Abstract
This article examines how black hat hackers use different hacking tools to hack into a system and gain access. Data is collected from OWASP top 10 and other websites which show the cyberattacks and the increase in the number of cyberattacks in the years 2021 and 2022. Using this data, some of the most occurred attacks like SQL injection, authentication bypass, eaves dropping, website hacking, DDOS attack, man-in-the-middle attack, malware, spyware, keyloggers, etc. were obtained. So, this paper discusses some of the important cybersecurity tools, and from these tools, it is easy to prevent such cyberattacks in the future. The first section illustrates the methodology of hacking, i.e., how black hat hacker hacks a system in five different steps, and in the following sections, some information gathering tools are explained. Using HTTrack, it is easy to clone the whole website in a system, can see each and every file in the local desktop and can easily find vulnerabilities, and it is easy to do fishing attack using this tool. The second tool is Maltego, which is one of the best tools used by black hat hackers to gather information. Next is Nmap also known as Network mapper, from which it is easy to gather all the information such as which operating system is the victim using open ports, closed ports, filtered ports, and services the victim machine is running on; using this, it is easy to hack into the victim machine. How Wireshark is used for sniffing, and how it is easy to see all the data traveling from source to destination are then summarized. Thereafter, how website hacking is done using Burp Suite, how Bettercap is used as man-in-the-middle attack, how black hat hackers create back door using msfvenom, and how the target machine is exploited using Metasploit are elaborated.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Saravanan A, Bama SS (2019) A review on cyber security and the fifth generation cyberattacks. Orient J Comput Sci Technol 12(2):50–56
www.privacyaffairs.com. [Online]. https://www.privacyaffairs.com/cybersecurity-attacks-in-2021/. Accessed 20 Jan 2022
Anand AG (2007) Ethical hacking and hacking attacks. Int J Eng Comput Sci
Phases of Hacking | Ethical Hacking. [Online]. https://www.greycampus.com/opencampus/ethical-hacking/phases-of-hacking. Accessed 05 Jan 2022
https://www.merriam-webster.com [Online]. https://www.merriam-webster.com/dictionary/reconnaissance. Accessed 01 Feb 2022
https://www.knowledgehut.com. [Online]. https://www.knowledgehut.com/blog/security/scanning-in-ethical-hacking. Accessed 02 Feb 2022
https://www.greycampus.com. [Online]. https://www.greycampus.com/opencampus/ethical-hacking/gaining-access. Accessed 04 Feb 2022
https://resources.infosecinstitute.com. [Online]. https://resources.infosecinstitute.com/topic/process-gaining-and-elevating-access/. Accessed 04 Feb 2022
https://www.javatpoint.com. [Online]. https://www.javatpoint.com/methods-to-maintain-access. Accessed 03 Feb 2022
"https://www.offensive-security.com. [Online]. https://www.offensive-security.com/metasploit-unleashed/maintaining-access/. Accessed 06 Feb 2022
www.geeksforgeeks.org. [Online]. https://www.geeksforgeeks.org/5-phases-hacking/. Accessed 15 Jan 2022
https://spyscape.com. [Online]. https://spyscape.com/article/hacker-techniques-clearing-tracks. Accessed 05 Feb 2022
HTTrack Website Copier—Free Software Offline Browser. [Online]. https://www.httrack.com/. Accessed 08 Feb 2022
https://www.cyberpratibha.com. [Online]. https://www.cyberpratibha.com/blog/how-to-use-httrack-website-copier-graphically/. Accessed 08 Feb 2022
What is Maltego? | How to use it for information gathering—cybervie. https://www.cybervie.com/blog/what-is-maltego-how-to-use-it-for-information-gathering/. Accessed 15 Jan 2022
https://www.social-engineer.org. [Online]. https://www.social-engineer.org/framework/se-tools/computer-based/maltego/. Accessed 11 Feb 2022
Maltego: Homepage. [Online]. https://www.maltego.com/. Accessed 12 jan 2022.
