Linux-based operating systems have a reputation for their high-security level. That’s one of the reasons why the market share for Linux has been growing. The most commonly used operating systems such as Windows are often affected by targeted attacks in…Read More
Most Linux users are well-acquainted with LibreOffice – many distributions have it pre-installed. Fewer know its powerful alternative: FreeOffice is a full-fledged office solution with full support for Microsoft Office file formats. It consists of a wo…Read More
Data recovery is often termed as a process of retrieving data that is lost. In other words, a lost data simply means the file cannot be accessed by both the user and the system. It is a nightmare that no tech-savvy would want to experience. This is bec…Read More
According to a survey, 69% of IT leaders say that open source is extremely important to an organization’s infrastructure software plans.Open source has come a long way in the past 20 years. Back in 2001, Microsoft’s CEO Steve Ballmer famously labeled L…Read More
The trends of the open-source world are constantly changing and so are the open-source skills. According to a report shown by the open-source foundation in the year 2018, there is an increasing demand for employees that are open-source savvy. It also r…Read More
You have probably seen the abundance of smart homes and how they make life easier. These smart homes have been made possible by the Internet of Things and can help users turn lights on and off or play music just by the command of your voice.To make thi…Read More
Any personalized character associated with a group of companies, a corporation, entity, or team is called a mascot. Ever came to think of it how some of the world’s most recognizable brands, all have a mascot. Figures like The Michelin Man, Mr. Peanut,…Read More
Open-source is taking the world by storm due to its unprecedented ability to unite developers and create a sense of community among programmers. It seems like everyone is ready to embrace the open-source mindset these days because the benefits of such …Read More
Linux distributions allow you to not only browse the web but also to work on any other necessary tasks. The Linux kernel is very flexible and it enables developers to make any modifications and contributions they want. Besides, Linux can run on any har…Read More
When it comes to prediction for Linux and open source in 2020, there are already a lot to take in to consider that 2020 will be a very eventful year in the open source community. 2020 already looks like a year with so much to offer already, so, I will …Read More
The moment an individual hears the word ‘Linux’, his mind starts thinking about the codes and complexities. Are you also one of these? If yes, then the time has come to bust the myth. Gone are the days when Linux was traditionally used just by the code…Read More
The ability to share files regardless of the physical distance and almost instantaneously is one of the greatest characteristics of the Internet. With 4.3 billion Internet users at the beginning of 2019, the amount of data transferred over the Web is a…Read More
Web browsers are vital if you’re going to have any sort of online experience on your computer. There are hundreds of choices out there, as well as the standard browser which will come pre-installed on your computer, but that’s often not the best choice…Read More
People choose Linux for a variety of reasons, be it as hobby machines, trying out new things, or due to professional requirements. It’s becoming easier than ever to use a Linux OS, with positive news coming out every day, such as Chromebooks being able…Read More
Probably many have already heard about the growing opposition of these two operating systems. The most popular Windows is gradually losing ground in the face of free software — GNU / Linux. Is this justified? Of course, I am not talking about the redis…Read More
Linux is known for being a safe and secure operating system, but it’s not impervious to attacks. As Linux gains more market share and becomes an option that large companies choose for their systems, malware creators turn their attention to creating cod…Read More
Information security specialists and sysadmins need to be sure their networks are sealed against malicious attacks. This is why the practice of penetration testing is commonly employed, to sniff out security vulnerabilities before malicious hackers. Home Linux users should also be wary about the security of their systems. There are a huge variety of tools for accomplishing this, but some stand out in the industry more than others.
In this article, we are going to highlight 9 of the best Linux-based security tools, which every pentester should be familiar with. Note this is only a list of some of the most widely used tools – if you’re interested in the latest security news, you can regularly read this website, which covers a lot of great infosec topics. Most of the tools on this list are also bundled with Kali Linux (specially designed for information security professionals, but not for home users or Linux newbies), but you can check out this literally massive list of all things related to hardware, security, programming, and other computer-related fields of interest to infosec people.
