Guardian of the Truth

• Homepage
• About
• Blog Menu

🧰 Essential Tools & Software for Beginner Penetration Testers

1. Virtualization Software

Utilize virtualization platforms to create isolated environments for testing:

• VirtualBox: A free and open-source option.Click here>>
• VMware Workstation Player: Offers a user-friendly interface for beginners.Click here>>

2. Penetration Testing Operating Systems

These specialized Linux distributions come pre-installed with a suite of security tools:

• Kali Linux: Widely used for penetration testing and ethical hacking.
• Parrot Security OS: Focuses on security and privacy.
• BackBox: Ubuntu-based, designed for security assessments.
• You can read more in there: Click here>>

3. Vulnerable Target Machines

Practice exploiting known vulnerabilities in these intentionally insecure systems:

• Metasploitable: A vulnerable Linux virtual machine.Click here>>
• Metasploitable3: A vulnerable Linux virtual machine.Click here>>
• DVWA: Damn Vulnerable Web Application (PHP/MySQL web app).Click here>>
• OWASP BWA: A collection of vulnerable web apps.Click here>>
• AetherLabs (32bit) : A vulnerable Linux virtual machine.Virtual box linkClick here>>
• AetherLabs (32bit) : A vulnerable Linux virtual machine.VMWare linkClick here>>
• AetherLabs (64bit) : A vulnerable Linux virtual machine.Virtual box linkClick here>>
• AetherLabs (64bit) : A vulnerable Linux virtual machine.VMWare linkClick here>>
• PentesterLab: A vulnerable Linux virtual machine.Click here>>
• So SIMPLE Labs: A vulnerable Linux virtual machine.Click here>>

4. Networking Tools

Essential for scanning and analyzing networks:

• Nmap: Network discovery and security auditing.Click here>>
• Wireshark: Network protocol analyzer.Click here>>
• Burp Suite: Web vulnerability scanner.Click here>>
• Metasploit Framework: Develop and execute exploit code.Click here>>

🧪 Setting Up Your Penetration Testing Lab

• Install Virtualization Software: Download and install VirtualBox or VMware on your host machine.
• Set Up Virtual Machines:
  • Kali Linux: Install as your attacker machine.
  • Target Machines: Set up Metasploitable, DVWA, or OWASP BWA.
• Configure Networking: Use internal/host-only adapters for isolation.
• Snapshot Your VMs: Revert easily before each test.
• Document Your Activities: Keep detailed logs of your testing procedures.

📚 Additional Resources

• Hack The Box: Visit
• TryHackMe: Visit

💻 Hackingbooks Resources

• PDF coffee: Visit
• Computer Tutorials: Visit
• InfoBooks: Visit
• Hackly: Visit
• OSSU/Computer Science: Visit
• Gurdian Of The Truth(Telegram Channel): Visit

🥷 Youtube Resources

• Dr. Aung Win Htut Green Hackers: Visit
• Christopher Barnatt: Visit
• Khit Min Nyo: Visit
• Hacktilizer: Visit
• HackerSploit: Visit

📌 Recommended Posts