![[FCO]FreeCoursesOnline](https://onehack.us/uploads/default/original/3X/b/4/b4d2fc8468becec1e9976784dba394e5a378ec81.jpg){kind=small}
In this article, we are going to explore TOP 20 cybersecurity tools that you need to have in your arsenal.
Nmap
Scanning is one of the required steps in every attacking operation. After gathering information about a target you need to move on to another step which is scanning. If you are into information security you should have Nmap in your arsenal. Nmap (The abbreviation of Network mapper) is the most powerful network scanner. It is free and open-source. It gives you the ability to perform different types of network scans in addition to other capabilities thanks to its provided scripts. Also, you can write your own NSE scripts.
You can download it from here: https://nmap.org/download.html
Metasploit
Metasploit is the most known exploitation tool in the wild. The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is an open-source exploitation tool developed by HD Moore. If you are using Kali Linux distribution you don’t need to install it because it is already installed on your operating system. It is provided for Linux and Windows operating systems. For more information, you can visit its official website: https://www.metasploit.com/get-started
Burpsuite
If you are into web application security and maybe in the bug bounty field, you surely used Burp suite, at least the community edition version. Burpsuite is an amazing project indeed. It is widely used to test web applications. It was developed in java and maintained by PortSwigger. It provides a graphical interface with a set of many useful features and tools in order to assist you in all the mission phases including intruders, repeaters, scanners and so on. You can download the community edition from here: https://portswigger.net/burp/communitydownload
Mimikatz
Mimikatz is a powerful project written in C by Benjamin DELPY used to perform many windows security experiments including: plaintext password and hashes extraction, pass-the-hash,pass-the-ticket, Over-Pass the Hash and Kerberos Golden Ticket techniques and so on. The tool is usually used in post-exploitation phase. Mimikatz in most cases in running under interactive mode and it needs to be run as administrator. There are two architectures 32 and 64 bits. You can download Mimikatz from here: https://github.com/gentilkiwi/mimikatz
Powersploit
PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. Powersploit was developed by PowerShellMafia and it is usually used in post-exploitation. PowerSploit is comprised of the following modules and scripts including: CodeExecution, Persistence, AntivirusBypass, Exfiltration, Mayhem, Privesc and Recon. One of the most helpful scripts in Powersploit is Powerview.ps1. It is a very helpful reconnaissance script.
You can download Powersploit from here: https://github.com/PowerShellMafia/PowerSploit
Radare2
As a malware analyst, your main role is to collect all the information about malicious software and have a good understanding of what happened to the infected machines. One of the required phases to understand malicious software is reverse engineering. One of the most-known tools is Radare2. It is more than a reverse engineering tool. R2 is able to perform many other tasks. It is a console mode project that supports Linux.Radare2 contains many tools such as rabin2, radiff2,rax2, rasm2 etc… Usually, you will find it hard to learn Radare2 but after a while, you will acquire a good understanding of most of its features.
Ghidra
Another great reverse engineering tool is Ghidra. This project is open-source and it is maintained by the National Security Agency Research Directorate. Ghidra gives you the ability to analyze different file formats. It supports Windows, Linux and MacOS. You need to install Java in order to run it. The project comes with many helpful detailed training, documentation and cheat-sheets. Also, it gives you the ability to develop your own plugins using Java or Python.
Its official website is: http://ghidra-sre.org
SEToolkit
Social engineering is the art of hacking humans. In other words, it is a set of techniques (technical and nontechnical) used to get useful and sensitive information from others using psychological manipulation. One of the most powerful social engineering tools in Social Engineering Toolkit or simply SETkit. It was developed and maintained by Trustedsec to help penetration testers and ethical hackers perform social engineering attacks. To check the project official GitHub repository you can visit this link: https://github.com/trustedsec/social-engineer-toolkit
Recon-NG
Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. Recon-ng is a must-have OSINT tool. It was written in Python by lanmaster53 with many integrated modules and features. It contains 4 different categories of modules: Reconnaissance, Discovery, Reporting and experimental modules.
You can download it from here: https://github.com/lanmaster53/recon-ng
Maltego
Maltego is another OSINT tool. it is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet. Maltego uses the idea of transforms to automate the process of querying different data sources. It was developed by Paterva. It provides you with transforms to help you gather information and visualize them. You can download the free edition from here: https://www.paterva.com/downloads.php
Sublist3er
When performing web reconnaissance, one of the required steps is finding the web application subdomains. In order, to automate that you can simply use a great tool called “Sublist3r”. The project is written in python by aboul3la and it enumerates the website subdomains using many search engines including Google, Bing, Baidu and many other services such as: VirusTotal, DNSdumpster and so on.
You can download Sublist3r from here: https://github.com/aboul3la/Sublist3r
Dirsearch
As its name indicates, Dirsearch is a powerful tool that helps you find paths of a target website. It was developed by maurosoria and it supports Windows, Linux and MacOS. The great thing about Dirsearch is that it uses multithreading, support many extensions, keeps live connections and reports using different formats such as text and JSON.
You can download Dirsearch from here: https://github.com/maurosoria/dirsearch
OpenVAS
Vulnerability is a known weakness or a gap in an asset. As an information security professional, you are going to deal with vulnerabilities and vulnerability scanners in many cases. OpenVAS will help you do that. It is a powerful vulnerability scanner written in C with more than 50k vulnerabilities. It is maintained by Greenbone Networks since 2009.
Its official website: http://www.openvas.org
Wireshark
Communication and networking are vital for every modern organization. Making sure that all the networks of the organization are secure is a key mission. The most suitable tool that will help you monitor your network is definitely Wireshark. Wireshark is a free and open-source tool to help you analyse network protocols with deep inspection capabilities. It gives you the ability to perform live packet capturing or offline analysis. It supports many operating systems including Windows, Linux, MacOS, FreeBSD and many more systems.
You can download it from here: https://www.wireshark.org/download.html
ZAP
Zed Attack Proxy or simply ZAP is an open-source tool used to help information security professional to scan websites in order to find vulnerabilities. It is under Apache license. It is maintained by many volunteers and support by the open web application project known as OWASP. It acts as a man-in-the-middle proxy. Thus you need to configure your browser in order to use it.
You can download it from here: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
John the Ripper
John the Ripper is a free and open-source project developed by OpenWall. It is the fastest password cracker. It can be run on different operating systems. It uses many cracking models to perform its job. It is under the GPL v2 license.
Its official website is: https://www.openwall.com/john/
Dradis
Reporting is a very important phase in information security. Acquiring good writing skills is a must. Dradis Framework is a reporting and collaboration framework for information security professionals. It is cross-platform and open-source. It can be integrated with more than 19 other platforms and tools.
Its official website: https://dradisframework.com/ce/
Volatility
Memory malware analysis is widely used for digital investigation and malware analysis. It refers to the act of analyzing a dumped memory image from a targeted machine after executing the malware to obtain multiple numbers of artifacts including network information, running processes, API hooks, kernel loaded modules, Bash history, etc. Volatility is the most suitable tool to do that. It is an open-source project developed by volatility foundation
. It can be run on Windows,Linux and MacOS. Volatility supports different memory dump formats including dd, Lime format, EWF and many other files.
You can download Volatility from here: https://github.com/volatilityfoundation/volatility
Autopsy
Digital forensics is one of the most interesting fields in information security. A digital forensics computer needs to be equipped with many DF tools. One of the most used tools in digital forensics is for sure Autopsy. It is a graphical interface project based on the Sleuth Kit to help forensics experts investigate volumes and file systems.
You can download Autopsy from here: http://www.sleuthkit.org/autopsy/
Bloodhound
This tool is a one-page web application that uses graph theory to draw the relationship within active directory environments. Active Directory plays an important role in many modern organizations and institutions. Communication is a critical aspect for business, and a directory service is a wise choice because it acts as a single container point for all the required information. Active Directory is based on client/server architecture.
This project was developed by @_wald0, @CptJesus, and @harmj0y and it helps hackers to identify attack paths and also to secure them.
You can download it from here: https://github.com/BloodHoundAD/BloodHound
What are your favorite security tools?.