Maltego—Wikipedia. [Online]. https://en.wikipedia.org/wiki/Maltego. Accessed 15 Jan 2022
Nmap Live Host Discovery—TryHackMe. [Online]. https://tryhackme.com/room/nmap01. Accessed 1 Feb 2022
Nmap: the network mapper—free security scanner. [Online]. https://nmap.org/. Accessed 01 Feb 2022
https://www.tutorialspoint.com. [Online]. https://www.tutorialspoint.com/nmap-cheat-sheet. Accessed 11 Feb 2022
https://www.comptia.org. https://www.comptia.org/content/articles/what-is-wireshark-and-how-to-use-it. Accessed 08 Feb 2022
https://www.csoonline.com. [Online]. https://www.csoonline.com/article/3305805/what-is-wireshark-what-this-essential-troubleshooting-tool-does-and-how-to-use-it.html. Accessed 11 Feb 2022
Wireshark · Go Deep. [Online]. https://www.wireshark.org/. Accessed 02 Feb 2022
https://www.varonis.com. Available: https://www.varonis.com/blog/how-to-use-wireshark. Accessed 11 Feb 2022
https://www.techpanther.in. [Online]. https://www.techpanther.in/2020/05/intruduction-to-burp-suite.html. Accessed 08 Feb 2022
Simran TG, Sasikala D Vulnerability assessment of web applications using penetration testing
Kurkure SNAS (2017) Vulnerability assessment and penetration testing of web application. In: International conference on computing, communication, control and automation (ICCUBEA)
https://www.hackingarticles.in. [Online]. https://www.hackingarticles.in/wireless-penetration-testing-bettercap/. Accessed 15 Feb 2022
https://www.geeksforgeeks.org. [Online]. https://www.geeksforgeeks.org/sniffing-using-bettercap-in-linux/. Accessed 05 Feb 2022
Introduction :: bettercap. [Online]. https://www.bettercap.org/intro/. Accessed 03 Feb 2022
https://blog.knoldus.com. [Online]. https://blog.knoldus.com/what-is-msfvenom-how-to-use-it/. Accessed 11 Feb 2022
MSFvenom—Metasploit Unleashed. [Online]. https://www.offensive-security.com/metasploit-unleashed/msfvenom/. Accessed 04 Feb 2022
https://posts.slayerlabs.com. [Online]. https://posts.slayerlabs.com/msfvenom-guide/. Accessed 08 Feb 2022
Maynor D, Mookhey K (2007) Metasploit framework and advanced environment configurations. Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research, pp 77–83
https://www.makeuseof.com. [Online]. https://www.makeuseof.com/beginners-guide-metasploit-kali-linux/. Accessed 11 Feb 2022
https://www.varonis.com. [Online]. https://www.varonis.com/blog/what-is-metasploit. Accessed 15 Feb 2022
Sabhi Z (2022) Learn ethical hacking from scratch—zSecurity. [Online]. https://zsecurity.org/courses/learn-ethical-hacking-from-scratch/. Accessed 02 Feb 2022
https://www.simplilearn.com. [Online]. https://www.simplilearn.com/what-is-metaspoilt-article. Accessed 12 Feb 2022
Introducing msfvenom | Rapid7 Blog [Online]. https://www.rapid7.com/blog/post/2011/05/24/introducing-msfvenom/. Accessed 04 Feb 2022
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Maaz, S., Sinha, D.K., Sinha, G. (2023). Examination of Different Network Security Monitoring Tools. In: Shakya, S., Papakostas, G., Kamel, K.A. (eds) Mobile Computing and Sustainable Informatics. Lecture Notes on Data Engineering and Communications Technologies, vol 166. Springer, Singapore. https://doi.org/10.1007/978-981-99-0835-6_47
Download citation
DOI: https://doi.org/10.1007/978-981-99-0835-6_47
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-0834-9
Online ISBN: 978-981-99-0835-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)