutyCapt dos2unix Dradis KeepNote MagicTree Metagoofil Nipper-ng pipal RDPY Edited December 10, 2017 by i8igmac Quote Link to comment Share on other sites More sharing options...
digip Posted December 10, 2017 Share Posted December 10, 2017 Quote every once in a while I might check the kali tools list to see what's been added or if im looking to perform a task ill check the list for tools on that subject https://tools.kali.org/tools-listing Sorry for the big paste. You literally could have just left the link instead of listing every tool(and we aren't always 100% up to date, you can use the [ apt search ] feature to find a lot of things that might already be in there not listed on the site, or just for general purpose linux tools and programs you may need, like say, Chromium vs default FF. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted December 10, 2017 Share Posted December 10, 2017 apt. Quote Link to comment Share on other sites More sharing options...
i8igmac Posted December 10, 2017 Share Posted December 10, 2017 6 hours ago, digip said: You literally could have just left the link instead of listing every tool(and we aren't always 100% up to date, you can use the [ apt search ] feature to find a lot of things that might already be in there not listed on the site, or just for general purpose linux tools and programs you may need, like say, Chromium vs default FF. yah sorry lol it needs a spoiler Quote Link to comment Share on other sites More sharing options...
lvx Posted December 10, 2017 Author Share Posted December 10, 2017 Well, it's a good reference I suppose. :P Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.