IT Security: Command Line Tools Used by Hackers and Security Testers

Verified

Added on 2020/02/23

AI Summary

This report provides an overview of command-line tools utilized by hackers and security testers for penetration testing and IT security assessments. It begins by highlighting the increasing frequency of cyberattacks, emphasizing the need for robust security measures and the vulnerability of systems to various hacking techniques. The report then details a step-by-step process of how an attack is performed, from identifying vulnerabilities to devising penetration tests. The core of the report focuses on several key command-line tools, including Metasploit for exploiting system vulnerabilities, Wireshark for network protocol analysis, Nmap for port scanning and network discovery, OclHashcat for password cracking, Nessus for vulnerability scanning, Maltego for information gathering, Social Engineer Toolkit for targeting human elements, and W3af for web application security auditing. Each tool is described, including its functionality and application in real-world scenarios, providing insights into the methods employed by both malicious actors and security professionals. The report aims to provide a comprehensive understanding of the tools used in the realm of IT security and penetration testing.

1
IT security
Name
Course
Professor
School
City
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2
Introduction
Over the past few years they have been instances in news on the Denial service attacks
particularly to the high end companies such as the Microsoft [1]. There have been hacking
attacks as well as website defacement which have occurred more frequently and this has been
happening to many businesses [1]. The time has come where individuals need to protect
themselves from any hacker. There is need to protect the infrastructure of the businesses.
Hackers are using various tools to penetrate in the window, Linux or the Mac system. These
system are always vulnerable to attack no matter how much patching is undertaken. The hackers
as well as other individuals who might want to get into the system will perform attacks to the
system. Therefore, one need to find what they intend to do and to perform these same sorts of
attacks in an attempt to try penetrate to the network to be able to located the compromised
systems [2]. In this research, it will demonstrate and describe small command line tools which
are used in the Mac, Linux or even the Windows, these tools are the ones used by the hackers as
well as the security testers to penetrate to these systems.
Penetrating has been common practice nowadays and it entails performing different
reconnaissance against the perimeter of the defenses of the system, firewalls, network devices as
well as the servers [1]. Once this has been undertaken the hackers and the security testers collate
this data and then look at an attack vector, which they will try to penetrate the identified systems
to see if they are able to be compromised through use of the vulnerability scans, and the attacks.
Demonstration how attack is done.
Step 1: It all start with the list of the various vulnerabilities or even the potential problem areas
which might cause a security breach for the system.

3
Step 2: In case it is possible the list of the items is then ranked in the order of the criticality or
perhaps priority.
Step 3: The hacker or the security tester then devise the penetration test which could work- this is
done through attacking the system from within the network and even outside [2]. This is done in
order to determine if they can access on the data or even the network.
Step 4: Incase the unauthorized access has been possible, then the system need to be corrected
(in case it was a security tester undertaking this) and a series of the steps are run until the issue is
solved.
The command line used by the hackers and security tester.
1. Metasploit
This is the most advanced as well as popular framework tool which has been utilized by the
hackers and the security tester to penetrate in the system [2]. This tool is basically based on the
aspect of the ‘exploit’ that is the code which could surpass on any particular security measure
and enter a given system [1]. In the event that it enters, it could run a ‘payload’, which is
essentially a code which performs on the operations to the targeted machine, hence creating the
perfect framework for the penetration. This tool could be used on the networks, and the servers.
This command line as well as the clickable interface usually works on the Linux, Mac and
Microsoft windows.

4
Figure 1: Demonstration on how the command tool works.
This command tool let the hackers and the security tester to stimulate on the real world attack
and know the weak points and identify them. Through use of the open source Metasploit
framework, the users are able to build on their own tools and take the best of this tool.
2. Wireshark
This is essentially the network protocol analyzer, it is popular for the provision of the minutest
details in regards to the protocols in the network, packet information as well as decryption. This
command tool could be used on the Windows, Linux and Mac system [2]. The data which is
retrieved through the use of this tool could be viewed via the GUI or even the TTY-mode utility.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5
Figure 2: The diagram demonstrate how the command tool works.
After one download as well as install the Wireshark, they could launch it and double click the
name of the network interface under the element of capture to begin to capture on the packets on
the given interface [2]. An example, when one wants to capture on the traffic to a given wireless
network, they need to click on the wireless interface. It is possible to configure the advanced
features through clicking the capture then the options.
3. Nmap
This tool is also regarded as the Network Mapper, and it falls under the group of the port scanner
tool. This command tool is used by the hackers and the security testers to scan on the port which
enables an efficient network discovery as well as the security auditing [1]. This tool may be used

