7 pentesting tool Ubuntu, let's see how to install them

You are aspirants pentesters, you already have in mind to switch to Linux distributions like Kali Linux, Backtrack, BackBox, but don't know where to start? First of all, (if you come from Windows) you should have a thorough knowledge of the Linux Kernel, since the Kali Linux, Backtrack and BackBox distributions have Kernels entirely dedicated to them, and require a medium-high knowledge of Linux, so I would say to start with Linux Ubuntu.

Today I will explain to you how to install 7 basic tools for a hacker:

  1. Metasploit Framework (msf)
  2. Armitage
  3. Aircrack-ng (Airodump-ng; Aireplay-ng; Airmon-ng etc ...)
  4. Sql Map (Sql Injection)
  5. Social-Engineering toolkit (set)
  6. LOIC (Low Orbit Ion Cannon Capable of slowing down a site's host and, if not worse, crashing it)
  7. nmap (Scan services Host)

1. First tool: Metasploit Framework

(you must first install PostgreSQL 9.1 => then write in the terminal sudo apt-get install postgresql, then service postgresql start)

Metasploit framework, in my opinion the best open-source computer security tool (it has more than 500 Exploit / 400 Payload / 100 Auxiliary / 50 encoders) that everyone should know

How to Install Metasploit Framework:

Let's connect to the site: http://www.rapid7.com/products/metasploit/download.jsp so let's go to the bottom to find Metasploit Framework and select Linux (32 or 64 bit depending on your system)

once downloaded we open the terminal and type:

cd Download sudo chmod + x (filename) .run sudo ./(namefile).run

Now a window like this will appear:

msf

then the metasploit setup will take you through the installation. You will be asked to accept the contract, set an empty folder (preset: / opt / metasploit), set up a port for Metasploit services. You can start Metasploit with the following commands

sudo -s service postgresql start service metasploit start msfconsole

2. We install Armitage

If Metasploit and its terrifying shell frighten you, there's a solution: it's called Armitage and it works with Java

(we install java from Ubuntu Software Center: OpenJDK)

Armitage is an intelligent software that is based on Metasploit: Armitage has a graphical interface that allows you to scan the host and analyze its effective attacks on that type of Host, very convenient for those who begin to explore this world.

let's go upstairs http://fastandeasyhacking.com/download and click on .tgz

now we open the terminal and type:

cd Download sudo tar -zxvf armitage20140227.tgz sudo mv armitage / opt / metasploit cd / opt / metasploit / armitage sudo ./armitage

Aha

now just click on connect, then ask us to activate the MSF server we give Yes

finally here is how the screen will look

ahah1

3. Aircrack-ng: crack of WPA / WPA2 / WEP wi-fi networks

We open the terminal and type

Sudo apt-get install aircrack-ng

and the game is done, very simple

4. sqlMap

Come on http://sqlmap.org

and we go to download and select here in blue, then the download will start automatically, then we open the terminal and execute the command

cd Download sudo tar -zxvf (filename) .tar.gz cd / home cd .. mkdir pentest cd / home / (yourusername) / Downloaded mv (compacted filename) / pentest rn filename sqlmap

then type again:

cd / pentest / sqlmap

(python is required to execute sqlmap)

finally we write:

python sqlmap.py

(which must be set according to some values)

gg

5. Little known but very powerful: SET

Set is a small program (always from a terminal) widely used in social engineering, it is able to clone pages (facebook logins, bank sites, twitter etc ...), send phishing emails and much more

now we open the terminal and type

cd Downloaded

and then we copy and paste:

git clone https://github.com/trustedsec/social-engineer-toolkit/ set /

so we should get a folder called set

now let's move it to the pentest folder

then:

mv set / pentest

then to enter and use set:

cd / pentest / set

(this also requires python)

to run set type

python setoolkit

ggii

6.LOIC, the most powerful DoS attack program

Used by Anonymous against scientology and American sites of great importance against computer piracy LOIC is a tool downloaded by more than 50000 people and if it falls into the wrong hands it is a real nightmare for IT administrators around the world, it is able to tear apart a website and run out of host resources.

Let's see how it installs: (you must first download git-core and monodevelop from apt-get to run loic)

cd Desk mkdir loic cd loic wget https://raw.github.com/nicolargo/loicinstaller/master/loic.sh chmod a + x loic.sh ./loic.sh install ./loic.sh run

now loic is ready!

Next time to do it you just need to do these 3 commands:

cd Desk
cd loic
./loic.sh run

(don't close the terminal)

7.Last but not least Nmap

Last but one of those of fundamental importance, Nmap allows to have a "view" let's call it the host to attack, in fact it analyzes:

  • Operating system in use
  • Services
  • doors

to install it, simply write in the terminal

sudo apt-get install nmap

I hope you enjoyed this guide, and good luck with your future at Hackers!

Receive the latest posts by email

Enter the email and choose the inscriptions on the new page

InTheBit.it
Added devices
  • Compare Smartphone (0)
  • Compare Notebook (0)
Compare