Toolkit yeanovice pentester: isu tinopa pfupi digest yematurusi makuru ayo anozobatsira kana pentesting yemukati network. Zvishandiso izvi zvatove zvichishandiswa zvakanyanya neakasiyana siyana nyanzvi, saka zvichave zvinobatsira kune wese munhu kuziva nezve kugona kwavo uye kugona kwavo zvakakwana.
Zviri Mukati:
-
Nmap -
Zmap -
Masscan -
Nessus -
Net-Credits -
network-miner -
mitm6 -
mhinduro -
Evil_Foca -
Bettercap -
gateway_finder -
mitmproxy -
ZVINOMWE -
yersinia -
proxychains
Nmap
Pamusoro pekutarisa madoko akavhurika/akavharwa, nmap inogona kuona sevhisi inoteerera pane yakavhurika chiteshi uye vhezheni yayo, uye dzimwe nguva inobatsira kuona iyo OS. Nmap ine rutsigiro rwekuongorora zvinyorwa (NSE - Nmap Scripting Engine). Uchishandisa zvinyorwa, zvinokwanisika kutarisa kusakanganiswa kweakasiyana masevhisi (kana, chokwadi, kune script kwavari, kana iwe unogona kugara uchinyora yako) kana kudzoreredza mapassword emabasa akasiyana.
Saka, Nmap inokutendera iwe kuti ugadzire mepu yakadzama yetiweki, tora ruzivo rwakanyanya pamusoro pekumhanya masevhisi pane anotambira panetiweki, uye zvakare tarisa nekuchenjerera kumwe kusasimba. Nmap zvakare ine inochinjika scanning marongero; unogona kugadzirisa iyo yekumhanyisa kumhanya, nhamba yetambo, nhamba yemapoka ekutarisa, nezvimwe.
Yakanakira kuongorora madiki madiki uye yakakosha pakuona kwenzvimbo yemunhu anotambira.
Pros:
- Inoshanda nekukurumidza nehuwandu hudiki hwemauto;
- Kuchinjika kwezvigadziriso - unogona kusanganisa sarudzo nenzira yekuwana iyo inonyanya kudzidzisa data munguva inogamuchirwa;
- Parallel scanning - rondedzero yevanotarirwa inopatsanurwa kuita mapoka, uyezve boka rega rega rinoongororwa pamwe chete, parallel scanning inoshandiswa mukati meboka. Uyewo kupatsanurwa mumapoka idambudziko diki (ona pazasi);
- Yakafanotsanangurwa seti yezvinyorwa zvemabasa akasiyana - haufanirwe kupedza nguva yakawanda uchisarudza magwaro chaiwo, asi tsanangura mapoka ezvinyorwa;
- Mhedzisiro yekubuda - 5 mafomati akasiyana, kusanganisira XML, anogona kuendeswa kune mamwe maturusi;
Cons:
- Kupenengura boka revanotambira - ruzivo nezve chero muenzi haawanikwe kusvika kutariswa kweboka rese kwapera. Izvi zvinogona kugadziriswa nekuisa mune zvakasarudzika saizi yakakura yeboka uye iyo yakanyanya nguva yenguva panguva iyo mhinduro yechikumbiro ichatarisirwa usati wamira kuedza kana kuita imwe;
- Kana ichitarisa, Nmap inotumira SYN mapaketi kune yakanangwa chiteshi uye inomirira chero mhinduro pakiti kana nguva yekupera kana pasina mhinduro. Izvi zvinokanganisa kushanda kwe scanner yose, mukuenzanisa neasynchronous scanners (somuenzaniso, zmap kana masscan);
- Paunenge uchitarisa mahombe network, kushandisa mireza kukurumidza kutarisisa (-min-rate, --min-parallelism) inogona kuburitsa nhema-negative mhedzisiro, kushayikwa madoko akavhurika pane anotambira. Zvakare, idzi sarudzo dzinofanirwa kushandiswa nekuchenjerera, zvichipihwa kuti hombe yepakiti-yero inogona kutungamirira kuDoS isingaite.
Zmap
Kusiyana nenmap, kana uchitumira SYN mapaketi, Zmap haimirire kusvika mhinduro yadzoka, asi inoenderera mberi ichiongorora, panguva imwe chete ichimirira mhinduro kubva kune vese mauto, saka hainyatso chengetedza mamiriro ekubatanidza. Kana mhinduro kuSYN packet yasvika, Zmap inonzwisisa kubva mukati mepacket kuti chiteshi chakavhurwa uye pane muenzi upi. Pamusoro pezvo, Zmap inongotumira pakiti imwe chete yeSYN pachiteshi ichiongororwa. Zvinogoneka zvakare kushandisa PF_RING kukurumidza kutarisisa network hombe kana iwe uine 10-Gigabit interface uye inoenderana network kadhi iripo.
