Top 5 Kali Linux Pentest tools for WiFi/network and exploits
Aircrack is quite a useful tool. It focuses on several aspects of wifi connected security and breaking into Wifi for certain encryptions as well.
For monitoring Aircrack provides: Capturing of packets and export of that data to text files for further processing.
For Cracking: It can focus on relatively straightforward cracking of WEP and WPA PSK (WPA 1 & 2)
For Testing: Checking of WiFi cards and driver capabilities for capturing data and injection of data.
For Attacks for testing: Replay attack, de-authentication, fake access points, and other attacks done via packet injections.
It’d like to add this one as part of the same set of duo tools. In comparison to some other tools, this one provides quite a bit functionality through its GUI interface, which makes it a lot more convenient.
Since a lot of features are quite similar to aircrack’s I’m attaching a quote from Fern Github page to emphasize similarities and differences in features of the tool:
WEP Cracking with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack
WPA/WPA2 Cracking with Dictionary or WPS based attacks
Automatic saving of key in database on successful crack
Automatic Access Point Attack System
Session Hijacking (Passive and Ethernet Modes)
Access Point MAC Address Geo Location Tracking
Internal MITM Engine
Bruteforce Attacks (HTTP,HTTPS,TELNET,FTP)
I think no coverage of tools in pentesting can be complete without at least mentioning Metasploit framework.
The extensive suite contains a huge amount of exploits and modules for analysing monitoring , creating payloads, etc.
Therefore better then listing some features it would be to explore their exploit database.
You can explore it HERE on rapid7 website.
This is a tool that is quite a bit connected to Metasploit framework as well. It’s making it easier to use Metasploit framework, with visualisations of targets, recommendation of exploits and and exposure of advanced post-exploitation tools,snippets of the framework. For easier usage and depending on where you use it, I seriously suggest at least skipping through their manual. In short, hacking with ‘sploits, made easier.
Another network tool, even though this one isn’t meant for a direct effect like Fern tool, or Metasploit framework, but it is a very necessary tools for pentesters and ethical hackers a like. It aids in defining and understanding your target network, to uncover the host behind, services, OS that’s running on, what firewalls are enabled and filters. All of that is basically done with analysis of raws IP packets, and making a more logical output out of that to help you in determining attack vectors.