Nmap is one of the most popular tools for network mapping. You can discover active hosts within a network, and a wide range of other detection features. Nmap has functions for host discovery, port scanning, OS detection, app versions, and other scripting interactions.
Nmap is great for both beginners and veterans alike, and is compatible with a wide range of operating systems, including most of the popular Linux distros.
Unicornscan is an infosec tool used for data correlation and information gathering. Basically, it offers complex, asynchronous TCP and UDP scanning, which is useful for finding remote hosts. Furthermore, it can reveal the software driving the hosts.
Unicornscan also features TCP banner detection, custom data sets, SQL relationship output, and a handful of other functions useful to the cause.
While similar in function to Nmap and Unicornscan, Fierce is more useful for corporate network scanning. As a network mapper and port scanner, Fierce is able to discover non-contiguous IP space, and hostnames on the network.
Fierce can be used to employ tests against a selected domain, allowing you to garner valuable information. It has the ability to change DNS servers for reverse lookups, can scan entire IP ranges and Class C scans, as well as brute force attack methods with custom dictionaries.
An explicit brute force hacking tool, THC Hydra is used for brute force cracking remote authentication services. It supports over 50 protocols, including CVS, FTP, HTTP/S, IMAP, IRC, LDAP, MS-SQL, and obviously many more. As an infosec tool, it is incredibly useful for testing network password security – though of course, it is a favourite of blackhat hackers as well.
THC Hydra can launch parallel brute force attacks, and is considered one of the fastest tools for the job. It also supports custom modules, and is available for a wide range of operating systems.
John the Ripper
As a multi-platform cryptography testing tool, John the Ripper allows sysadmins to simulate brute force attacks on a network. Its main strength is in its ability to test encryptions such as SHA-1, DES, Windows LM hashes, and many others commonly found on Unix systems.
John the Ripper will also automatically change decryption methods, depending on the algorithms it detects. Aside from dictionary-based brute force attacks, the tool can also allow you to define custom letters, run automatically with crons, and it is compatible with most operating systems and architectures.
A tool for analyzing and sniffing wireless LAN networks, as well as intrusion detection. Kismet Wireless is compatible with nearly all types of network cards, and the sniffing mode can work on 802.11a/b/g/n.
It can scan for wireless encryption levels on any given AP, allows for channel hopping, and has a network logging feature. Additionally, the tool can run natively on Windows, Linux, and various BSD systems.
Infosec specialists familiar with the Ruby programming language should highly appreciate Metasploit Framework, being a Ruby-based tool. It is used for the development and execution of exploit attacks against remote targets. It’s also extremely powerful with a ton of features.
Metasploit Framework is able to evade detection on remote hosts, for starters. Secondly, it has network enumeration and discovery, can work from an MFSconsole, and scrape data. It is available for Windows and Linux.
As a network exploration tool, Netcat is fairly popular in the infosec and sysadmin industries. It’s primary function is for checking inbound / outbound network data, as well as port exploration. This sounds simple, but its potential is unlocked when used in combination with Perl, C, and bash scripts.
Netcat features TCP/UDP port analysis, reverse and forward DNS analysis, a UDP/TCP tunneling mode, and more. There are also forks of the tool which have additional features, for example OpenBSD Netcat, which has TLS support.
From the same development team that wrote the famous Nessus tool, OpenVAS is a fairly powerful pentest tool. It’s more like a toolbox, rather than an individual tool. It comes with over 50 network vulnerability tests, and you can write your own security plugins to the platform. Basically, it can scan anything you can dream of related to network vulnerabilities.
Some of OpenVAS primary features include simultaneous host discovery, full integration with SQL databases, results exporting in various formats, and the OpenVAS Transfer Protocol. It is available for Linux and Windows.
This post is written by Robert Dale