Install hacker tools

Start

I have a laptop running Kali and Virtual Box with a kali vm on it. I wanted to have a setup that is easy to copy, backup and restore and the main tools installed. Here is the steps that I took to get this setup up and running.

Where did I get this information

There is a lot people I want to thanks for this, here are a few:

John Hammond https://www.linkedin.com/in/johnhammond010/
Michael Taggart https://twitter.com/mttaggart
Heath Adams https://www.linkedin.com/in/heathadams/
Corey J Ball https://www.linkedin.com/in/coreyjball/
Dan Barahona https://www.linkedin.com/in/rdbarahona/

Goal

It is simple, to document what tools to use and when. I am old and need to document things and I want to share stuff so other can use this information to get into security stuff.

Andriod – Static and Dynamic

Applications to install
Java, jadx, MobSF, MVT Tools, Andriod Studio, APK Tools, Frida and objection

There can be some issue installation for example Andriod Studio on a virtual machine. So in my case I was running Andriod Studio on the source os on the laptop and not in the virtual machine.

Java, Jadx and adb

JADX is a tool used in reverse engineering for Android applications. It’s designed to decompile Android application (APK) files into a human-readable format, allowing developers and security researchers to analyze the code, understand its functionality, and potentially identify security issues or vulnerabilities. The decompiled code can be useful for debugging, modification, or gaining insights into the inner workings of an Android app.

ADB (Android Debug Bridge) is a command-line tool for communication between a computer and an Android device. It is used for tasks such as app installation, debugging, file transfer, and accessing shell commands.

sudo apt-get install default-jdk
sudo apt-get install jadxsudo apt-get install adb

JADX screenshot

Andriod Studio

Android Studio is the official integrated development environment (IDE) for Android app development, created by Google. It provides a comprehensive set of tools for designing, coding, testing, and debugging Android applications. Android Studio includes features such as a visual layout editor, code completion, debugging tools, and an emulator for testing apps on virtual devices. It is widely used by developers to create and maintain Android applications efficiently.

Andriod Studio: https://developer.android.com/studio
Unpack and run

Andriod Studio screen studio

MobSF
MobSF (Mobile Security Framework) is an open-source mobile application security testing framework that helps in the automated security analysis of mobile apps (Android and iOS). It provides various features to assess the security posture of mobile applications, including static analysis, dynamic analysis, and web API testing. MobSF is designed to identify security vulnerabilities, coding issues, and potential threats in mobile applications. Security professionals, developers, and quality assurance teams often use MobSF to enhance the security of mobile apps by uncovering and addressing potential weaknesses.

MobSF: https://github.com/MobSF/Mobile-Security-Framework-MobSF

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
virtualenv -p python3 Mobile-Security-Framework-MobSF
cd Mobile-Security-Framework-MobSF
source ./bin/activate
./setup
.run

MobSF screenshot

MVT tools

MVT, in the context of Mobile Vulnerability Testing, refers to various tools used to assess the security of mobile applications. Examples include MobSF, Drozer, AndroBugs Framework, and Needle. These tools help identify and address vulnerabilities in both Android and iOS applications.
MobileVerificationTool (MVT): https://docs.mvt.re/en/latest/

cd github
mkdir mvt
python3 -m venv mvt
cd mvt
source./bin/activate 
pip install mvt
./bin/mvt-android download-iocs
adb devices -l (you schould see your device)

MVT-Tools screenshot

APK tools

APK tools, or Android Application Package tools, are a set of utilities used for the de-compilation, manipulation, and recompilation of Android application packages (APKs). These tools are often employed by developers, security researchers, and enthusiasts for various purposes, such as analyzing, modifying, or reverse engineering Android apps.

