Its been a while since I have posted about some hacking tools and with increasing number of emails asking me to do an  article on it, I finally decided to cover it up.Hacking tools are developed by some really good coders out there to ease out many complex tasks which have to be done manually and took painstakingly great deal of time and effort.All these tools provided here are free of cost,are tried hands on and are being actively developed by community,and if not,their alternatives are provided.To summarize it up, these are the 7 must have tools for every hacker out there.

1. Nmap
I think everyone has heard of this one, Nmap (Network Mapper) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use,and dozens of other characteristics. It may be used to discover computers and services on a computer network, thus creating a "map" of the network.Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.Can be used by beginners (-sT) or by pros alike (packet_trace). A very versatile tool, once you fully understand the results.

Download Nmap

2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works with a client-server framework.Nessus is the worlds most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the worlds largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Download Nessus

3. Wireshark
Wireshark is a GTK+-based  network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers. Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! .

Download Wireshark

4. Cain and Abel
The swiss knife of hacking tools..Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.

Download Cain and Abel

5. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with  any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. A good wireless tool as long as your card supports rfmon

Download Kismet

6. NetStumbler
Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving. NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

1. Verify that your network is set up the way you intended.
2. Find locations with poor coverage in your WLAN.
3. Detect other networks that may be causing interference on your network.
4. Detect unauthorized rogue access points in your workplace.
5. Help aim directional antennas for long-haul WLAN links.
6. Use it recreationally for WarDriving.

Download NetStumbler

7. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan. If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.

Download Superscan

Alternatively, you can try Angry IP Scanner which is a pretty good replacement for 

some of  download links have been deleted ....but can be founded on torrentz,4shared 

i

Session Hijacking refers to an attack in which a hacker temporarily hijacks the ongoing session of the user and he is able to see what the user is doing on his mobile,computer be it accessing facebook,gmail or any other site.

P.S.- Rooted Android is required .

Steps of using :

1.Open the app.

2.Check "ARP-Spoofing" and "Genreic Mode".

3.Click on Start.

Facebook is one of the most widely used social networking site with more than 750 million users, as a reason if which it has become the number 1 target of hackers have , I have written a couple of post related to facebook hacking here. I mentioned the top methods which were used by hackers to hack facebook accounts, however lots of things have changed in 2013, Lots of methods have went outdated or have been patched up by facebook and lots of new methods have been introduced, So in this post I will write the top 10 methods how hackers can hack facebook accounts.

10 Ways How Hackers Can Hack Facebook Accounts

10. Botnets 


Botnets are not commonly used for hacking facebook accounts, because of it's high setup costs, They are used to carry more advanced attacks, A botnet is basically a collection of compromised computer, The infection process is same as the keylogging, however a botnet gives you, additional options in for carrying out attacks with the compromised computer. Some of the most popular botnets include Spyeye and Zeus.

Step 1 : Open set Tool in Backtrack 5 : To open it follow the step shown above .

Step 2 : Time to set the Website Attack Vectors : Below Menu   enter your choice : 2.Website Attack Vectors and press Enter .

Step 3 : Select your Attacking Method , Here i choose 

3. Credential Harvester Attack Method.

Step 4 : Select Attack Vectors :write  2. Site Cloner and press enter as shown in the image . 

Step 5: Enter the Url: To make a clone to facebook login page I entered https://www.facebook.com and press enter . As I press enter it will automatically generate a clone page .

Step 6 : To continue the process you have to put * sign and press enter.

Step 7 : Process will continue as shown in the image above .

Step 8: Open terminal and enter ifconfig command . It will shown your ip address . Now copy the ip address .

Step9 :Open Web Browser and  Paste the system ipaddress into Address bar and it will redirect to the facebook login page .

Now Enter your anything to check it will work or not . 

FOR EXAMPLE: Here I use 

Email : h4x00r

Password:hackingDNA.com

And Press Enter . Let see what happen on the Next step .

Step 10 : In step 7 the process start you remember now when you follow step 8 and step 9  ,then it will come up with  all the details of Username and Password . 

Stealing Files,Downloading Keystrokes,Controlling Webcam from remote Locations,ETC by Armitage.

Armitage is an GUI Platform for Metaspoilt and in technical terms,it is a script-able red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.It saves time and is very powerful in commencing Metaspoilt attacks.

So Now about our attack today : 

Brains and Patience.

By Going To : Backtrack > Exploitation Tools > Network Exploitation Tools > Metasploit Framework > armitage.

Click on the connect Button .

Now use the patience part,and stretch your legs,it takes some time to connect.

It has 3 Panels -

Target Panel 

Module Panel

Tabs Panel 

Now you will search for Host on you network,By Going to Hosts -> Nmap Scan -> Quick Scan (OS detect).This will perform a quick scan to detect the host and their operating systems and vulnerabilities.

Now You have to insert scan range,that is you LAN ip range,Most preferably it would start with 192.168.0.- or 10.0.0.-.NOTE : the ( - ) resembles the computers on LAN.

Start the Scan.

Now the Fun Parts starts,Click on Attacks tab in your toolbar and select Find Attacks (Not hail mary,you might not be ready for that).Start the scan and wait till it completes.

Right Click on the Host icon (windows pc) -> Select attacks -> smb -> ms08_067_netapi  vulnerability . 

Now a window should pop,Click on the check-box that says "Use  a reverse connection" .

Start Attack

So did the Host Icon Turn Red ? That Means YOU PASSED.

Right click on the host -> Meterpreter1 ->Interact -> Command Shell 

Now You are In Their Command Prompt,You can now change,rename,delete,create files on their pc now.Search Google for some powerful windows commands.

Click on the Meterpreter2 -> Explore -> Log Keystrokes.

Now you will receive what the victim is typing.

Click on the Meterpreter2 -> Explore ->Screenshot.

Now you can see what is on their Facebook wall or Google mail accounts.

Right click -> Meterpreter2 -> Explore > Browse Files .

Now you can interact with all the files on victim PC via a GUI.

Right click -> Meterpreter2 ->Explore -> Webcam shot

Catch that guy making out ,and have fun with him later.

Edited by June, Chris Hadley, Max1508, Skycaptain95 and 59 others