AudioMack’ Debut to reward Music lovers

COOL KALI LINUX COMMANDS ALL HACKERS SHOULD KNOW 

For simplicity of reference, we'll partition the most-utilized programming of Kali Linux into five unmistakable classifications: data gathering, weakness examining, remote investigation apparatuses, secret phrase saltines, double-dealing instruments and stress testing.

1. NMAP

Nmap is the world's most well known network mapper instrument. It permits you to find dynamic hosts inside any organization, and procure other data (like open ports) applicable to infiltration testing.

Fundamental highlights:

Have revelation: valuable for distinguishing has in any organization

Port examining: allows you to identify open ports on the neighborhood or remote host

Operating system identification: valuable for bringing working framework and equipment data about any associated gadget

Application adaptation identification: permits you to decide application name and rendition number

Scriptable collaboration: broadens Nmap default capacities by utilizing Nmap Prearranging Motor (NSE)

[securitytrails@kali root]$ nmap --help Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 -iL <inputfilename>: Input from list of hosts/networks -iR <num hosts>: Choose random targets --exclude <host1[,host2][,host3],...>: Exclude hosts/networks --excludefile <exclude_file>: Exclude list from file HOST DISCOVERY: -sL: List Scan - simply list targets to scan -sn: Ping Scan - disable port scan -Pn: Treat all hosts as online -- skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] --dns-servers <serv1[,serv2],...>: Specify custom DNS servers --system-dns: Use OS's DNS resolver --traceroute: Trace hop path to each host

2.LYNIS

Lynis is presumably one of the most over the top total apparatuses accessible for network protection consistence (for example PCI, HIPAA, SOx), testing, framework solidifying, and framework evaluating. That is the reason it's remembered for this Kali Linux apparatuses list.

Given its tremendous capacities, Lynis likewise fills in as an extraordinary weakness scanner and entrance testing stage.

Its fundamental highlights and attributes include:

Open source

Free - with business support accessible

Simple establishment from Github storehouse

Runs in different stages (BSD, MacOS, Linux, BSD, AIX and others)

Approaches +300 security tests on the remote host

Yield report is shared on screen, including ideas, admonitions and basic security issues tracked down on the machine

3. FIERCE

Fierce is an incredible instrument for network planning and port examining. It very well may be utilized to find non-adjoining IP space and hostnames across networks.

It's like Nmap and Unicornscan, yet in contrast to those, fierce is for the most part utilized for explicit corporate organizations.

When the entrance analyzer has characterized the objective organization, Furious will run a few tests against the chose spaces to recover important data that can be utilized for later examination and double-dealing.

Its elements include:

Capacity to change DNS server for turn around queries

Interior and outside IP ranges checking

IP reach and whole Class C filtering

Logs capacities into a framework record

Name Servers disclosure and Zone Move assault

Animal power abilities utilizing worked in or custom text listThat 

OPENVAS

OpenVAS (Open Vulnerability Assessment System) was developed by part of the team responsible for the famous Nessus vulnerability scanner. Licensed under the GLP license, it's free software that anyone can use to explore local or remote network vulnerabilities.

This security tool allows you to write and integrate your own security plugins to the OpenVAS platform — even though the current engine comes with more than 50k NVTs (Network Vulnerability Tests) that can literally scan anything you imagine in terms of security vulnerabilities.

Main features:

• Simultaneous host discovery
• Network mapper and port scanner
• Support for OpenVAS Transfer Protocol
• Fully integrated with SQL Databases like SQLite
• Scheduled daily or weekly scans
• Exports results into XML, HTML, LateX file formats
• Ability to stop, pause and resume scans
• Full support for Linux and Windows

SKIPFISH

Another worthy addition to our kali linux tools list is Skipfish. This tool is similar to WPScan, but rather than focusing on WordPress only, Skipfish scans a large amount of web applications, serving as a great auditing tool for crawling web-based data, and gives you a quick insight into how insecure your app is.

With its recon capabilities, it performs a recursive crawl and dictionary-based tests over all your URLs, creating a digital map of security checks along with the results for each one of them.

