Listen to this Post
If you’re looking to gain practical cybersecurity skills, these free tools are a great way to get started. Below are the tools along with practice-verified codes and commands to help you get hands-on experience.
1. Wireshark
📌 Network Traffic Analysis
URL: https://www.wireshark.org/
You Should Know:
- Use Wireshark to capture and analyze network traffic.
- Example command to capture traffic on an interface:
sudo wireshark
- Filter HTTP traffic:
http
- Filter DNS queries:
dns
2. Metasploit Framework
📌 Penetration Testing & Exploitation
URL: https://www.metasploit.com/
You Should Know:
- Start Metasploit:
msfconsole
- Search for exploits:
search exploit_name
- Use an exploit:
use exploit/path set RHOSTS target_ip run
3. OpenVAS
📌 Vulnerability Scanning
You Should Know:
- Start OpenVAS:
sudo openvas-start
- Access the web interface at `https://127.0.0.1:9392`.
- Run a scan:
openvasmd --create-target=target_name --hosts=target_ip
4. Burp Suite
📌 Web Application Security Testing
URL: https://portswigger.net/burp
You Should Know:
- Launch Burp Suite:
burpsuite
- Intercept HTTP requests:
- Enable Proxy > Intercept > Turn Intercept On.
- Test for SQL Injection:
- Use Repeater to modify and send requests.
5. Snort
📌 Intrusion Detection System (IDS)
You Should Know:
- Start Snort in IDS mode:
sudo snort -A console -q -c /etc/snort/snort.conf -i eth0
- Create custom rules:
alert tcp any any -> any any (msg:"Suspicious Activity"; content:"malware"; sid:1000001;)
6. Nmap
📌 Network Scanning & Reconnaissance
URL: https://nmap.org/
You Should Know:
- Scan a target IP:
nmap target_ip
- Scan for OS detection:
nmap -O target_ip
- Scan for open ports:
nmap -p 1-1000 target_ip
7. John the Ripper
📌 Password Cracking & Security Auditing
URL: https://www.openwall.com/john/
You Should Know:
- Crack a password file:
john --wordlist=wordlist.txt password_file
- Show cracked passwords:
john --show password_file
8. Maltego
📌 Open Source Intelligence (OSINT)
You Should Know:
- Use Maltego to map domain relationships:
- Add a domain entity and run transforms like “Domain to IP Address.”
9. The Sleuth Kit
📌 Digital Forensics & File System Analysis
URL: https://www.sleuthkit.org/
You Should Know:
- Analyze a disk image:
fls -r disk_image
- Recover deleted files:
icat disk_image inode_number > recovered_file
10. Steghide
📌 Data Hiding & Extraction
URL: http://steghide.sourceforge.net/
You Should Know:
- Hide data in an image:
steghide embed -cf image.jpg -ef secret.txt
- Extract hidden data:
steghide extract -sf image.jpg
What Undercode Say
Cybersecurity is a hands-on field, and these tools provide a solid foundation for building practical skills. Whether you’re analyzing network traffic with Wireshark, conducting penetration tests with Metasploit, or performing digital forensics with The Sleuth Kit, these tools are essential for any cybersecurity professional. Practice the commands and techniques shared above to enhance your expertise and stay ahead in the ever-evolving world of cybersecurity.
For further learning, explore the official documentation and tutorials linked in each tool’s URL. Happy hacking! 🛡️
References:
Reported By: Ouardi Mohamed – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅



