It is known to all those who are interested in penetration testing and information security that there are stages of this process so that each stage is used tools or even the use of manual methods to reach the target or targets to be penetrated from this stage.
Of course, there are many programs and tools to help you in this process, such as tools for collecting information about the target to be penetrated from the Internet addresses (IP Addresses) and sub-domains (Sub-domains) and the data of employees who work for the target (email addresses, phone numbers , names… .etc) and other things, so that this information is used in the process of hacking such as phishing or social engineering (social engineering) and other attacks.
Also, Ports & Services Scanning Tools: These tools are used to collect information about ports on the target to be penetrated and to know the status of ports (opened, closed, filterd,… etc) in addition to knowing what services are associated with these ports and Releases of these services and other information such as operating system type and version.
Packet Analyzers / Sniffers are also used to analyze and eavesdrop on packets that are communicated over networks to analyze whether these packets contain important data that can be obtained (such as data). Access and more)
In addition to Vulnerability Scanners: These tools are used to scan web applications, systems, and networks from vulnerabilities that may exist due to software vulnerability in these applications or programs and services, so that these tools give us reports summarizing what was found And get it in the process of examination.
There are many other tools and programs, but to find out which of them and a brief explanation of each tool, I present to you today this site, which is considered as a reference such tools.This site is named "sectools.org" This site contains the most important 125 programs and tools in information security.
0 Comments