Types of Network Security Tools

Hey Amazing Hackers, welcome back to my blogpost today I am going to cover about some sniffing tools and how hackers do use those tools thus lets get started.

As we know previously, how attackers generally target websites or databases or organizational networks by first gathering information on their weaknesses. Attackers choose appropiate tools for the class of attack they desire to launch and based on the weaknesses discovered at the target sites or networks already assesed. This will a huge topic however, I just wanted to cover briefly lets move on Information Gathering section.

Information Gathering tools

The first step an attacker would take before launching an attack is to understand the environment where the attack is to be launched ( of course it is recommend if you were to launch such attacks without knowing the environment you probaly would have been catched :) ) to do so, attackers initially gather information about the network such as the number of machines, operating system, version, databases etc…

Sniffing Tools

So we know how we get started to launch an attack but we will have to use some sniffing tools to access and knowing the environment thus an efficient sniffing tool is capable of capturing examining,analyzing and visualizing packets or frames traversing the network it will be really handy to use such a tool to be accessed into their system

A) tcpdump:

this is a premier packet analyzer for security professionals. It enables the analyst to capture, save, and view packet data. This tool can also be used by a third-party softwares.

B) Ethereal:

this is a multi platform sniffer and traffic analyzeer. This tool includes two libraries i) GTK+, a GUI-based-library and ii) libcap, a packet capture and filtering library. Ethereal is capable of reading tcpdump output and can apply tcpdump filters to select and display records.

C) Net2cap:

This is a simple tool to transform packet traffic in a hostile environment. It does not use any library during the transforms.

D) Snoop:

This is a Linux tool almost similiar to tcpdump. However its file format differs from the pcap format, and is defined in RFC 1761. Its provision of writing to an intermediate file avoids

E) Snort:

This is a lightweight, yet poweful misuse detection tool. Snort is flexible and runs on multiple platforms. To capture traffic and to detect misuse. (It is not for beginner friendly the configuration is not being flexible, it can differ however)

F) Angst:

This is a Linux and OpenBSD-based active packet sniffer. It allows one to capture data by injecting data into switched networks. Angst is able to flood a network.

G) Ettercap:

This is an effective sniffer that supports multiple platforms. Ettercap can also be used as an active hacking tools. It uses an ncurses interface, and is able to decode several protocols.

H) Dsniff:

This is a collection of tools that enable active sniffing on a network. This tool can perform man-in-the-middle attack against SSHV1 and HTTPS sessions

I) Cain & Able:

This is a multipurpose sniffer that runs on Windows NT, 2000, XP it allows for password recovery for a number of protocols, it can also be used to launch man-in-the-middle

J) ScoopLM:

This is a Windows-based sniffer to capture LM ad NTLM authentication information. Such captured information can later be used by a tool like BeatLM to crack authentication

K) IPgrab:

This tool supports network debugging at the data link, network, and transport layers. It is able to provide detailed header field information.

L) Gulp:

This is a robust tool that can capture and store voluminous network traffic from the network firehose. It overcomes the packet losss problem of tcpdump by using multiple CPUs during capture it.

Summarization

We have covered a lot of sniffing tools which have been used overall by professional security experts. It is recommended to take a look these tools which you should fillin your experiences in this. Always read and listen carefully to security experts, you will be able to learn things that you have not heard before.

Please consider to subscribe my YouTube channel for more awesome contents and of course my blogs, stay sharp and I wish you a nice hacking expedition:)

Youtube: https://Youtube.com/TurkishHoodie

Linkedin: https://www.linkedin.com/in/ahmetgöker

Ahmet Göker | malware researcher | DDOS lover:) | CTF player | Network security enthusiastic| Ethical Hacker| Purple Teamer