Latest apktool: https://ibotpeaches.github.io/Apktool/
1. Download the Linux wrapper script. (Right click, Save Link As apktool)
2. Download the latest version of Apktool.
3. Rename the downloaded jar to apktool.jar.
4. Move both apktool.jar and apktool to /usr/local/bin. (root needed)
5. Make sure both files are executable. (chmod +x)
6. Try running apktool via CLI.

apktool screenshot

Frida and Patch-apk

Frida:

• Description: Frida is an open-source dynamic instrumentation toolkit. It allows developers and security professionals to inject JavaScript or native code into running processes on various platforms, including Android.
• Use Cases: Frida is commonly used for dynamic analysis of mobile applications, enabling users to hook into and manipulate the behavior of Android apps during runtime. This is useful for tasks like API monitoring, function tracing, and runtime manipulation for security testing and debugging.

patch-apk:

• Description: “patch-apk” isn’t a specific tool but may refer to the general process of patching or modifying an Android application package (APK) file.
• Use Cases: Developers or security researchers might use APK patching techniques to make changes to an Android app, such as removing ads, modifying functionality, or bypassing security measures. Various tools, including Apktool and manual modification of the APK, can be involved in the APK patching process.

mkdir frida
python3 -m venv frida
cd frida
source ./bin/activate
pip3 install frida
pip3 install frida-tools
git clone https://github.com/NickstaDB/patch-apk

Frida and Patch-apk screenshot

Conclusion

Now we have the tools to analyze mobile application both static and dynamic analyze. Also we use MVT-tools to scan device for bad actors and bad settings.

Web

Applications to install Burpsuite, Zap, Foxy Proxy, nuclei, wpscan, cmseek

BurpSuite and FoxProxy

Burp Suite is a cybersecurity tool used for web application security testing. It provides features like web application scanning, crawling, and various tools for manual testing and analysis, helping identify and address security vulnerabilities in web applications.

Here you can download the community edtion of BurpSuite different os are supported.

https://portswigger.net/burp/communitydownload

There are some usefull videos for starting with burpsuite here is one from John Hammond! No need to invent the wheel again! FoxyProxy is also coverd in this video.

Screenshot BurpSuite

ZAP

ZAP (Zed Attack Proxy) is an open-source security testing tool for finding vulnerabilities in web applications. It offers features for automated scanning, proxy functionality, spidering, and more.

To install if you do not already have it.

sudo apt-get install zaproxy

Screenshot zap

nuclei

Nuclei is a fast and flexible open-source vulnerability scanner for web applications. It allows users to define and run security checks against various types of targets using customizable templates.

If you do not have it install it

sudo apt install nuclei

nuclei screenshot

wpscan

WPScan is a security scanner for WordPress websites. It helps identify vulnerabilities, outdated themes or plugins, and performs tasks like version detection and password brute-force testing. Use it responsibly and with proper authorization.

Install it

apt-get install wpscan

wpscan screenshot

cmseek

CMSeek is a tool used for scanning and analyzing content management systems (CMS) and their vulnerabilities. It’s specifically designed to identify security issues in CMS-based websites. The tool can detect and analyze the version of the CMS in use, search for known vulnerabilities associated with that version, and provide information that may be useful for penetration testers or security researchers.

Install it

apt-get install cmseek

cmseek screenshot

Tools list for web penetrationtesting

There are some great tools out there, here is a small list to look into.

1. Burp Suite: Integrated platform for web application security testing, including scanning, crawling, and analysis.
2. OWASP Zap (Zed Attack Proxy): Open-source security testing tool for finding vulnerabilities in web applications.
3. Nmap (Network Mapper): Powerful network scanning tool for discovering hosts, services, and open ports.
4. SQLMap: Specialized tool for detecting and exploiting SQL injection vulnerabilities in web applications.
5. Metasploit Framework: Comprehensive penetration testing tool with exploits, payloads, and auxiliary modules.
6. Nikto: Web server scanner that performs tests to identify potential security issues.
7. DirBuster/Dirsearch: Tools for brute-forcing directories and files on web servers to discover hidden content.
8. Wfuzz: Web application brute-forcing tool for finding hidden resources, misconfigurations, and vulnerabilities.
9. Gobuster: Directory and file brute-forcing tool similar to DirBuster and Dirsearch.
10. Wireshark: Network protocol analyzer for examining data packets on a network.
11. Sublist3r: Subdomain enumeration tool to discover subdomains of a target domain.
12. Aquatone: Tool for visualizing the domains and analyzing the structure of a target website.
13. Snort: Open-source intrusion detection and prevention system for network security monitoring.
14. BeEF (Browser Exploitation Framework): Pentesting tool focused on web browsers, exploiting client-side vulnerabilities.
15. JoomScan: Joomla vulnerability scanner for identifying security issues in Joomla websites.
16. Acunetix: Web vulnerability scanner that automatically detects and manages security vulnerabilities.
17. WebScarab: Java-based tool for analyzing web application traffic between the browser and the target server.
18. Zed Attack Proxy (ZAP): Part of the OWASP project, ZAP is a feature-rich security tool for finding vulnerabilities in web applications.
19. Nessus: Vulnerability scanner with web application testing capabilities.
20. ModSecurity: Open-source web application firewall (WAF) for protecting web applications against various attacks.

