Program Name: B.Tech.

CSE + CSF
Semester: IV
Name: Nishtha Sharma
Course Name: IT Data Security
UNIVERSITY OF PETROLEUM AND ENERGY STUDIES
Assignment-1
Task:

1. Discuss any 10 Cyber Security Tools in detail

2. Demonstrate the use of any 5 tools by exploring them i.e. what
are the functionalities of the tool (by using them) and add the
screenshot (how you have used the tool and what functionalities
you have performed) in the assignment.\
1 – Metasploit Framework
The tool that turned hacking into a commodity when it was released in 2003, the
Metasploit Framework made cracking known vulnerabilities as easy as point and
click. Although sold as (and used by white hats) as a penetration testing tool,
Metasploit’s free version is still where most neophyte hackers cut their teeth. With
downloadable modules allowing any combination of exploit and executable
payload, all freely available, hackers have instant access to any system showing
one of nearly 2000 cataloged vulnerabilities. Sophisticated anti-forensic and stealth
tools make the package complete.
The Metasploit Project is an open source project that provides a public resource for
researching security vulnerabilities and developing code that allows a network
administrator to break into his own network to identify security risks and document
which vulnerabilities need to be addressed first.
2 – Nmap
Nmap, or Network Mapper, is 20 years old, but remains one of the most flexible,
powerful, and useful tools in the network security analysts toolkit. Nmap can
bounce TCP and UDP packets around your network like a pinball wizard,
identifying hosts, scanning for open ports, and slicing open misconfigured
firewalls to show you what devices are open for business on your network…
whether you put them there or someone else did. Nmap has been around so long
that it has collected a constellation of helper tools such as the Zenmap GUI, Ncat
debugging tool, and Nping packet generator.
While the basis of Nmap's functionality is port scanning, it allows for a variety of
related capabilities including: Network mapping: Nmap can identify the devices on
a network (also called host discovery), including servers, routers and switches, and
how they're physically connected.
3 – OpenSSH
OpenSSH is a suite of low-level tools that rights many of the wrongs built into the
original network-level utilities in most Internet operating systems. Created as an
integral part of the bulletproof OpenBSD UNIX implementation, OpenSSH was
useful enough and solid enough that it was quickly adopted by other UNIX forks
and made available as portable packages for other operating systems. The
encryption and tunneling capabilities of the OpenSSH utilities are taken for granted
by most users, but security professionals need to know how to build secure systems
on top of reliable OpenSSH tools.
OpenSSH Features. The OpenSSH source code is available free to everyone via the
Internet. OpenSSH is not covered by any restrictive license. It can be used for any
and all purposes, and that explicitly includes commercial use.
4 – Wireshark
Wireshark is the de facto standard in network protocol analysis tools. It allows
deep inspection and analysis of packets from hundreds of different protocols, from
the ubiquitous TCP to the exotic CSLIP. With built-in decryption support for many
encrypted protocols and powerful filtering and display capabilities, Wireshark can
help you dive deep in current activity on your network and expose nefariously
crafted attacks in real time.
Wireshark is a free and open-source packet analyzer. It is used for network
troubleshooting, analysis, software and communications protocol development,
and education.
5 – Nessus
Nessus is the world’s most popular vulnerability scanner, a battle-scarred
champion that has held that throne for decades even as new challengers have
crowded the arena in recent years. Automated compliance scans can handle
everything from password auditing to patch-level compliance across your network,
with reports that immediately draw attention to open vulnerabilities. Nessus can
integrate with Nmap to take advantage of advanced port-scanning capabilities and
with other management tools to form an integral part of your network security
system.
Nessus is a remote security scanning tool, which scans a computer and raises an
alert if it discovers any vulnerabilities that malicious hackers could use to gain
access to any computer you have connected to a network.

6 – Aircrack-ng
Aircrack is your go-to tool for wifi hacking—still one of the most vulnerable
aspects of most commercial networks. Weak wireless encryption protocols are
easily shattered by Aircrack’s WEP and WPA attacks. Sophisticated
deauthentication and fake access point attacks allow you to probe your security
aggressively. Packet sniffing capabilities allow you to simply snoop and keep an
eye on traffic even without making overt attacks. No wireless network security
staff should be without a copy of Aircrack-ng.

7 – Snort
Snort provides network intrusion detection that performs real-time traffic analysis
and packet logging on your network. Using rulesets that are updated daily, Snort
matches patterns against known attack signatures and alerts you to potential
assaults. The system can be configured to trigger even on less openly nefarious
activity, such as Nmap stealth port scans or operating system fingerprinting
attempts.
8 – John the Ripper
John the Ripper is a fast password cracker with a lot of features that make it a
breeze for slashing through your password files. It auto detects hash types to take
the guesswork out of the attack and supports several popular encryption formats
including DES, MD5, and Blowfish. It hits Unix, Kerberos, and Windows
LanManager passwords equally hard using either dictionary or brute force attacks.
If you haven’t checked your password hashes against John yet, you can be sure that
some hacker out there will do it for you soon.
John the Ripper password cracker. John the Ripper is a fast password cracker,
currently available for many flavors of Unix, Windows, DOS, BeOS, and
OpenVMS (the latter requires a contributed patch). Its primary purpose is to detect
weak Unix passwords.
9 – OWASP ZAP
OWASP ZAP (short for Zed Attack Proxy) is an open-source web application
security scanner. It is intended to be used by both those new to application security
as well as professional penetration testers.
It is one of the most active OWASP projects[ and has been given Flagship status.[3]
When used as a proxy server it allows the user to manipulate all of the traffic that
passes through it, including traffic using https.
It can also run in a daemon mode which is then controlled via a REST API.

10 –Kismet
Kismet is a network detector, packet sniffer, and intrusion detection system for
802.11 wireless LANs. Kismet will work with any wireless card which supports
raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n
traffic. The program runs under Linux, FreeBSD, NetBSD, OpenBSD, and Mac
OS X. The client can also run on Microsoft Windows, although, aside from
external drones (see below), there's only one supported wireless hardware available
as packet source.
Distributed under the GNU General Public License,[2] Kismet is free software.