Pros:
- Scan speed;
- Zmap inogadzira Ethernet mafuremu nekupfuura system TCP/IP stack;
- Mikana yekushandisa PF_RING;
- ZMap inomisikidza zvibodzwa kugovera zvakaenzana mutoro padivi rakaongororwa;
- Kugona kwekubatanidzwa neZGrab (chishandiso chekuunganidza ruzivo nezvesevhisi padanho rekushandisa reL7).
Cons:
- Inogona kukonzera kurambwa kwesevhisi kune network zvishandiso, semuenzaniso, kuparadza ma routers epakati, kunyangwe mutoro wakagoverwa, sezvo mapaketi ese achapfuura neimwe router.
Masscan
Pros:
- Iyo syntax yakafanana neNmap, uye chirongwa chinotsigirawo dzimwe Nmap-inoenderana sarudzo;
- Kumhanyisa kwekushanda - imwe yeanomhanyisa asynchronous scanners.
- Flexible scanning mechanism - kutangazve kukanganiswa kutarisisa, kugovera mutoro pamidziyo yakati wandei (sepaZmap).
Cons:
- Sezvakangoita neZmap, mutoro uri pamanetiweki pachawo wakakwira zvakanyanya, izvo zvinogona kutungamira kuDoS;
- Nekutadza, hapana kugona kuongorora paL7 application layer;
Nessus
Kugona kuona vhezheni dzemasevhisi kana maseva, kuona zvikanganiso mukumisikidzwa kwehurongwa, uye kuita hutsinye hwemapassword eduramazwi. Inogona kushandiswa kuona iko kurongeka kwemasetirwo ebasa (tsamba, zvigadziriso, nezvimwewo), pamwe nekugadzirira kuongororwa kwePCI DSS. Uye zvakare, iwe unogona kupfuudza magwaro ekugamuchira kuNessus (SSH kana domain account muActive Directory) uye scanner ichawana mukana wemugamuchiri uye kuita cheki pairi, iyi sarudzo inonzi credential scan. Yakanakira makambani ari kuita maodhisheni ezvawo network.
Pros:
- Mamiriro akasiyana ekusagadzikana kwega kwega, iyo dhatabhesi iyo inogara ichivandudzwa;
- Kubuda kwemhedzisiro - yakajeka mavara, XML, HTML uye LaTeX;
- API Nessus - inokutendera kuti uite otomatiki maitiro ekuongorora uye kuwana mhinduro;
- Credential Scan, unogona kushandisa Windows kana Linux zvinyorwa kuti utarise zvigadziriso kana zvimwe zvinokanganisa;
- Kugona kunyora ako akavakirwa-mukati ekuchengetedza mamodule - scanner ine yayo yekunyora mutauro NASL (Nessus Attack Scripting Mutauro);
- Iwe unogona kuseta nguva yekugara uchitarisisa network yemuno - nekuda kweizvi, iyo Information Security Service ichaziva nezve shanduko dzese mukugadziriswa kwekuchengetedza, kubuda kwevaenzi vatsva uye kushandiswa kweduramazwi kana default password.
Cons:
- Panogona kunge paine malfunctions mukushanda kweiyo masisitimu ari kutariswa - iwe unofanirwa kushanda nemazvo neakachengeteka cheki sarudzo yakaremara;
- Shanduro yekutengeserana haisi yemahara.
Net-Credits
Pros:
- Kuzivikanwa kwesevhisi kunoenderana nekuongororwa kwepaketi pachinzvimbo chekuzivisa sevhisi nenhamba yechiteshi inoshandiswa;
- Easy kushandisa;
- Yakasiyana-siyana ye data yakabviswa - inosanganisira logins uye passwords yeFTP, POP, IMAP, SMTP, NTLMv1/v2 protocol, pamwe neruzivo kubva kuHTTP zvikumbiro, senge mafomu ekupinda uye yekutanga auth;
network-miner
Pros:
- Graphical interface;
- Kuona uye kuiswa kwedata mumapoka kunorerutsa kuongororwa kwetraffic uye kunoita kuti ikurumidze.
