The Absolute Essentials in Cybersecurity Software

TLDR: Showcasing the best tools I’ve used over the years for website hacking, social engineering, and even making some serious $$$

Cybersecurity has tons of applications, whether it’s basic remote pen-testing, on-site hacking with hardware, or decent digital operational security (OpSec). It’s important to have the right tools going into just about anything involving hacking for maximum results, and I’ve linked an article involving the best hardware I’ve used.

In this post, I’m going to review my top tools in cybersecurity software for pen-testing. If you’ve already heard of some of them, let me know in the comments and feel free to add any suggestions.

Kali Linux

Kali Linux is one of the best platforms when it comes to hacking, as it contains a plethora of different pen-testing materials and capabilities. Most of the tools listed on this list are contained in the recent build of Kali, or can be downloaded easily onto it. If you’re new to cybersecurity, I highly recommend downloading the latest VirtualBox or VMware build and loading it onto a virtual machine. This will help greatly when experimenting with other tools, as MacOS isn’t really geared toward most of the tools (even if it is Unix-based), and Windows is atrocious to use for pen-testing if you don’t know what your’e doing.

Metasploit

Metasploit is a great tool for generating payloads and listeners for remote exploits. Owned by Rapid7, a computer security company based in Massachusetts, the tool is used to find and exploit vulnerabilities in websites, personal computers, servers, and all sorts of things on the internet. It’s open source, has smart-generated payloads, and is a go-to for hackers worldwide. I’ve used it many times, and as it’s updated constantly I likely will continue to use it. The UI is great and the payloads are very advanced, so if you haven’t checked it out it’s definitely worth your time.

Nmap

Easily one of the top network scanners out there, Nmap is a free tool used to do advance pings on your network or another network to determine hosts, and the services they’re currently using. This is an essential tool for pen-testing just about anything, especially networks if there are outdated devices connected with possible vulnerabilities. It’s free, widely used, and has great results. I can’t think of a reason not to take a look if you’ve never heard of it, and if you have, there’s always more to learn. Check out this post for more information on Nmap commands →

Aircrack-ng

If you’re into hacking anything wireless or wifi-related, aircrack-ng is a top tool. Mostly used for pen-testing in evil-twin, de-authentication, and password cracking attacks, Aircrack-ng is an essential tool for your hacking toolbox. It’s best combined with a good wifi card that supports both monitor mode and packet-injection, and I’ve got my two favorites (one is 2.4GHz and the other 2.4GHz and 5GHz) on my post relating to physical hacking tools. Here’s an awesome article to use as a hacking guide once you’ve obtained one of those wifi cards →

Wireshark

This tool is also used frequently by hackers, as it makes sniffing valuable network traffic easier than ever. It’s essentially required to have one of those wifi cards in order to use it, but it’s well worth it. Insecure forms can transmit cleartext passwords, IP addresses, device names, and lots more information. If you’ve got a bit of range on your card, you can sniff even more traffic and intercept anything transmitted over http, which can be security camera video feed, unencrypted messages, and also can be used in combination with Nmap for more information about network devices.

As of right now, those are absolutely the most essential software tools to use. Make sure to check out any linked articles, as they go further into detail to help your understanding and give you better results. I’ll likely be editing and adding more and more tools, but understanding one tool well is better than knowing what three different tools are capable of.

I hope this article was informative, and even if you knew all of these tools, the articles provided some useful info. If you enjoyed this type of cybersecurity/computer science post, check out The Gray Area.

Sign up for a Medium membership using my referral link to access all of my posts, plus every other article on Medium. It’ll give me a small share with no extra cost to you so that I can continue to make content. Thanks!