Our in this platform we usually talk about various applications and their uses to check loopholes on systems. But penetration testers not only uses software applications, they also need some hardware to perform the tasks. In this detailed article we are going to cover hardware devices & gadgets used by an ethical hacker. Let’s start with a warning.

Warning:- This article is written for educational purpose only. To make it more ethical, we just only talk about the hardware devices publicly available in Amazon. Using these devices on our own for educational purpose isn’t crime, but using these devices against others without proper permission is illegal. So use these devices responsibly, we and Amazon will not be responsible for talking and selling these kind of product.

Lets start with a computer, most of cybersecurity experts prefer laptops, not desktops because laptops are portable. We had wrote an entire article about best laptops for Kali Linux, Moving forward ethical hackers uses some other hardware devices that is our main topic for today.

1. Raspberry Pi 4

Raspberry Pi dominating the market of single board computers (SBC). This device used by almost every security personals.

This is very useful we can install entire Kali Linux on this credit card sized computer. Raspberry Pi also can be used in many other projects. Cybersecurity experts use it on various way. We can see in Mr. Robot Season 1 Episode 5, how Elliot hacked the climate control network to destroy magnetic tapes.

There are unlimited uses of raspberry pi for an ethical hacker. This device is a must have for everyone on infosec and programming field.

2. Raspberry Pi Zero W

This is a small handheld computer, ideal for carrying the best penetration testing software tools, and to handle all the external hardware hacking tools. The most known Cybersecurity distro for it is P0wnP1 A.L.O.A. and Kali Linux. P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W. The successor of P4wnP1 is called P4wnP1 A.L.O.A. We recommend the USB type-A pongo-pin adapter shown in the above picture.

We also can use it a headless system (without monitor). This device connected with a power bank in our bag and we can control it from our mobile device on our hand(using VNC).

3. USB Rubber Ducky

USB Rubber ducky is created and developed by Hak5. Nearly every computing devices accepts human input from keyboards, hence the ubiquitous HID specification – or Human Interface Device. Keyboards announce themselves to computers as HID devices and are in turn automatically recognized and accepted.

The USB Rubber Ducky delivers powerful payloads in seconds by taking advantage of the target computers inherent trust all while deceiving humans by posing as an ordinary USB drive.

In simple words, if we plug it on a computer, the computer think it is a keyboard and it will inject (type, save and execute) our preset payload on the computer. There are lots of payload available for this device. Also we can easily write our own code.

This is one of the bast way to compromise a system having physical access.

4. WiFi Pineapple

The Wi-Fi pineapple is the original Wi-Fi attack tool developed by Hak5. There are three different models available from Hak5. They all are good, here we choose Mark VII model for it’s value for money.

This will automate the auditing of WiFi networks and saves the results. We can control it with awesome web based interface. This is really a very good product for security testing o wireless networks.

5. HackRF One

HackRF One from Great Scott Gadgets is a Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies. We can read and manipulate radio frequencies using this device.

HackRF One is an open-source hardware platform that can be used as a USB peripheral or programmed for stand- alone operation. This SDR offers one important improvement compared to other cheap alternatives. But the Radio Frequency (RF) quality isn’t good as expected.

6. Ubertooth One

Ubertooth One is the most famous Bluetooth hacking tool we can find on the market. It is an open source 2.4 GHz wireless development platform suitable for Bluetooth hacking. Commercial Bluetooth monitoring equipment can easily be priced at over $10,000 , so the Ubertooth was designed to be an affordable alternative platform for monitoring and development of new BT, BLE and similar wireless technologies.

Ubertooth One is designed primarily as an advanced Bluetooth receiver, offering capabilities beyond that of traditional adapters, which allow for it to be used as a BT signal sniffing and monitoring platform. Although the device hardware will accommodate signal broadcasting, the firmware currently only supports receiving and minimal advertising channel transmission features.

7. WiFi Deauther Watch

As the name said it’s a deauther, it de-authenticate the WiFi users and they got disconnected. It’s not a jammer. It uses ESP8266 WiFi development board to do so. Here it’s watch version is looks super cool gadget for every hacker.

While a jammer just creates noise on a specific frequency range (i.e. 2.4 GHz), a deauthentication attack is only possible due to a vulnerability in the Wi-Fi (802.11) standard. The deauther does not interfere with any frequencies, it is just sending a few Wi-Fi packets that let certain devices disconnect. That enables us to specifically select every target. A jammer just blocks everything within a radius and is therefore highly illegal to use.

8. USB Killer

Computers doesn’t check the current flowing through USB, because it uses computers own power and can’t transmit more voltage. But what if we took an advantage of this to burn our (using on others is totally illegal) entire system.

When plugged into a device, the USB Killer rapidly charges its capacitors from the USB power lines. When the device is charged, -200VDC is discharged over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Killer is removed. As the result target device becomes burned and unrepairable.

Its compact size and flash-drive style housing makes it an important device in every pen-tester’s toolkit. It can be used multiple times as we want.

9. Bad USB

This is a super alternative of USB Rubber Ducky. This device contains customized HW based on Atmega32u4 and ESP-12S. This device allows keystrokes to be sent via Wi-Fi to a target machine. The target recognizes the Ducky as both a standard HID keyboard and a serial port, allows interactive commands and scripts to be executed on the target remotely.

Attacker can easily carry it as a thumb drive and plug into any PC to inject payload, running own command on it, it also can be controlled over WiFi. It looks like innocent USB thumb drive, which is a great advantage. But this is doesn’t have faster speed like USB Rubber Ducky.