6
for various range of the services. It uses raw IP packets in order to determine on the host which is
available in the network, their services as well as the details, along with the operating systems
that are used by the host.
Figure 3: The diagram demonstrate how the Nmap tool works.
When one uses Nmap it is not possible to scan one’s own machine from itself in case they are
using Nmap with the WinPap rather than the Npcap [2]. This thus, is the windows limitation
which need to be worked around when it comes to the Npap that may include in self-installer of

7
Windows. The users who are stuck with the WinPcap could utilize the use of the TCP connect
scan without necessary using pinging. The scan speed when it comes to the Windows are much
comparable to those of the UNIX, even though the latter could have a slight edge on the
performance [1]. One exception to this connection scan usually is much slower on the Windows
since there are deficiencies in the Windows networking API. This is not in order since there is
one TCP scan which perform in all the networking kinds.
4. OclHashcat
In case the cracking of the password was on daily basis, then one is aware of this free password
cracking tool Hashcat. This command tool is a CPU based cracking of the password tool, and on
the advanced version it uses the power of the GPU [2]. OclHashcat calls themselves as
themselves as the world fastest password cracking tool with the world first as well as the only
GPGPU based on the engine. When using this tool, it utilizes the NVIDIA user requirement
Force Ware or the AMD user requirement Catalyst 15.7. This tool usually use modes of cracking
through the straight, brute-force, as well as the hybrid dictionary + mask.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

8
Figure 4: This diagram demonstrate how this command tool work.
5. Nessus Vulnerability scanner
Nessus is one of the robust vulnerability identifier tool which is available today. This command
tool usually specialize in the compliance checks, sensitive data searches, along with the IPs scan
and it aids in identifying of the weak spots [2]. It usually work best in most of the environments.

9
Figure 5: The diagram demonstrate how the command line works.
When using this tool, it is possible also to scan multiple kind of vulnerabilities which may
include the remote access flaw detection, misconfiguration alert, the malware detection as well
as the sensitive data [2]. To be able to launch the dictionary attack, the Nessus could be the
popular tool which is used for Hydra externally. Apart from this highlighted above
functionalities, this tool could also be used in the scanning of the various multiple network on the
IPV6, hybrid as well as the IPV4. This command tool is used in various platforms such as
windows, Mac and the Linux system.
6. Maltego command tool.
This is an open source tool which provides rigorous mining as well as gathering of the
information in order to paint on the cyber threats which is around us [2]. The use of this tool
usually excel in highlighting on the complexity as well as severity of the points of the failures in

10
the infrastructure of the users as well as the surrounding environment. This is a great hacker tool
used by the attackers to enable them to analyze the real world links which is between the
individuals, domain, IP addresses and the document [1]. The tool is based on the Java and it
usually runs in the easy to use graphical interface with the lost having the customization options
when it comes to scanning.
Figure 6: The diagram demonstrate how this tool works.
This command tool has been developed in the delivery of the clear threat picture especially to the
environment in which an organization owns and also operate. The major advantage of this tool is
to demonstrate the most complex and severe single points for the failure and to trust on the
relationships which occur within a given scope of the infrastructure [2]. The unique perspective
of which maltego tool provides is to the network and the resource based entities that is the
aggregation of the data which has been displayed over the internet. This could be either through

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

11
the current configuration for the router which has been configured to the router that are poised to
the edge of a given network or even the current whereabouts of a given individual. This system is
able to locate, aggregate and the same time visualize on this data.
7. Social engineer toolkit
This is essentially a unique command tool which has been used by the hackers and the security
testers which target on the human element rather than the system element. This tool has features
which lets one to send the emails, as well as the applets which contains on the code for the attack
[2]. This tool has been used carefully particularly by the hackers and the security experts who are
involved in the system penetration test. The tools has a command line interface and it usually
works best on the system of Linux, Mac as well as the Microsoft windows.

12
Figure 7: The diagram demonstrate how the command line work.
This tool has been stimulating various types of the social engineering attack such as the
credential, harvesting as well as the phishing attacks which the hackers have been able to utilize
to carry out their own attacks [1]. From the diagram it shows how a user is trying using the sms
spoofing tool from the social engineer toolkit to carry out how an attack [1] . This python tool
has been the standard tool which has been used for the penetration tests and it has more than two
million downloads. The command tool could automatically attack and at the same time generates
disguising emails.
8. W3af
This is an Audit framework command tool which has a web application. Some of the features
which are included in this are the HTTP requests, the integration of the proxy servers into the
code, injecting payloads to the different HTTP requests. In this command tool it could work well
in the Linux, Mac and the Microsoft Windows.