2.10 - Parrot OS
a. Anonsurf
I have experience using Anonsurf to route all system traffic through Tor for anonymity. My expertise includes configuring Anonsurf to maintain privacy, enhance online security, and mitigate tracking threats during penetration testing.
b. Burp Suite
I am skilled in using Burp Suite for web application security testing. My experience includes performing vulnerability assessments, intercepting and modifying HTTP requests, and automating tasks such as scanning and spidering to identify security flaws in web applications.
c. Hydra
I am proficient in using Hydra, a powerful tool for brute-force password cracking. I utilise Hydra to test the security of various network services by attempting different username/password combinations and ensuring systems are resilient against brute-force attacks.
d. John the Ripper
I have experience with John the Ripper for password cracking and security auditing. My skills include configuring John to identify weak passwords across encrypted files, hashed passwords, and system user accounts, enhancing overall security posture.
I am proficient in using Metasploit for penetration testing and vulnerability exploitation. My skills include exploiting vulnerabilities, creating payloads, and conducting security assessments to identify weaknesses and ensure systems are well-protected.
f. Nmap
I have expertise in using Nmap for network scanning and security auditing. My skills include identifying open ports, detecting services, and mapping network topology to assess potential vulnerabilities and ensure proper security configurations.
I am skilled in using the Social-Engineer Toolkit (SET) to simulate social engineering attacks, such as phishing and spear-phishing campaigns.
h. SQLmap
I am proficient in using SQLmap to detect and exploit SQL injection vulnerabilities. My skills include automated testing, exploiting databases, and extracting data while ensuring that applications are protected against such injection attacks.
i. theHarvester
I have experience with theHarvester for gathering open-source intelligence (OSINT) on domains, emails, and employees. I use theHarvester to perform reconnaissance and build a detailed map of potential attack vectors during penetration testing.
j. Tor
I am skilled in using Tor to anonymise online activity and ensure privacy. My expertise includes configuring Tor for secure browsing, testing for security leaks, and leveraging it in conjunction with other tools to enhance anonymity in security testing.
k. Wireshark
I have extensive experience using Wireshark for network traffic analysis and packet inspection. My skills include identifying potential security issues, analysing network protocols, and diagnosing performance or security-related issues at a granular level.