Notable Skipfish features include:

• High-speed security checks (200+ requests per second)
• Easy to use
• Automated learning capabilities
• Low false positive ratio
• Differential security checks

FLUXION

Fluxion is a WiFi analyzer that specializes in MITM WPA attacks.

It allows you to scan wireless networks, searching for security flaws in corporate or personal networks.

Unlike other WiFi cracking tools, Fluxion does not launch any brute force cracking attempts that usually take a lot of time.

Instead, it spawns an MDK3 process which forces all users connected to the target network to deauthenticate. Once this is done, the user is prompted to connect to a fake access point, where they will enter the WiFi password. Then the program reports the password to you, so you can gain access.

AIRCRACK-NG

Aircrack-ng is a wireless security software suite. It consists of a network packet analyzer, a WEP network cracker, and WPA / WPA2-PSK along with another set of wireless auditing tools. Here are the most popular tools included in the Aircrack-ng suite:

• Airmon-Ng: converts your wireless card into a wireless card in a promiscuous way
• Airmon-Ng: captures packages of desired specification, and t is particularly useful in deciphering passwords
• Aircrack-Ng: used to decrypt passwords — able to use statistical techniques to decipher WEP and dictionaries for WPA and WPA2 after capturing the WPA handshake
• Aireplay-Ng: can be used to generate or accelerate traffic in an access point
• Airdecap-Ng: decrypts wireless traffic once we the key is deciphered

Main features:

• Support for WEP, WPA/WPA2-PSK passwords
• Fast WEP and WPA password decryption
• Packet sniffer and injector
• Ability to create a virtual tunnel
• Automated WEP key password recovery
• Password list management

[securitytrails@kali root]$ aircrack-ng Aircrack-ng 1.2 rc4 - (C) 2006-2015 Thomas d'Otreppe http://www.aircrack-ng.org usage: aircrack-ng [options] <.cap / .ivs file(s)> Common options: -a <amode> : force attack mode (1/WEP, 2/WPA-PSK) -e <essid> : target selection: network identifier -b <bssid> : target selection: access point's MAC -p <nbcpu> : # of CPU to use (default: all CPUs) -q : enable quiet mode (no status output) -C <macs> : merge the given APs to a virtual one -l <file> : write key to file

WIRESHARK 

Wireshark is an open source multi-platform network analyzer that runs Linux, OS X, BSD, and Windows.

It's especially useful for knowing what's going on inside your network, which accounts for its widespread use in government, corporate and education industries.

It works in a similar manner as tcpdump, but Wireshark adds a great graphical interface that allows you to filter, organize and order captured data so it takes less time to analyze. A text-based version, called tshark, is comparable in terms of features.

Main features include:

• GUI-friendly interface
• Packet live capture and offline analysis
• Full protocol inspection
• Gzip compression and decompression on the fly
• Full VoIP analysis
• Decryption support for IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
• Reading capture file formats such as tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog and many others

THC HYDRA

THC Hydra is a free hacking tool licensed under AGPL v3.0, widely used by those who need to brute force crack remote authentication services.

As it supports up to more than 50 protocols, it's one of the best tools for testing your password security levels in any type of server environment.

It also provides support for most popular operating systems like Windows, Linux, Free BSD, Solaris and OS X.

Main features:

• Ultrafast password cracking speed
• Runs on multiple operating systems
• Ability to launch parallel brute force cracking attacks
• Module-based application allows you to add custom modules
• Support for multiple protocols such as CVS, FTP, HTTP, HTTPS, HTTP-Proxy, IMAP, IRC, LDAP, MS-SQL, MySQL, etc.

METASPLOIT FRAMEWORK

Metasploit Framework is a Ruby-based platform used to develop, test and execute exploits against remote hosts. It includes a full collection of security tools used for penetration testing, along with a powerful terminal-based console — called msfconsole — which allows you to find targets, launch scans, exploit security flaws and collect all available data.

Available for Linux and Windows, MSF is probably one of the most powerful security auditing tools freely available for the infosec market.

What can you do with Metasploit Framework?

• Network enumeration and discovery
• Evade detection on remote hosts
• Exploit development and execution
• Work with the MFSconsole
• Scan remote targets
• Exploit vulnerabilities and collect valuable data