Cons:
- Iyo yekuedza vhezheni ine mashandiro mashoma.
mitm6
Pros:
- Inoshanda zvikuru pamanetiweki mazhinji chaizvo nekuda kweiyo yakajairwa gadziriso yeWindows mahosti uye network;
mhinduro
Pros:
- Nekutadza, inosimudza maseva mazhinji nerutsigiro rweNTLM yekutendesa: SMB, MSSQL, HTTP, HTTPS, LDAP, FTP, POP3, IMAP, SMTP;
- Inobvumira DNS spoofing kana MITM kurwisa (ARP spoofing, nezvimwewo);
- Fingerprint yevatambi vakaita chikumbiro chenhepfenyuro;
- Ongorora modhi - yekutarisa zvikumbiro zvezvikumbiro;
- Mafomati emahara akabatwa echokwadi cheNTLM anofambirana naJohn the Ripper uye Hashcat.
Cons:
- Kana uchimhanya pasi peWindows, port 445 (SMB) inosunga yakazara nemamwe matambudziko (inoda kumisa masevhisi anoenderana uye kutangazve);
Evil_Foca
Pros:
- Yakanakira kuita MITM kurwisa (ARP spoofing, DHCP ACK jekiseni, SLAAC kurwisa, DHCP spoofing);
- Unogona kuita kurwisa kweDoS - neARP spoofing yeIPv4 network, ine SLAAC DoS muIPv6 network;
- Zvinokwanisika kuita DNS hijacking;
- Zviri nyore kushandisa, mushandisi-ane hushamwari graphical interface.
Cons:
- Inoshanda chete pasi peWindows.
Bettercap
Pros:
- Credential Sniffer - unogona kubata akashanyirwa maURL uye HTTPS mauto, HTTP chokwadi, zvitupa zveakasiyana maprotocol;
- Kurwiswa kwakawanda kwakavakirwa muMITM;
- Modular HTTP (S) proxy yakajeka - unogona kubata traffic zvichienderana nezvaunoda;
- Yakavakwa-mukati HTTP sevha;
- Tsigiro yemacaplets - mafaera anobvumira kuomarara uye otomatiki kurwiswa kutsanangurwa mumutauro wekunyora.
Cons:
- Mamwe mamodule - semuenzaniso, ble.enum - haana kutsigirwa neMacOS neWindows, mamwe akagadzirirwa Linux chete - packet.proxy.
gateway_finder
Pros:
- Zviri nyore kushandisa uye kugadzirisa.
mitmproxy
Pros:
- Inoshanda nemaprotocol akasiyana, uye zvakare inotsigira kugadziridzwa kweakasiyana mafomati, kubva kuHTML kuenda kuProtobuf;
- API yePython - inobvumidza iwe kunyora zvinyorwa zveasiri-standard mabasa;
- Inogona kushanda mune yakajeka proxy modhi ine traffic interception.
Cons:
- Iyo yekurasa fomati haienderane nechero chinhu - zvakaoma kushandisa grep, unofanirwa kunyora zvinyorwa;
ZVINOMWE
Pros:
Kushandisa iyo Cisco Smart Install protocol inobvumidza iwe ku:
- Chinja tftp server kero pamutengi mudziyo nekutumira imwe isina kurongeka TCP packet;
- Kopa faira yekumisikidza mudziyo;
- Shandura dhizaini yekumisikidza, semuenzaniso, nekuwedzera mushandisi mutsva;
- Gadziridza iyo iOS mufananidzo pane mudziyo;
- Ita zvisina kujairika seti yemirairo pane mudziyo. Ichi chinhu chitsva chinongoshanda mushanduro dzeIOS 3.6.0E uye 15.2(2)E;
Cons:
- Inoshanda neyakaganhurwa seti yeCisco zvishandiso; iwe zvakare unoda "chena" IP kuti ugamuchire mhinduro kubva kune mudziyo, kana iwe unofanirwa kunge uri pane imwecheteyo network semudziyo;
yersinia
Pros:
- Inokutendera kuti uite kurwisa STP, CDP, DTP, DHCP, HSRP, VTP nevamwe.
Cons:
- Kwete iyo inonyanya kushandisa-inoshamwaridzika interface.
proxychains
Pros:
- Inobatsira kutungamira traffic kubva kune mamwe maapplication ayo nekusarudzika haagone kushanda nemaproxies;
Muchinyorwa chino, takatarisa muchidimbu zvakanakira uye zvakaipira zvematurusi makuru emukati network pentesting. Gara wakatarisa, isu tinoronga kuburitsa zvakaunganidzwa zvakadaro mune ramangwana: Webhu, dhatabhesi, nharembozha - isu tichanyora nezve izvi zvakare.
Govera zvaunofarira zvekushandisa mumhinduro!
Source: www.habr.com