The UK's National Cyber Security Center and Western European friends today released a report focusing on the most commonly used hacking tools.
The study presents five classes of available hacking tools widely used by criminals, spies and hacktivists worldwide. Your list below will not surprise those involved in penetration testing but is valuable to the public who wants the security of their systems.
PDF lists some of the tools most likely to be used in targeted networks.
Remote Access Trojans (RATs): "invisible" programs for planting backdoors and removal data
Web Shells: scripts planted on servers to provide remote administrator control
Mimikatz: He's eavesdropping codeς πρόσβασης και άλλα διαπιστευτήρια που είναι αποθηκευμένα στη μνήμη
PowerShell Empire: This framework allows hackers to enter sensitive systems
Detection and control tools and extermination tools: Utilities used to hide the location of a hacker.
Of course, they are also popular penetration-testing kits.
Often these tools are not inherently malicious and can legitimately be used for penetration testing aimed at detecting vulnerabilities. But they can also be used for malicious network violations. The NCSC says that the parallel use of the above tools can bring impressive results and make it more difficult to detect them.
"Many are used in combination with each other, presenting a huge challenge for the defender of the network," says GCHQ.
The NCSC reports that a few simple steps could go a long way in preventing potential attacks. Basic defenses include control ID cardtwo or multi-factor, network partitioning, and more that you can read in the PDF below.
__________________________
- Internet Archive the first decentralized Web is online
- Chrome restore of WWW and HTTP
- Tails 3.9.1 ISO has just been released from the Tails Project
- Google's DeepMind: dopamine use from neural networks
