So... Let's get started... Before I start the class, I hope you guys will follow my instructions to get the latest pentest tools both from sources and from repositories.
NOTE: AT NOW, MY INSTRUCTION ARE FOR DEBIAN-BASED-LINUX USERS. IF YOU USE ANY OTHER LINUX BASE DISTROS, THEN YOU HAVE TO WAIT UNTIL I UPDATE THIS POST ABOUT HOW TO FOLLOW MY CLASSES WITH NON-DEBIAN-BASED-LINUX
LIST OF TOOLS (THIS SECTION WILL BE UPDATED SOON AS I FOUND OTHER REQUIREMENTS)
1. Reconnaissance tools
- Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
- Netdiscover is an active/passive address reconnaissance tool, mainly developed for those wireless networks without dhcp server, when you are wardriving. It can be also used on hub/switched networks. Built on top of libnet and libpcap, it can passively detect online hosts, or search for them, by actively sending arp requests, it can also be used to inspect your network arp traffic, or find network addresses using auto scan mode, which will scan for common local networks.
- DIRB - URL Bruteforcer: DIRB is a Web Content Scanner. It looks for hidden Web Objects. It basically works by launching a dictionary based attack against a web server and analizing the response. DIRB main purpose is to help in web application auditing.
2. Exploitation Tools
- Metasploit is a computer security tool that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
- Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.
3. Machine Virtualization
- VMware® Workstation™ is recognized for its broad operating system support, rich user experience, a comprehensive feature set and high performance. Workstation is designed for professionals that rely on virtual machines to get their job done.
If you don't like Workstation version, you can use Player version.
- Vmware® Player Plus™ is the best way to deliver a managed desktop to all of your employees, students, contractors, partners or customers. Instead of buying and shipping hardware, simply provide Player Plus along with a virtual machine containing your standardized desktop image.
I will give you a link about guide how to install these tools.