The UK's National Cyber Security Center and Western European friends today released a report focusing on the most commonly used hacking tools.
The study presents five classes of available hacking tools widely used by criminals, spies and hacktivists worldwide. Your list below will not surprise those involved in penetration testing but is valuable to the public who wants the security of their systems.
PDF lists some of the tools most likely to be used in targeted networks.
Remote Access Trojans (RATs): "Invisible" programs for backdoors implantation and data removal
Web Shells: scripts planted on servers to provide remote administrator control
Mimikatz: Stalks passwords and other credentials stored in memory
PowerShell Empire: This framework allows hackers to enter sensitive systems
Detection and control tools and extermination tools: Utilities used to hide the location of a hacker.
Of course, they are also popular penetration-testing kits.
Often these tools are not inherently malicious and can legitimately be used for penetration testing aimed at detecting vulnerabilities. But they can also be used for malicious network violations. The NCSC says that the parallel use of the above tools can bring impressive results and make it more difficult to detect them.
"Many are used in combination with each other, posing a huge challenge for the network's defender," says GCHQ.
The NCSC states that some simple steps could greatly help to prevent possible attacks. Basic defenses include two or multiple agent authentication, network partitioning, and many more that you can read in the PDF below.