10. Hardware Keylogger

A hardware keylogger can be inserted between USB keyboard and computer. It captures all the keystrokes made from the keyboard, must have thing for every cybersecurity expert.

This is a basic hardware keylogger. It has 16 MB storage. Which is sufficient to capture keystrokes for a year generally. Later we can remove it and plug on our computer to read the keystrokes. Some keyloggers comes with WiFi controlling and SMS controlling functionality. No software can detect it’s there.

11. Adafruit Bluefruit LE Sniffer

Adafruit
luefruit LE Friend is programmed with a special firmware image
thatturns it into an easy to use Bluetooth Low Energy sniffer. We can
passively capture data exchanges between two Bluetooth Low Energy (BLE)
devices, pushing the data into Wireshark,
the open source network analysis tool, where you can visualize things
on a packet level, with useful descriptors to help us make sense of the
values without having to crack open the 2000 page Bluetooth 4.0 Core
Specification every time.

Note:
We can only use this device to listen on Bluetooth Low Energy devices!
It will not work on Bluetooth (classic) devices. Firmware V2 is an
improved firmware from Nordic now has better Wireshark-streaming sniffer
software that works with all OS for live-streamed BLE sniffing. The
sniffer firmware cannot be used with the Nordic DFU bootloader firmware,
which means that if we want to reprogram this device you must use a J-Link (and a SWD programmer board). We cannot over-the-air (OTA) reprogram it.

12. Micro-controllers

There are lots of micro-controllers used by ethical hackers. Some of them are must have in a ethical hackers backpack.

NodeMCU ESP8266

ESP8266 is a $6 WiFi development board and it can be used in various way, we can make WiFi deauther by our own. It also can be used to create phishing pages over WiFi.

Arduino Pro Micro

This tiny micro-controller is one of the best choice for ethical hackers. We can make our own DIY USB Rubber Ducky.

Arduino Pro Micro is really good thing at a very low price. But if we want to change the script then we need to reset and upload new script on it from our computer.

13. RTL-SDR

RTL-SDR is a very cheap software defined radio that uses a DVB-T TV tuner dongle based on the RTL2832U chip-set.

It can be used to intercept radio frequencies. We can use it for listening others conversations. It is also able to intercept GSM mobile calls and SMS. It is very useful for cybersecurity experts.

14. Proxmark3 NFC RFID Card Reader

Owning
a Promark3 means owing the most powerful and most complete device
RFID/NFC (LF & HF) testing in the frequencies of 125KHz / 134KHz /
13.56MHz.

This
devices can make read the data of RFID and NFC cards and then make a
copy of it. We can write the new copies on blank cards provided with
this package. We we need more we can buy more blank cards on Amazon.

Therefore,
investing some more bucks in upgrading it, it’s not a bad idea. To
improve its range we need the extended range antennas for LF and HF.

Another
new and nice upgrade for it, is the Blue Shark Bluetooth 2.0 upgrade,
that permits controlling the proxmark3 wirelessly plus adding an
external battery to create an autonomous proxmark3 that can be connected
and controlled from your computer or smartphone. The Walrus NFC
application has been updated to permit control by Bluetooth. It also
fixes the high temperature concerns adding a metal cooler.

WiFi Adapters (Monitor Mode & Packet Injection)

WiFi adapter specially which supports monitor mode and packet injection is essential for WiFi penetration testing. So most of the hackers uses it. We had noticed that Alfa makes awesome adapters for cyber-security personals. We already discussed it on our Best WiFi adapter for Kali Linux article. Please check out that article before buying an WiFi adapter.

Something Extra

This is the gadgets for hackers we can directly buy from Amazon and help us on our ethical hacking journey. There are some more gadgets used by hackers but talking about them will be not ethical here. Most of them manufactured from china and available on some online stores. There are some cool stores like Hak5, but in this article we discussed about some gadgets which are openly available on Amazon.

Warning:- Using the above devices is not illegal. They are selling publicly on Amazon. But using these devices to harm anyone is totally illegal. We listed them for educational purpose and to learn how to safe ourselves from these kind of devices. If anyone uses this devices to harm anyone then we are not responsible for that, Amazon also not responsible. So use this devices responsibly, always remember:

That’s for today. Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Airgeddon is a multi-featured tool for penetration testing on WiFi system or wireless networks. This all-in-one WiFi auditing tool is written in bash by v1s1t0r1sh3r3.

Key-Features of Airgeddon

Airgeddon has so much features for WiFi hacking. They are following:

• Interface mode switcher (Monitor-Managed) keeping selection even on interface name changing.
• DoS over wireless networks using different methods (mdk3, mdk4, aireplay-ng). “DoS Pursuit mode” available to avoid AP channel hopping (available also on DoS performed on Evil Twin attacks).
• Full support for 2.4Ghz and 5Ghz bands.
• Assisted WPA/WPA2 personal networks Handshake file and PMKID capturing
• Cleaning and optimizing Handshake captured files.
• Offline password decrypting on WPA/WPA2 captured files for personal networks (Handshakes and PMKIDs) using dictionary, bruteforce and rule based attacks with aircrack, crunch and hashcat tools. Enterprise networks captured password decrypting based on john the ripper, crunch, asleap and hashcat tools.
• Evil Twin attacks (Rogue AP)
  • Only Rogue/Fake AP mode to sniff using external sniffer (Hostapd + DHCP + DoS).
  • Simple integrated sniffing (Hostapd + DHCP + DoS + Ettercap).
  • Integrated sniffing, sslstrip2 (Hostapd + DHCP + DoS + Bettercap).
  • Integrated sniffing, sslstrip2 and BeEF Browser Exploitation Framework (Hostapd + DHCP + DoS + Bettercap + BeEF).
  • Captive portal with “DNS blackhole” to capture wifi passwords (Hostapd + DHCP + DoS + Dnsspoff + Lighttpd).
  • Optional MAC spoofing for all Evil Twin attacks.
• WPS features
  • WPS scanning (wash). Self parameterization to avoid “bad fcs” problem.
  • Custom PIN association (bully and reaver).
  • Pixie Dust attacks (bully and reaver).
  • Bruteforce PIN attacks (bully and reaver).
  • Null PIN attack (reaver).
  • Known WPS PINs attack (bully and reaver), based on online PIN database with auto-update.
  • Integration of the most common PIN generation algorithms (ComputePIN, EasyBox, Arcadyan, etc.).
  • Offline PIN generation and the possibility to search PIN results on database for a target.
  • Parameterizable timeouts for all attacks.
• Enterprise networks attacks
  • Fake AP using “smooth” and “noisy” modes capturing enterprise hashes and plain passwords.
  • Custom certificates creation.
• WEP All-in-One attack (combining different techniques: Chop-Chop, Caffe Latte, ARP Replay, Hirte, Fragmentation, Fake association, etc.).
• Compatibility with many Linux distributions (see Requirements section).
• Easy targeting and selection in every section.
• Drag and drop files on console window for entering file paths or autocomplete using tab key on every path input for easier use.
• Dynamic screen resolution detection and windows auto-sizing for optimal viewing.
• Controlled Exit. Cleaning tasks and temp files. Restoring nftables/iptables after an attack that require changes on them. Option to keep monitor mode if desired on exit.
• Multilanguage support and autodetect OS language feature (see Supported Languages section).
• Help hints in every zone/menu for easy use.
• Auto-update. Script checks for newer version if possible.
• Docker image for easy and quick container deployment. Use already built image on Docker Hub or build our own.
• Http proxy auto detection for updates.
• Wayland graphic system supported (not only X window system).
• Tmux support for headless (systems without X window) environments.
• Multiple configurable options based on fallback substitution variables options system which allow to configure many enhancements like enable/disable colors, 5Ghz band, auto updates, hint printing, etc.
• Full compatibility with iptables and nftables with autodetection and possibility to force iptables by setting an option.
• Available plugins system to let the community create their own content in an easy and flexible way using the created function hooking system. More info at Plugins System section.

Installing Airgeddon on Kali Linux

We can install airgeddon from it’s GitHub repository by cloning/downloading the repository. But in Kali Linux 2021.1 update this tool is added to Kali Linux repository. We can install it by simply using apt-get install command from any version of Kali Linux:

sudo apt-get install airgeddon

This command will install airgeddon on our Kali Linux system. The above command will prompt for root password and disk space permissions. After that this airgeddon and it’s essential requirements will be installed.

Airgeddon also requires some additional tools to use all it’s features. To install them all on our Kali Linux we use following one liner command:

sudo apt install bettercap isc-dhcp-server hostapd hostapd-wpe udhcpd mdk4 hcxdumptool lighttpd hcxtools -y

Now we can use airgeddon on our system.

Requirements for Airgeddon

• WiFi networks for testing.
• WiFi adapter that supports monitor mode & packet injection [List].

Using Airgeddon on Kali Linux

Now we can run following command to run airgeddon on our Kali Linux system.

sudo airgeddon

Then airgeddon will open in front of us as shown in the following screenshot:

After it will ask to check for all the tools installed or not, we need to press ↵ Enter to continue.

In the above screenshot we can see that we have all the tools. Now we plugin our external USB WiFi adapter that supports monitor mode and packet injection. Then we again need to press ↵ Enter again to continue.

Here we can see the list of interfaces on our system, as the following screenshot.

In our case our wlan1 interface supports monitor mode and packet injections, so we press 5 and hit ↵ Enter. This will tell airgeddon that we are going to work with that interface.

After that we got the main menu of airgeddon script.

Here at the top we can see our interface name and mode. The mode is ‘managed’ we need to change it to ‘monitor’ mode. Here everything is very clear and simple.

We can use option 2 to change the interface mode to monitor. We press 2 and ↵ Enter.

In the above screenshot we can see that our interface is changed from wlan1 to wan1mon and the mon is for monitor mode.

Now we can perform attacks using this script. For example here we demonstrate handshake capturing and evil-twin attacks using airgeddon on Kali Linux.

Capture and Crack Handshake File using Airgeddon

For an example first we capture handshake of a wireless network. Now what is handshake file? We know if we previously used a WiFi network using password and the password isn’t changed then we can easily connect to the network because of the handshake file. This file stores the password with encryption.

To perform handshake capture attack we enter in the handshake tools menu by pressing 5 and ↵ Enter. Then the handshake menu comes in front of us as the following screenshot.

Here the option number 6 is for capture the WiFi handshake. So we press 6 and hit ↵ Enter.

We did not choose any network, so airgeddon is redirect us to select a target WiFi network. We need to press ↵ Enter to continue.

Here we explore for target WiFi network. We can start the attack by pressing ↵ Enter, when we think we have found our target network we can press CRL+C to stop searching.

Here we can see that a another window is opened to search for networks. We can see that we have only target. So we can stop the search by pressing CTRL+C. Then it will show the list of targets.

As we told, we have only one WiFi network (we live in a remote area). That’s why airgeddon automatically select this. Otherwise we need to select the number of the WiFi network to select it.

We press ↵ Enter to continue. 

Now airgeddon got a valid target it it asks to continue the handshake capture. We again press ↵ Enter to continue.

