
In addition to the Linux terminal (command line), Kali Linux provides numerous security-hacker tools. Below are the top 25 Kali Linux tools (with key tools used in entry level Capture-the-Flag competitions in bold):
- 1. Nmap – network mapping tool
- 2. Netcat – network exploration application
- 3. Unicornscan – info gathering and data correlation
- 4. Fierce – network mapping and port scanning
- 5. OpenVAS – network vulnerability tool
- 6. Nikto – full web server scans for vulnerabilities
- 7. WPScan – audit WordPress install security
- 8. CMSMap – scan WordPress, Joomla, Drupal, and Moodle.
- 9. Fluxion – WiFi analyzer specializing in MITM WPA attacks.
- 10. Aircrack-ng – Suite of wireless packet analyzer, cracker, and auditing tools.
- 11. Kismet Wireless – Wireless LAN analyzer, sniffer and IDS
- 12. Wireshark – Network pactet analyzer
- 13. John the Ripper – password testing and cracking tool
- 14. THC Hydra – brute force crack remote authentication services
- 15. findmyhash – password cracking tool (multiple hashes types)
- 16. RainbowCrack – password cracking using large pre-computed “rainbow tables”
- 17. Metasploit Framework – develop, test and execute exploits against remote hosts.
- 18. Social Engineering Toolkit – tools for Social-Engineering attacks
- 19. BeEF – The Browser Exploitation Framework ; test browser vulnerabilities
- 20. Yersinia – L2 attacks in different network protocols.
- 21. DHCPig – launch an advanced DHCP attack to consume all active IPs on the LAN
- 22. FunkLoad – web-stress tool that works by emulating a fully functional web browser
- 23. SlowHTTPTest – web-stress applications used to launch DOS attacks
- 24. Inundator – IDS evasion security tool designed to be anonymous
- 25. t50 – load test how your websites, servers and networks