1、Nmap
Nmap
Nmap (ie "Network Mapper") is one of the most popular information gathering tools on KaliLinux. In other words, it can obtain information about the host: its IP address, operating system checks, and detailed information about network security (such as the number of open ports and their meaning).
It also provides firewall circumvention and misdirection capabilities.
2、Lynis
Lynis
Lynis is a powerful tool for security auditing, compliance testing and system strengthening. In fact, you can also use it for vulnerability checking and penetration testing.
It will scan the system based on the measured components. For example, if it measures Apache - it will run Apache related tests against the portal information.
3、WPScan
WPScan
WordPress is one of the best open source CMS, and this tool is the best free WordPress security audit tool. It's free, but not open source.
If you want to know whether a WordPress blog is somehow vulnerable to attacks on mobile linux operating systems, WPScan is your friend.
It is reported that it also provides you with detailed information about the plug-ins used. In fact, a blog with good security may not expose you to many details, but it is still the best tool for WordPress security scanning to find potential vulnerabilities.
4、Aircrack-ng
Aircrack-ng
Aircrack-ng is a collection of tools for assessing WiFi network security. In addition to being limited to monitoring and obtaining information - it also includes the ability to disrupt networks (WEP, WPA1 and WPA2).
If you forget your WiFi network password, you can try using it to regain access. It also includes various wireless attack capabilities that you can use to locate and monitor WiFi networks to improve their security.
5、Hydra
Hydra
If you are looking for an interesting tool to crack login passwords, Hydra is one of the best tools pre-installed on KaliLinux.
It may no longer be actively maintainedkali linux penetration testing technology detailed explanation pdf, but it is now on GitHub, so you can also contribute to it.
6、Wireshark
Wireshark
Wireshark is the most popular network analyzer on KaliLinux. It can also be classified as one of the best KaliLinux tools for network sniffing.
It is actively maintainedkali linux penetration testing technology detailed explanation pdf, so I would definitely recommend you to try it.
7、MetasploitFramework
MetasploitFramework
MetsploitFramework (MSF) is the most commonly used penetration testing framework. It is available in two versions: an open source version and its professional version. Using this tool, you can verify vulnerabilities, test for known vulnerabilities, and perform a complete security assessment.
Actually, the free version does not have all the features.
8、Skipfish
Skipfish
Similar to WPScan, but it doesn’t just focus on WordPress. Skipfish is a web application scanner that can provide you with insights into almost any type of web application. It's fast and easy to use. It is reported that its recursive crawling method makes it more usable.
Skipfish generates reports that can be used for professional web application security assessments.
9、Maltego
Maltego
Maltego is an impressive data mining tool for analyzing information online and connecting information points (if any). Based on this information, it creates a directed graph to help dissect the links between those data.
Please note that this is not an open source tool.
It comes pre-installed, but you must register to choose which version you want to use. If you want to use it for personal use, the community version is enough (you only need to register an account), but if you want to use it for commercial purposes, you need to subscribe to the classic or XL version.
10、Nessus
Nessus
If your computer is connected to the Internet, Nessus can help you find vulnerabilities that potential attackers may exploit. In fact, if you are the administrator of multiple computers connected to the network, you can use it and protect those computers.
However, it is no longer a free tool, you can try it for free for 7 days from the official website.
The above is the detailed content of The best free WordPress security audit tools on Linux. For more information, please follow other related articles on the PHP Chinese website!