Then airgeddon again prompts for the methods to capture the handshake file, as we can see in the following screenshot.

For an example we choose the deauth attack (No. 1). So we choose number 1 and press ↵ Enter.

Here we need to type of the value in seconds. We can simply press ↵ Enter to left it on it’s default value, which is 20. Then it show us some advises as we can see in the following screenshot:

We can see in the above screenshot that the tool is going to capture the handshake. It also advice us to not close the windows manually during handshake capturing. We will know when airgeddon capture the handshake file. We need to press ↵ Enter to continue.

Then we can see some terminal window is opened in front of us in the following screenshot. We should not close them. 

To clear some things here airgeddon sending de-authentication packets to the network, then all the WiFi users will disconnect for some seconds for the flood. Whenever the devices trying to connect back the WiFi network airgeddon will capture the handshake file.

After successfully capturing the handshake file these will close automatically, and show us a congratulations message. It also asks where we want to save our handshake file. The default is under /root/handshake**.cap as we can see in the following screenshot.

Here also we goes with the default by just pressing ↵ Enter. Then the handshake file is stored successfully on the root folder. Handshake capturing is complete now. We can press ↵ Enter again to back in the menu.

We can press 0 and ↵ Enter to return to the main menu.

Our captured handshake file is stored on /root/ directory. We can see it by opening our thunar file manager with root permission (sudo thunar).

We can crack the handshake file in various way. We can use airgeddons menu Airgeddon > Offline WPA/WPA2 decrypt menu > Personal > (aircrack + crunch) Bruteforce attack against Handshake/PMKID capture file. We also can use aircrack-ng or some other brute-forcing tool. There are also some online tools are available.

Evil Twin Attack using Airgeddon

We can do a lot of attacks using airgeddon. Evil twin is one of them. In this attack we create a copy of our target access point and whenever the user of the access point try to connect with our fake access point with their access point’s password we got it. But why they do it?

Because we continuously send de-authentication packets to the target access point (AP), so that the user will not able to connect with the original AP, and got trapped.

First of all we set the mode to monitor. Then we choose ‘Evil Twin attacks menu’ by pressing 7 and ↵ Enter.

Here we need to explore for the target by typing 4 as we did in the previous attack. We got auto-selected because we have only one target nearby.

Then we click ↵ Enter to continue. We get back to the ‘Evil Twin attacks menu’. Here we choose 9 for captive portal attack.

Now here we choose option 2 for ‘Deauth aireplay attack’.

Airgeddon will ask us some question. First it will ask that if we want to integrate “DoS pursuit mode”. The default is N for no, we also know that our AP will not change the channel in this case, so we press ↵ Enter to keep it default. Then it will ask if we want to spoof our mac address. We also goes with default (that is N).

Now airgeddon will ask us that have we captured the handshake of this access point. In our above attack we had captured it. So we choose Y for yes. Then it will prompt for the location of the handshake file, and we provide it, as we can see in the following screenshot:

Then it asks the location where the saved password will stay in a text file. Default location is under /root/ directory. We again goes with the default by just pressing ↵ Enter.

We can see in the above screenshot that our path is valid and we can move forward by pressing ↵ Enter.

In the next step airgeddon will create a phishing page and asks us for it’s language, as we can see in the following screenshot:

Here we choose 1 to select English, and press ↵ Enter.

Now airgeddon is ready to run the attack. All parameters and requirements are set. The attack is going to start. Multiple windows will be opened, don’t close anyone. When we want to stop the attack press ↵ Enter on this window and the script will automatically close them all.

We can see lots of terminals here for various works like de-authentication, control, DNS, Web Server etc.

Now we can see on our mobile device that we are not connected to our locked main WiFi access point and there are another access point with same name, in the following screenshot:

Whenever we connect to the other network. It automatically redirect to log in, as shown in the following screenshot:

Now here if our target use the password it will show the user that it was correct password.

We get it on our txt file on root directory. It also shown in the control terminal window. We need to keep the terminal windows open until the user did not put his password on the login screen. Hope target is not sleeping.

Here in this evil twin attack we are using the handshake file to check the password is correct or not. If they put the wrong password then it will notice it. Isn’t is amazing?

There are many types of attacks we can perform using airgeddon against a wireless network. Here we discuss about only two type because everything is very easy here. We just need to select the options only, everything will be done by the script automatically.

This is how we can install and use Airgeddon on Kali Linux. This is a very easy but powerful tool for WiFi auditing.

Airgeddon is specially designed for Linux. Airgeddon did not compatible on MacOS/OSX, because Aircrack suite does not support airodump and aireplay for OSX/MacOS, and iwconfig does not exist in OSX/MacOS.

Airgeddon is not working with any Linux distribution run under Windows subsystem (WSL). Airgeddon also didn’t support native OpenBSD and FreeBSD, iwconfig command not working there and ifconfig shows different output.

Warning:- Attacking other’s network or WiFi is not legal. We publish this article for educational purpose and tested things on our own devices. If anyone attacks on others devices then we and the tool creator will not be responsible for that.

Stay updated with our articles by following us on Twitter and GitHub. Be a part of the KaliLinuxIn community by joining our Telegram Group, where we focus on Linux and Cybersecurity. We’re always available to help in the comment section and read every comment, ensuring a prompt reply

In our this article we are going to learn how we can handle our Linux box. This is the basics for system admins and penetration testers. Here we will learn about starting/stopping system service, installing stuffs on Linux and much more. We are covering things as a penetration testers perspective on our Kali Linux system. But this same things can be done on any Debian based Linux distribution, like Ubuntu, Linux Mint, Elementary OS etc.

