I am often asked what tools I use during my pentesting, so I decided to share a list of the eight tools that I use every pentest. You might be surprised what is listed, since most of them aren’t mentioned often when discussing hacker tools.
So, in no certain order, the eight tools I use in every pentest are…
To give reason to this list, let’s start with netcat and openSSL – these two tools are used to verify banners from vulnerability scans, as well as trying to identify unknown protocols. Pretty straight forward, but essential tasks.
I primarily use Nmap as a vulnerability scanner, not just to identify targets. The “-A” option is a must-use flag that adds additional depth to output from better-known vulnerability scanners, like openVAS (also on my list – seems to be more up-to-date than some of the others… plus I’m a firm believer in open source projects; they have propelled this industry farther along than any commercial software ever has).
I also use nikto and Burp Suite to find things missed. I cannot count how many times Burp Suite saved my butt during a pentest – the one commercial product I buy with my own money.
That leaves ettercap and tcpdump, which only belong in the list when conducting internal pentests. If you aren’t conducting ARP spoofing attacks, you aren’t doing an in-depth pentest. Soooo much traffic crosses the wire that it’s inevitable to capture sensitive data.
Naturally, there are some tools that I use most of the time (e.g. Metasploit, JTR, medusa, etc.), but not every time… hence the exclusion from the list.
Now that I listed my top eight, I have to say I’m stuck in my ways, and there are probably tools I’m ignoring. Let me know what you think should be added to this list of must-use hacker tools. I may be old, but I can still learn new tricks.