API

Last part of this post is API stuff.

If you sign up for the free course at https://university.apisec.ai/ you will get deep into this. What I have seen this is the best course for now regardning API security and for now it is free!

Tools to install

burpsuite, zap, mitmproxy, postman, jwt_tool, Kiterunner and mitmproxy2swagger

mitmproxy and mitmweb

• mitmproxy:
  • mitmproxy is a versatile tool that allows you to intercept, modify, and inspect HTTP and HTTPS traffic between a client and a server. It acts as a man-in-the-middle (MitM) proxy, enabling you to analyze and manipulate the communication between your device and the server.
• mitmweb:
  • mitmweb is the web-based user interface that comes with mitmproxy. It provides a visual representation of the intercepted traffic, making it more accessible for users who prefer a GUI over a command-line interface. With mitmweb, you can view and interact with the intercepted requests and responses in a web browser.

To install

sudo apt-get install mitmproxy mitmweb

mitmproxy screenshot

mitmweb screenshot

Postman

To install

cd Download (or where you want it)
sudo wget https://dl.pstmn.io/download/latest/linux64 -O postman-linux-x64.tar.gz
tar -xvf postman-linux-x64.tar.gz
sudo ln -s /home/roger/Downloads/Postman/Postman /usr/bin/postman

postman screenshot

jwt_tool

jwt_tool is a Python script designed for security professionals, developers, and penetration testers to assess the security of systems using JSON Web Tokens (JWTs). This tool provides capabilities such as generating custom JWTs, decoding token contents, tampering with claims, and extracting cryptographic keys. It is particularly useful for testing the robustness of applications relying on JWTs for authentication and authorization by simulating various attack scenarios and identifying potential vulnerabilities.

To install

cd /github
sudo git clone https://github.com/ticarpi/jwt_tool
python3 -m venv jwt_tool 
cd jwt_tool
source ./bin/activate
python3 -m pip install termcolor cprint pycryptodomex requests
chmod +x jwt_tool.py

jwt_tool screenshot

mitmproxy2swagger

A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic.

To install

cd github
mkdir mitmproxy2swagger 
python3 -m venv mitmproxy2swagger
cd mitmproxy2swagger
source ./bin/activate
pip3 install mitmproxy2swagger

mitmproxy2swagger screenshot

Kiterunner

Kiterunner is a tool that is capable of not only performing traditional content discovery at lightning fast speeds, but also brute-forcing routes/endpoints in modern applications.

To install

cd github
git clone  https://github.com/assetnote/kiterunner.git
python3 -m venv kiterunner
cd kiterunner
source ./bin/activate
make build

Download all wordlists from https://labs.assetnote.io/
cd routes
wget -r --no-parent -R "index.html*" https://wordlists-cdn.assetnote.io/data/ -nH -e robots=off

kiterunner screenshot

Tools list for api penetrationtesting

There are som great tools out there, here is a small list to look into.

1. Postman
2. Burp Suite
3. OWASP ZAP (Zed Attack Proxy)
4. Fiddler
5. Paw
6. RESTAssured
7. Swagger Inspector
8. ApiFuzzer
9. Nmap
10. GraphQL-Introspection-Scanner
11. Restler
12. GraphWalker
13. JMeter
14. API Fortress
15. Rapid7 AppSpider
16. Insomnia
17. Telerik Fiddler Everywhere
18. HTTPie
19. WebScarab
20. Arachni

How to use these tools in real life

Well, my easy answer is to try it or attend below courses. Some of the courses are free and others almost free! Now you need to put some effort in knowledge building! 🙂

API
https://www.apisecuniversity.com/courses/api-penetration-testing
https://academy.tcm-sec.com/p/hacking-apis

Web
https://taggartinstitute.org/p/pwst
https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course

Android
https://academy.tcm-sec.com/p/mobile-application-penetration-testing

That was all for now!