These things we are going to learn will lead our whole Linux (specially Debian-based) journey not only Kali Linux.

Linux Host Information

To know our hostname on Linux, we just need to execute the hostname command on our terminal window. As we can see in the following screenshot:

Hostname is the name of our computer. If we want to change it we can edit it’s configuration file by sudo nano etc/hostname command. Then we put their our required name for the computer. Then we need to save it then reboot too see the effects.

Linux OS Information

Knowing the information of an Operating System or OS is very essential for privilege escalation. So that the penetration tester can gain information if the version used is vulnerable. To know the information of the OS we need to run uname -a command.

In the above screenshot we had used -a flag to know all the information. If we need any specific information about then we can use different flags like kernel name (-s), network node hostname (-n), kernel release (-r), kernel version (-v), machine hardware name (-m), processor type (-p), hardware platform (-i), name of operating system (-o).

Linux Hardware Information

On Linux system, if we want to know about our system’s hardware information then we need to know these commands.

To check our CPU information we need to check our /proc/cpuinfo by using following command:

cat /proc/cpuinfo

Almost same way if we wanna check our RAM information then we need to run cat /proc/meminfo command. We can see the output on the following screenshot.

To see attached devices with our system (like hard disk, disk partitions etc), then we need to use sudo fdisk -l (here -l flag displays partitions) command. This also show us external drives connected with our system.

To display the list of USB devices like mouse, keyboard, thumb drive, wifi adapter, rtl-sdr etc we need to use lsusb command. As we can see in the following screenshot.

To see all the mounted directories into the file system, then we need to execute mount command.

Managing Services on Linux

Services are servers that can run on our Linux or Kali Linux system, such as SSH Apache, FTP etc.

To manage  services on Linux we need to use commands like following

• sudo service servicename status to check the status of the service.
• sudo service servicename start to start a service.
• sudo service servicename stop to stop a service.
• sudo service servicename restart to restart a service.

We also can use sudo systemctl servicename status/start/stop/restart to do the same thing.

Package Management

For doing package management first we need to update our Kali Linux system’s repository. We have an entire article on Kali Linux repository. In short Kali Linux repository is located on /etc/apt/sources.list, we can open it by using following command:

sudo nano /etc/apt/sources.list

After putting sudo password we can see the default repository in the following screenshot:

We can update our system or download new tools directly from repository. to update our system (like Windows update), we need to run following command:

sudo apt update -y

To upgrade the system we need to run following command:

sudo apt upgrade -y

We have an previous article on updating Kali Linux system.

Installing Packages on Linux

There are various ways to installing packages or software on Linux system. Commonly there are two ways:

• Installing from software packages.
• Installing from repository.

When we are installing a software package, we need to download the package with .deb extension from the internet then we need to run sudo dpkg -i filename.deb command to install the package.

To download packages from repository we need to run command like sudo apt install packagename command.

To remove software package from our system we need to run sudo apt remove packagename command.

To find a package name on repository we need to run command apt-cache search packagename.

Finally, if we need to install a package and we’re not sure if the package is exists on the repository or not we need to run command apt-cache show packagename.

Process Management on Linux

One of our most favorite process management tool on Kali Linux is htop. But it is not come pre-installed on Kali Linux. We need to install it from repository by using following command:

sudo apt install htop

After installing it we need to run htop command and we can see all the  running process on our terminal window, as we can see in the following screenshot:

While taking screenshot, we got the highlighted process

Another way to get the list of currently running process is by using the ps -A u command, as we can see in the following screenshot.

We can see the PID (Process Identification Number) on both screenshot we can this are the numbers of the processing. We can stop any processing services by running kill PID_NUMBER command. If the system refuse to kill it we can do it forcefully by applying kill -9 PID_NUMBER command.

This is about how we can manage process and manage our Linux system. Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Our in this platform we usually talk about various applications and their uses to check loopholes on systems. But penetration testers not only uses software applications, they also need some hardware to perform the tasks. In this detailed article we are going to cover hardware devices & gadgets used by an ethical hacker. Let’s start with a warning.

Warning:- This article is written for educational purpose only. To make it more ethical, we just only talk about the hardware devices publicly available in Amazon. Using these devices on our own for educational purpose isn’t crime, but using these devices against others without proper permission is illegal. So use these devices responsibly, we and Amazon will not be responsible for talking and selling these kind of product.

Lets start with a computer, most of cybersecurity experts prefer laptops, not desktops because laptops are portable. We had wrote an entire article about best laptops for Kali Linux, Moving forward ethical hackers uses some other hardware devices that is our main topic for today.

1. Raspberry Pi 4

Raspberry Pi dominating the market of single board computers (SBC). This device used by almost every security personals.

This is very useful we can install entire Kali Linux on this credit card sized computer. Raspberry Pi also can be used in many other projects. Cybersecurity experts use it on various way. We can see in Mr. Robot Season 1 Episode 5, how Elliot hacked the climate control network to destroy magnetic tapes.

There are unlimited uses of raspberry pi for an ethical hacker. This device is a must have for everyone on infosec and programming field.

2. Raspberry Pi Zero W

This is a small handheld computer, ideal for carrying the best penetration testing software tools, and to handle all the external hardware hacking tools. The most known Cybersecurity distro for it is P0wnP1 A.L.O.A. and Kali Linux. P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W. The successor of P4wnP1 is called P4wnP1 A.L.O.A. We recommend the USB type-A pongo-pin adapter shown in the above picture.

We also can use it a headless system (without monitor). This device connected with a power bank in our bag and we can control it from our mobile device on our hand(using VNC).

