Sometimes, during security audits, we may
encounter a situation where everything is being managed correctly. In other
words security patches, policies, network segmentation, antivirus, and user
awareness, to name just a few measures, are being applied properly. That’s
when, in order to continue the analysis from the perspective of a security
researcher or consultant, social engineering and
a number of other tools, some of which we will look at in this post, start to
play more importance, being perhaps the only ones that can allow an attacker to
penetrate the target system.
The tools in question are mainly pieces of hardware
designed for security research or projects. So here’s a list of the
10 tools every white hat hacker needs.
#1 Raspberry Pi 3
We are now on the third generation of these
low-budget computers, which can be used in multiple ways. A classic example in
security audits is to use a Raspberry Pi with its appropriate battery pack, a
distribution platform like Kali Linux,
and applications like FruityWifi,
which together act like the Swiss army knife of pen testing.
#2 WiFi Pineapple*
This set of tools for wireless penetration tests is
very useful for various types of attacks, such as man-in-the-middle attack.
Through an intuitive web interface, it enables you to connect using any device,
such as a smartphone or a tablet. It stands out for its ease of use, workflow
management, the detailed information it provides, and the possibility it offers
to emulate different kinds of advanced attacks, which are always just a couple
of clicks away.
As a platform, WiFi Pineapple allows the use of a great
many modules, which are continually being developed by the user community, thus
adding new features that widen its scope of functionality. The icing on the
cake is that these modules can be installed free of charge directly via the web
interface in a matter of seconds.
#3 Alfa Network Board*
A classic Wi-Fi board for injecting packets. The
Alfa stands out for the quality of its materials, and for its use of chipsets
which can be set to monitoring mode – a requirement for wireless audits.
#4 Rubber Ducky*
This “special” pen drive is a device that works as
a programmed keyboard in the shape of a USB drive. When you plug it into a
computer, it starts writing automatically to launch programs and tools which
may either be available on the victim computer or loaded onto the drive’s
onboard Micro SD, in order to extract information.
If you watch the hit TV series Mr. Robot,
you’ll likely remember that in the second season Rubber Ducky is a crucial
ally for Angela, helping her gain access to an E Corp executive’s passwords.
#5 LAN Turtle*
This type of systems admin and pen-test tool
provides stealthy remote access, as it stays connected to a USB port covertly.
Besides this, it allows users to harvest information from the network and has
the capacity to execute a man-in-the-middle attack.
#6 HackRF One
This tool installs a powerful SDR (Software-Defined
Radio) system. In other words it is essentially a radio communication device
which installs software to be used in place of typically installed hardware.
This way, it is capable of processing all kinds of radio signals ranging from
10 MHz to 6 GHz from a single peripheral, which can be connected to the
computer via a USB port.
#7 Ubertooth One
This device is an open-source 2.4 GHz code
development platform for experimenting with Bluetooth, enabling users to
appreciate the different aspects of new wireless technologies.
#8 Proxmark3 Kit
The Proxmark3 is a device developed by Jonathan
Westhues that can read almost any RFID (radio frequency identification) label,
as well as clone and sniff them. It can also be operated in standalone mode
(i.e. without a PC) through the use of batteries.
#9 Lockpicks
These tools are the main equipment used in lockpicking
– in other words the art of opening a lock or a physical security device by
analyzing or manipulating its components logically, without the original key.
There are a great many sizes and formats or kits, which in many cases can
threaten physical security.
#10 Keylogger
An old classic for logging keystrokes. This device
can be connected via USB or PS/2 and creates a stealthy connection between the
keyboard and PC, logging every keystroke. Of course, it tends to go undetected
by most security systems.
We’re still some way from Christmas, but perhaps
you might be tempted to gift some of these devices to yourself – you are sure
to get many hours of testing out of them. And you never know, in your next pen
test they may just act as a point of entry to a target that seemed to be
impenetrable.
Also, by the way, if you are planning to visit the
ESET stand at the Ekoparty Security Conference 2016, you will find various
challenges offering you the chance to win some of the devices in this
list—those marked with a star (*).
If you think we’ve missed any devices, tell us
about it in the comments section and say why you think it should be in this
list.
