- Becoming the Hacker
- Adrian Pruteanu
- 342字
- 2021-06-11 13:38:51
The tester's toolkit
The penetration testing tools used vary from professional to professional. Tools and techniques evolve every day and you have to keep up. While it's nearly impossible to compile an exhaustive list of tools that will cover every scenario, there are some tried-and-true programs, techniques, and environments that will undoubtedly help any attacker to reach their goal.
Kali Linux
Previously known as BackTrack, Kali Linux has been the Linux distribution of choice for penetration testers for many years. It is hard to argue with its value, as it incorporates almost all of the tools required to do application and network assessments. The Kali Linux team also provides regular updates, keeping not only the OS but also the attack tools current.
Kali Linux is easy to deploy just about everywhere and it comes in many formats. There are 32-bit and 64-bit variants, portable virtual machine packages, and even a version that runs on the Android OS:

Figure 1.2: A fresh instance of the Kali Linux screen
Kali Linux alternatives
One alternative or supplement to Kali Linux is the Penetration Testing Framework (PTF) from the TrustedSec team and it is written in Python. This is a modular framework that allows you to turn the Linux environment of your choice into a penetration testing toolset. There are hundreds of PTF modules already available, and new ones can be quickly created. PTF can also be run on Kali to quickly organize existing tools in one location.

Figure 1.3: The PTF interactive console
Another well-established alternative to Kali Linux is BlackArch, a distribution based on Arch Linux that includes many of the tools bundled with other penetration testing distributions. BlackArch has many of the tools that testers are familiar with for network testing or application assessments, and it is regularly updated, much like Kali Linux. For Arch Linux fans, this is a welcome alternative to the Debian-based Kali distribution.

Figure 1.4: The main BlackArch screen
BlackArch is available in many formats on https://blackarch.org.
- Extending Symfony2 Web Application Framework
- 科技安全:戰略實踐與展望
- Securing Blockchain Networks like Ethereum and Hyperledger Fabric
- Web安全與攻防入門很輕松(實戰超值版)
- Python Penetration Testing Cookbook
- Kali Linux Wireless Penetration Testing Cookbook
- 網絡安全技術與實訓(第4版)(微課版)
- Advanced Penetration Testing for Highly:Secured Environments(Second Edition)
- End to End GUI Development with Qt5
- 無線傳感器網絡安全與加權復雜網絡抗毀性建模分析
- Mastering Malware Analysis
- INSTANT Kali Linux
- 數字銀行安全體系構建
- 一本書讀透金融科技安全
- 數據恢復技術深度揭秘