And you never know, in your next pen test they may just act as a point of entry to a target that seemed to be impenetrable. We’re still some way from Christmas, but perhaps you might be tempted to gift some of these devices to yourself – you are sure to get many hours of testing out of them. Of course, it tends to go undetected by most security systems. This device can be connected via USB or PS/2 and creates a stealthy connection between the keyboard and PC, logging every keystroke. #10 Keylogger An old classic for logging keystrokes. There are a great many sizes and formats or kits, which in many cases can threaten physical security. Source: These tools are the main equipment used in lockpicking – in other words the art of opening a lock or a physical security device by analyzing or manipulating its components logically, without the original key.
Please verify the regulations in your country before acquiring any of these tools – the same applies for the other gadgets listed in this article. We do not recommend any activity that could be against the law. #9 Lockpicks It is important to be aware that in, possession of lockpicks is a criminal act.
Without a PC) through the use of batteries. It can also be operated in standalone mode (i.e. Source: The Proxmark3 is a device developed by Jonathan Westhues that can read almost any RFID (radio frequency identification) label, as well as clone and sniff them. Robot, you’ll likely remember that in the second season Rubber Ducky is a crucial ally for Angela, helping her gain access to an E Corp executive’s passwords. When you plug it into a computer, it starts writing automatically to launch programs and tools which may either be available on the victim computer or loaded onto the drive’s onboard Micro SD, in order to extract information. Source: This “special” pen drive is a device that works as a programmed keyboard in the shape of a USB drive. The Alfa stands out for the quality of its materials, and for its use of chipsets which can be set to monitoring mode – a requirement for wireless audits. A classic Wi-Fi board for injecting packets. The icing on the cake is that these modules can be installed free of charge directly via the web interface in a matter of seconds. As a platform, WiFi Pineapple allows the use of a great many modules, which are continually being developed by the user community, thus adding new features that widen its scope of functionality. It stands out for its ease of use, workflow management, the detailed information it provides, and the possibility it offers to emulate different kinds of advanced attacks, which are always just a couple of clicks away. Through an intuitive web interface, it enables you to connect using any device, such as a smartphone or a tablet. Source: This set of tools for wireless penetration tests is very useful for various types of attacks, such as man-in-the-middle attack. So here’s a list of the 10 tools every white hat hacker needs. The tools in question are mainly pieces of hardware designed for security research or projects. That’s when, in order to continue the analysis from the perspective of a security researcher or consultant, and a number of other tools, some of which we will look at in this post, start to play more importance, being perhaps the only ones that can allow an attacker to penetrate the target system. In other words security patches, policies, network segmentation, antivirus, and user awareness, to name just a few measures, are being applied properly. Sometimes, during security audits, we may encounter a situation where everything is being managed correctly. Here’s a list of the 10 tools every white hat hacker needs in their toolkit, says ESET’s Lucas Paus.