This free tool is ideal for password cracking. It was created to detect weak UNIX passwords, and can be used on DOS, Windows, and Open VMS.
The Metasploit Framework is open-source, and Metasploit Pro is a commercial offering, with a 14-day free trial. Metasploit is geared towards penetration testing, and ethical hackers can develop and execute exploit codes against remote targets.
14. Aircrack-Ng
Wireless network use is rising, so it’s becoming more important to keep Wi-Fi secure. Aircrack-Ng offers ethical hackers an array of command-line tools that check and evaluate Wi-Fi network security. Aircrack-Ng is dedicated to activities such as attacking, monitoring, testing, and cracking. The tool supports Windows, OS X, Linux, eComStation, 2Free BSD, NetBSD, OpenBSD, and Solaris.
Among its features:
- Supports exporting data to text files
- It can crack WEP keys and WPA2-PSK, and check Wi-Fi cards
- Supports multiple platforms
15. Wireshark
Wireshark is a great hacking software for analyzing data packets and can also perform deep inspections of a large number of established protocols. You can export analysis results to many different file formats like CSV, PostScript, Plaintext, and XML.
Features:
- Performs live captures and offline analysis
- Cross-platform support
- Allows coloring rules to packet lists to facilitate analysis
- It’s free
16. OpenVAS
The Open Vulnerability Assessment Scanner is a fully featured tool performs authenticated and unauthenticated testing and performance tuning. It is geared towards large-scale scans.
OpenVAS has the capabilities of various high and low-level Internet and industrial protocols, backed up by a robust internal programming language.
17. SQLMap
SQLMap is an open-source hacking software that automates detecting and exploiting SQL Injection flaws and taking control of database servers. You can use it to connect directly with specific databases. SQLMap completely supports a half-dozen SQL injection techniques (Boolean-based blind, error-based, stacked queries, time-based blind, UNION query-based, and out-of-band).
SQLMap’s features include:
- Powerful detection engine
- Supports executing arbitrary commands
- Supports MySQL, Oracle, PostgreSQL, and more.
18. Ettercap
Ettercap is a free tool that is best suited for creating custom plug-ins.
Among its features:
- Content filtering
- Live connections sniffer
- Network and host analysis
- Active and passive dissection of a lot of protocols
19. Maltego
Maltego is a tool dedicated to link analysis and data mining. It comes in four forms: The free Community version, Maltego CE; Maltego Classic, ; Maltego XL, , and the server products like Comms, CTAS, and ITDS, . Maltego is best suited to working with very large graphs.
Its features include:
- Support for Windows, Linux, and Mac OS
- Performs real-time information gathering and data mining
- Displays results in easy-to-read graphics
20.Fortify WebInspect
Fortify WebInspect is a hacking tool with comprehensive dynamic analysis security in automated mode for complex web applications and services.
- It is used to identify security vulnerabilities by allowing it to test the dynamic behavior of running web applications.
- It can keep the scanning in control by getting relevant information and statistics.
- It provides Centralized Program Management, vulnerability trending, compliance management, and risk oversight with the help of simultaneous crawl professional-level testing to novice security testers.