Kali Linux an Overview of Toolset
Kali Linux is a Linux Distribution used for Penetration Testing and
Security auditing, It is customized by adding more than 400 tools. These
tools is categorized in multiple groups which can be seen inside Kali
Linux drop down menu under Application menu available on top-left corner
of Kali Linux.
Information Gathering:
In this group all the tools are Reconnaissance tools used to gather
information and Data from target machine, devices, and network. These
are able to find the open ports, running services, Operating system, and
more on the target machine. To find used protocol from the identifying
device is very useful for Penetration Tester.
Vulnerability Analysis:
Tools from this group focus on evaluating target system for
Vulnerabilities. These tools is run against systems found using the
Information Gathering Reconnaissance tools. These tools are used to find
vulnerabilities for exploitation and prepare a platform for
exploitation.
Web Applications:
Tools from in this section used to find and exploit vulnerabilities
in Web Server, Web site, and Web Application. Many of tools we discussed
in the Web Penetration Testing category. However Web Application
section do not always refer lunch attacks against web servers, they may
be web-based tools for networking services is useful for Web Penetration
testing. For Example, Web proxies are available in this section.
Password Attacks:
This group of tools simply make deal with brute force or the offline
computation of password. Identify, Find, and crack the hashes is main
motive of this section. Some tools from this section is used for online
attack and some for offline attack.
Wireless Attacks:
This section of tools used to exploit vulnerabilities for wireless
protocols. 802.11 tool are found under this section, including tools for
example aircrack, airmon, and wireless password cracking tools. The
additional tools in this section are related with RFID and Bluetooth
vulnerabilities as well. Some tools used to put wireless adapter on
promiscuous mode.
Exploitation Tools:
These are tools used to exploit vulnerabilities discovered in system.
These vulnerabilities is discovered during the Vulnerability Assessment
of a target. In this group lot of tools and also some exploitation
framework. Framework is the combination of multiple tools and scripts.
Sniffing and spoofing:
These tools are used for capture, manipulate, and craft network
packets. In some cases some tools are used for spoofing MAC, IP Address
and Web sites.
Maintaining Access:
Keeping up Access tools are utilized once a decent footing is built
into a target Network or system. It is regular to discover compromised
systems having multiple snares over to the attacker to give option
courses in the occasion a vulnerability that is utilized by the attacker
is discovered and remediated.
Reverse Engineering:
These tools are utilized to disable an executable what’s more debug
programs and applications. The reason for reverse engineering is
breaking down how a system was produced so it might be duplicated,
changed, or lead to improvement of different programs. Reverse
Engineering is likewise utilized for malware investigation to figure out
what an executable does or via scientists to endeavor to discover
vulnerabilities in programming applications.
Stress Testing:
Stress Testing tools are utilized to assess the amount information a
system can deal with. Undesired results could be gotten from
over-burdening systems, for example, creating a gadget controlling
system communication to open all communication channels or a framework
closing down (otherwise called a DOS attack ).
Hardware Hacking:
in this section tools are used for controlling small electronic
devices such as mobiles. Available tools are related with android which
classified as mobile, and Ardunio tools.
Forensics :
Tools are this section is used for monitor, analyze computers, network traffics and programs etc.
Reporting Tools:
These tools are used to send information to the targeted organization found during the Penetration Testing.
System Services:
This is the place where Kali services can be disabled and enabled.
Services for example BeEF, Dardis, HTTP, Metasploit, MYSQL, and SSH.