3. USB Rubber Ducky

USB Rubber ducky is created and developed by Hak5. Nearly every computing devices accepts human input from keyboards, hence the ubiquitous HID specification – or Human Interface Device. Keyboards announce themselves to computers as HID devices and are in turn automatically recognized and accepted.

The USB Rubber Ducky delivers powerful payloads in seconds by taking advantage of the target computers inherent trust all while deceiving humans by posing as an ordinary USB drive.

In simple words, if we plug it on a computer, the computer think it is a keyboard and it will inject (type, save and execute) our preset payload on the computer. There are lots of payload available for this device. Also we can easily write our own code.

This is one of the bast way to compromise a system having physical access.

4. WiFi Pineapple

The Wi-Fi pineapple is the original Wi-Fi attack tool developed by Hak5. There are three different models available from Hak5. They all are good, here we choose Mark VII model for it’s value for money.

This will automate the auditing of WiFi networks and saves the results. We can control it with awesome web based interface. This is really a very good product for security testing o wireless networks.

5. HackRF One

HackRF One from Great Scott Gadgets is a Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies. We can read and manipulate radio frequencies using this device.

HackRF One is an open-source hardware platform that can be used as a USB peripheral or programmed for stand- alone operation. This SDR offers one important improvement compared to other cheap alternatives. But the Radio Frequency (RF) quality isn’t good as expected.

6. Ubertooth One

Ubertooth One is the most famous Bluetooth hacking tool we can find on the market. It is an open source 2.4 GHz wireless development platform suitable for Bluetooth hacking. Commercial Bluetooth monitoring equipment can easily be priced at over $10,000 , so the Ubertooth was designed to be an affordable alternative platform for monitoring and development of new BT, BLE and similar wireless technologies.

Ubertooth One is designed primarily as an advanced Bluetooth receiver, offering capabilities beyond that of traditional adapters, which allow for it to be used as a BT signal sniffing and monitoring platform. Although the device hardware will accommodate signal broadcasting, the firmware currently only supports receiving and minimal advertising channel transmission features.

7. WiFi Deauther Watch

As the name said it’s a deauther, it de-authenticate the WiFi users and they got disconnected. It’s not a jammer. It uses ESP8266 WiFi development board to do so. Here it’s watch version is looks super cool gadget for every hacker.

While a jammer just creates noise on a specific frequency range (i.e. 2.4 GHz), a deauthentication attack is only possible due to a vulnerability in the Wi-Fi (802.11) standard. The deauther does not interfere with any frequencies, it is just sending a few Wi-Fi packets that let certain devices disconnect. That enables us to specifically select every target. A jammer just blocks everything within a radius and is therefore highly illegal to use.

8. USB Killer

Computers doesn’t check the current flowing through USB, because it uses computers own power and can’t transmit more voltage. But what if we took an advantage of this to burn our (using on others is totally illegal) entire system.

When plugged into a device, the USB Killer rapidly charges its capacitors from the USB power lines. When the device is charged, -200VDC is discharged over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Killer is removed. As the result target device becomes burned and unrepairable.

Its compact size and flash-drive style housing makes it an important device in every pen-tester’s toolkit. It can be used multiple times as we want.

9. Bad USB

This is a super alternative of USB Rubber Ducky. This device contains customized HW based on Atmega32u4 and ESP-12S. This device allows keystrokes to be sent via Wi-Fi to a target machine. The target recognizes the Ducky as both a standard HID keyboard and a serial port, allows interactive commands and scripts to be executed on the target remotely.

Attacker can easily carry it as a thumb drive and plug into any PC to inject payload, running own command on it, it also can be controlled over WiFi. It looks like innocent USB thumb drive, which is a great advantage. But this is doesn’t have faster speed like USB Rubber Ducky.

10. Hardware Keylogger

A hardware keylogger can be inserted between USB keyboard and computer. It captures all the keystrokes made from the keyboard, must have thing for every cybersecurity expert.

This is a basic hardware keylogger. It has 16 MB storage. Which is sufficient to capture keystrokes for a year generally. Later we can remove it and plug on our computer to read the keystrokes. Some keyloggers comes with WiFi controlling and SMS controlling functionality. No software can detect it’s there.

11. Adafruit Bluefruit LE Sniffer

Adafruit luefruit LE Friend is programmed with a special firmware image thatturns it into an easy to use Bluetooth Low Energy sniffer. We can passively capture data exchanges between two Bluetooth Low Energy (BLE) devices, pushing the data into Wireshark, the open source network analysis tool, where you can visualize things on a packet level, with useful descriptors to help us make sense of the values without having to crack open the 2000 page Bluetooth 4.0 Core Specification every time.

Note: We can only use this device to listen on Bluetooth Low Energy devices! It will not work on Bluetooth (classic) devices. Firmware V2 is an improved firmware from Nordic now has better Wireshark-streaming sniffer software that works with all OS for live-streamed BLE sniffing. The sniffer firmware cannot be used with the Nordic DFU bootloader firmware, which means that if we want to reprogram this device you must use a J-Link (and a SWD programmer board). We cannot over-the-air (OTA) reprogram it.

12. Micro-controllers

There are lots of micro-controllers used by ethical hackers. Some of them are must have in a ethical hackers backpack.

NodeMCU ESP8266

ESP8266 is a $6 WiFi development board and it can be used in various way, we can make WiFi deauther by our own. It also can be used to create phishing pages over WiFi.

Arduino Pro Micro

This tiny micro-controller is one of the best choice for ethical hackers. We can make our own DIY USB Rubber Ducky.

