Ethical Hacking – Additional Resources

Welcome to the home of FREE and PAID Ethical Hacking Additional Resources!

The Toolshed!

Frameworks

Kali Linuxhttps://www.kali.org/
This Debian-based Linux Distro is the X Hat’s Dream! Chock full of tools for hacking delights. For example, Kali Linux has the Metasploit framework installed and ready to rock.

Metasploit https://www.metasploit.com/
This is an advanced hacker framework. It has the latest scanning and exploits with predefined settings and databases. This is often considered the premier pentester framework. This is pre-built into Kali Linux – helping to make that distro so popular.

Reconnaissance/Scanning Tools

ClearanceJobs https://www.clearancejobs.com

dig – Linux OS – DNS lookups

dnsrecon https://github.com/darkoperator/dnsrecon
A powerful script for DNS enumeration

host – Linux OS – DNS operations

fping
Handy for ping sweeps; built right in to Kali

Facebook https://facebook.com

LinkedIn https://linkedin.com

masscanhttps://github.com/robertdavidgraham/masscan
This is a port scanner with many of the same features as nmap

MegaPinghttps://magnetosoft.com/product-megaping
This is very similar to fping, but offers a GUI as it is Windows-based

nmap/zenmap nmap.org
“Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform free and open-source application that aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows the interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scan results can be compared with one another to see how they differ. The results of recent scans are stored in a searchable database.

nslookup
Multi-platform DNS tool

Twitter https://twitter.com

USA Jobshttps://www.usajobs.gov/

Vulnerability Resources

Microsoft Security Response Centerhttps://microsoft.com/msrc

Security Focushttps://bugtraq.securityfocus.com/archive

Hackerstorm https://hackerstorm.co.uk

National Vulnerability Databasehttps://nvd.nist.gov

Secunia https://www.flexera.com/products/software-vulnerability-research/secunia-research

Exploit Databasehttps://exploit-db.com

Dark Reading https://www.darkreading.com

Security Magazinehttps://www.securitymagazine.com

Common Vulnerability Scoring Systemhttps://first.org/cvss

Common Vulnerabilities and Exposures https://cve.mitre.org

Security Models

Biba biba75.pdf (ucdavis.edu)

Bell-La Pedula ModelBell.pdf (acsac.org)

Clark-Wilson06.pdf (ucdavis.edu)

State MachineSecurity Architecture and Design/Security Models