A simple tool for Kali Linux systems-the first unit (subsequent updates)

The original English explanation of several important directories in Linux system:

/etc/: Contains configuration Files of the installed tools

/opt/: Contains Metasploit and its relevant modules

/sys/: Contains configuration Files of external hardware and interfaces

/root/: It is the root user directory

/lib/: Contains libraries dependent on the operating system

Tool Description:

Dnsmap is a tool that can be used to discover a given domain and its associated sub-domains.

Example: Dnsmap rediff.com

　　　　Nmap is the most widely used tool used to collect information, which can be scanned out of a port where a computer has a service running on a port, or a port that is open on a host on a full network that has services running on this port.

Example: Nmap–h

Start a simple UDP scan.

Example: Nmap–su 192.168.5.0-255

Fping is used to determine whether a given host is connected to the network.

Example: fping google.com

The Sslscan is a fast SSL port scanner that connects to the SSL port.

Dsniff is a collection of tools that perform a sniffer task, which is based on interesting keywords to see the network, as well as tools such as Urlsnarf,webspy,mailsnarf in the collection.

For example: password, key transfers,e-mail.

Netsniff is a toolkit designed for the Linux platform and is often used for network development analysis, debugging, and testing.

Netsniff-ng is a fast network analyzer based on the mmap (2) mechanism, which can record. Pcap to disc, rewrite these files, and execute them either online or offline. Vulnerability Assessment Detection Tool. Used to analyze the weak points of the system. OpenVAS is an open source vulnerability scanning Tool specifically developed to exploit vulnerabilities.

Web App Penetration Testing tool

The WebScarab Proxy is an HTTP and HTTPS Proxy interceptor framework that allows users to check and modify the browser creation requirements before the browser sends them to the server. Similarly, the response from the server side can be changed by the user before the browser is displayed. The latest version of WebScarab Proxy has more advanced features such as XSS/CSRF detection,session ID analysis, fuzzing.

3 Steps to use WebScarab:

1. Start WebScarab

2. Once the WebScarab is started, the network settings of the browser must be changed, such as setting the proxy to ip:127.0.0.1 and the port number: 8008.1

Figure 1

3. Enter the WebScarab graphical user interface, click on the Proxy tab, check the interceptor requirements, make sure the GET and post requests are prominent in the left panel, and in order to intercept the response, check the response of the Interceptor to check the responses from the service. 2

Figure 2

A simple tool for Kali Linux systems-the first unit (subsequent updates)