Arduino Pro Micro is really good thing at a very low price. But if we want to change the script then we need to reset and upload new script on it from our computer.

13. RTL-SDR

RTL-SDR is a very cheap software defined radio that uses a DVB-T TV tuner dongle based on the RTL2832U chip-set.

It can be used to intercept radio frequencies. We can use it for listening others conversations. It is also able to intercept GSM mobile calls and SMS. It is very useful for cybersecurity experts.

14. Proxmark3 NFC RFID Card Reader

Owning a Promark3 means owing the most powerful and most complete device RFID/NFC (LF & HF) testing in the frequencies of 125KHz / 134KHz / 13.56MHz.

This devices can make read the data of RFID and NFC cards and then make a copy of it. We can write the new copies on blank cards provided with this package. We we need more we can buy more blank cards on Amazon.

Therefore, investing some more bucks in upgrading it, it’s not a bad idea. To improve its range we need the extended range antennas for LF and HF.

Another new and nice upgrade for it, is the Blue Shark Bluetooth 2.0 upgrade, that permits controlling the proxmark3 wirelessly plus adding an external battery to create an autonomous proxmark3 that can be connected and controlled from your computer or smartphone. The Walrus NFC application has been updated to permit control by Bluetooth. It also fixes the high temperature concerns adding a metal cooler.

WiFi Adapters (Monitor Mode & Packet Injection)

WiFi adapter specially which supports monitor mode and packet injection is essential for WiFi penetration testing. So most of the hackers uses it. We had noticed that Alfa makes awesome adapters for cyber-security personals. We already discussed it on our Best WiFi adapter for Kali Linux article. Please check out that article before buying an WiFi adapter.

Something Extra

This is the gadgets for hackers we can directly buy from Amazon and help us on our ethical hacking journey. There are some more gadgets used by hackers but talking about them will be not ethical here. Most of them manufactured from china and available on some online stores. There are some cool stores like Hak5, but in this article we discussed about some gadgets which are openly available on Amazon.

Warning:- Using the above devices is not illegal. They are selling publicly on Amazon. But using these devices to harm anyone is totally illegal. We listed them for educational purpose and to safe ourselves from these kind of devices. If anyone uses this devices to harm anyone then we are not responsible for that, Amazon also not responsible. So use this devices responsibly, always remember:

That’s for today. Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Our in this platform we usually talk about various applications and their uses to check loopholes on systems. But penetration testers not only uses software applications, they also need some hardware to perform the tasks. In this detailed article we are going to cover hardware devices & gadgets used by an ethical hacker. Let’s start with a warning.

Warning:- This article is written for educational purpose only. To make it more ethical, we just only talk about the hardware devices publicly available in Amazon. Using these devices on our own for educational purpose isn’t crime, but using these devices against others without proper permission is illegal. So use these devices responsibly, we and Amazon will not be responsible for talking and selling these kind of product.

Lets start with a computer, most of cybersecurity experts prefer laptops, not desktops because laptops are portable. We had wrote an entire article about best laptops for Kali Linux, Moving forward ethical hackers uses some other hardware devices that is our main topic for today.

1. Raspberry Pi 4

Raspberry Pi dominating the market of single board computers (SBC). This device used by almost every security personals.

This is very useful we can install entire Kali Linux on this credit card sized computer. Raspberry Pi also can be used in many other projects. Cybersecurity experts use it on various way. We can see in Mr. Robot Season 1 Episode 5, how Elliot hacked the climate control network to destroy magnetic tapes.

There are unlimited uses of raspberry pi for an ethical hacker. This device is a must have for everyone on infosec field.

2. Raspberry Pi Zero W

This is a small handheld computer, ideal for carrying the best penetration testing software tools, and to handle all the external hardware hacking tools. The most known Cybersecurity distro for it is P0wnP1 A.L.O.A. and Kali Linux. P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W. The successor of P4wnP1 is called P4wnP1 A.L.O.A. We recommend the USB type-A pongo-pin adapter shown in the above picture.

We also can use it a headless system (without monitor). This device connected with a power bank in our bag and we can control it from our mobile device on our hand(using VNC).

3. USB Rubber Ducky

USB Rubber ducky is created and developed by Hak5. Nearly every computing devices accepts human input from keyboards, hence the ubiquitous HID specification – or Human Interface Device. Keyboards announce themselves to computers as HID devices and are in turn automatically recognized and accepted.

The USB Rubber Ducky delivers powerful payloads in seconds by taking advantage of the target computers inherent trust all while deceiving humans by posing as an ordinary USB drive.

In simple words, if we plug it on a computer, the computer think it is a keyboard and it will inject (type, save and execute) our preset payload on the computer. There are lots of payload available for this device. Also we can easily write our own code.

This is one of the bast way to compromise a system having physical access.

4. WiFi Pineapple

The Wi-Fi pineapple is the original Wi-Fi attack tool developed by Hak5. There are three different models available from Hak5. They all are good, here we choose Mark VII model for it’s value for money.

This will automate the auditing of WiFi networks and saves the results. We can control it with awesome web based interface. This is really a very good product for security testing o wireless networks.

5. HackRF One

HackRF One from Great Scott Gadgets is a Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies. We can read and manipulate radio frequencies using this device.

HackRF One is an open-source hardware platform that can be used as a USB peripheral or programmed for stand- alone operation. This SDR offers one important improvement compared to other cheap alternatives. But the Radio Frequency (RF) quality isn’t good as expected.

