Kali Linux contains a number of tools that can be used during the penetration testing process. The penetration testing tools included in Kali Linux can be categorized into the following categories:
Information gathering: This category contains several tools that can be used to gather information about DNS, IDS/IPS, network scanning, operating systems, routing, SSL, SMB, VPN, voice over IP, SNMP, e-mail addresses, and VPN.
Vulnerability assessment: In this category, you can find tools to scan vulnerabilities in general. It also contains tools to assess the Cisco network, and tools to assess vulnerability in several database servers. This category also includes several fuzzing tools.
Web applications: This category contains tools related to web applications such as the content management system scanner, database exploitation, web application fuzzers, web application proxies, web crawlers, and web vulnerability scanners.
Database assessment: Tools in this category allow for the ability to test the security of a variety of databases. There are a number of tools designed specifically to test SQL databases.
Password attacks: In this category, you will find several tools that can be used to perform either off-line or on-line password attacks.
Wireless attacks: Testing wireless security is becoming more and more common. This category includes tools to attack Bluetooth, RFID/NFC, and wireless devices.
Exploitation tools: This category contains tools that can be used to exploit the vulnerabilities found in the target environment. You can find exploitation tools for the network, web, and database. There are also tools to perform social engineering attacks and find out about the exploit information.
Sniffing and spoofing: Tools in this category can be used to sniff network and web traffic. This category also includes network spoofing tools such as Ettercap and Yersinia.
Post exploitation: Tools in this category will be able to help you maintain access to the target machine. You might need to get the highest privilege level in the machine before you can install tools in this category. Here, you can find tools for backdooring the operating system and web application. You can also find tools for tunneling.
Reporting tools: In this category, you will find tools that help you document the penetration testing process and results.
System services: This category contains several services that can be useful during the penetration testing task, such as the Apache service, MySQL service, SSH service, and Metasploit service.
To ease the life of a penetration tester, Kali Linux has provided us with a category called Top 10 Security Tools. Based on its name, these are the top 10 security tools commonly used by penetration testers. The tools included in this category are aircrack-ng, burp-suite, hydra, john, maltego, metasploit, nmap, sqlmap, wireshark, and zaproxy.
Besides containing tools that can be used for the penetration testing task, Kali Linux also comes with several tools that you can use for the following:
Reverse engineering: This category contains tools that can be used to debug a program or disassemble an executable file.
Stress testing: This category contains tools that can be used to help you in stress testing your network, wireless, web, and VOIP environment.
Hardware hacking: Tools in this category can be used if you want to work with Android and Arduino applications.
Forensics: Tools in this category can be used for a variety of digital forensic tasks. This includes imaging disks; analyzing memory images, and file carving. One of the best forensic tools that is available with Kali Linux is Volatility. This command line tool has a number of features for analyzing memory images.
For the purposes of this book, we are focusing only on Kali Linux's penetration testing tools.