6. Ubertooth One

Ubertooth One is the most famous Bluetooth hacking tool we can find on the market. It is an open source 2.4 GHz wireless development platform suitable for Bluetooth hacking. Commercial Bluetooth monitoring equipment can easily be priced at over $10,000 , so the Ubertooth was designed to be an affordable alternative platform for monitoring and development of new BT, BLE and similar wireless technologies.

Ubertooth One is designed primarily as an advanced Bluetooth receiver, offering capabilities beyond that of traditional adapters, which allow for it to be used as a BT signal sniffing and monitoring platform. Although the device hardware will accommodate signal broadcasting, the firmware currently only supports receiving and minimal advertising channel transmission features.

7. WiFi Deauther Watch

As the name said it’s a deauther, it de-authenticate the WiFi users and they got disconnected. It’s not a jammer. It uses ESP8266 WiFi development board to do so. Here it’s watch version is looks super cool gadget for every hacker.

While a jammer just creates noise on a specific frequency range (i.e. 2.4 GHz), a deauthentication attack is only possible due to a vulnerability in the Wi-Fi (802.11) standard. The deauther does not interfere with any frequencies, it is just sending a few Wi-Fi packets that let certain devices disconnect. That enables us to specifically select every target. A jammer just blocks everything within a radius and is therefore highly illegal to use.

8. USB Killer

Computers doesn’t check the current flowing through USB, because it uses computers own power and can’t transmit more voltage. But what if we took an advantage of this to burn our (using on others is totally illegal) entire system.

When plugged into a device, the USB Killer rapidly charges its capacitors from the USB power lines. When the device is charged, -200VDC is discharged over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Killer is removed. As the result target device becomes burned and unrepairable.

Its compact size and flash-drive style housing makes it an important device in every pen-tester’s toolkit. It can be used multiple times as we want.

9. Bad USB

This is a super alternative of USB Rubber Ducky. This device contains customized HW based on Atmega32u4 and ESP-12S. This device allows keystrokes to be sent via Wi-Fi to a target machine. The target recognizes the Ducky as both a standard HID keyboard and a serial port, allows interactive commands and scripts to be executed on the target remotely.

Attacker can easily carry it as a thumb drive and plug into any PC to inject payload, running own command on it, it also can be controlled over WiFi. It looks like innocent USB thumb drive, which is a great advantage. But this is doesn’t have faster speed like USB Rubber Ducky.

10. Hardware Keylogger

A hardware keylogger can be inserted between USB keyboard and computer. It captures all the keystrokes made from the keyboard, must have thing for every cybersecurity expert.

This is a basic hardware keylogger. It has 16 MB storage. Which is sufficient to capture keystrokes for a year generally. Later we can remove it and plug on our computer to read the keystrokes. Some keyloggers comes with WiFi controlling and SMS controlling functionality. No software can detect it’s there.

11. Adafruit Bluefruit LE Sniffer

Adafruit luefruit LE Friend is programmed with a special firmware image thatturns it into an easy to use Bluetooth Low Energy sniffer. We can passively capture data exchanges between two Bluetooth Low Energy (BLE) devices, pushing the data into Wireshark, the open source network analysis tool, where you can visualize things on a packet level, with useful descriptors to help us make sense of the values without having to crack open the 2000 page Bluetooth 4.0 Core Specification every time.

Note: We can only use this device to listen on Bluetooth Low Energy devices! It will not work on Bluetooth (classic) devices. Firmware V2 is an improved firmware from Nordic now has better Wireshark-streaming sniffer software that works with all OS for live-streamed BLE sniffing. The sniffer firmware cannot be used with the Nordic DFU bootloader firmware, which means that if we want to reprogram this device you must use a J-Link (and a SWD programmer board). We cannot over-the-air (OTA) reprogram it.

12. Micro-controllers

There are lots of micro-controllers used by ethical hackers. Some of them are must have in a ethical hackers backpack.

NodeMCU ESP8266

ESP8266 is a $6 WiFi development board and it can be used in various way, we can make WiFi deauther by our own. It also can be used to create phishing pages over WiFi.

Arduino Pro Micro

This tiny micro-controller is one of the best choice for ethical hackers. We can make our own DIY USB Rubber Ducky.

Arduino Pro Micro is really good thing at a very low price. But if we want to change the script then we need to reset and upload new script on it from our computer.

13. RTL-SDR

RTL-SDR is a very cheap software defined radio that uses a DVB-T TV tuner dongle based on the RTL2832U chip-set.

It can be used to intercept radio frequencies. We can use it for listening others conversations. It is also able to intercept GSM mobile calls and SMS. It is very useful for cybersecurity experts.

14. Proxmark3 NFC RFID Card Reader

Owning a Promark3 means owing the most powerful and most complete device RFID/NFC (LF & HF) testing in the frequencies of 125KHz / 134KHz / 13.56MHz.

This devices can make read the data of RFID and NFC cards and then make a copy of it. We can write the new copies on blank cards provided with this package. We we need more we can buy more blank cards on Amazon.

Therefore, investing some more bucks in upgrading it, it’s not a bad idea. To improve its range we need the extended range antennas for LF and HF.

Another new and nice upgrade for it, is the Blue Shark Bluetooth 2.0 upgrade, that permits controlling the proxmark3 wirelessly plus adding an external battery to create an autonomous proxmark3 that can be connected and controlled from your computer or smartphone. The Walrus NFC application has been updated to permit control by Bluetooth. It also fixes the high temperature concerns adding a metal cooler.

WiFi Adapters (Monitor Mode & Packet Injection)

WiFi adapter specially which supports monitor mode and packet injection is essential for WiFi penetration testing. So most of the hackers uses it. We had noticed that Alfa makes awesome adapters for cyber-security personals. We already discussed it on our Best WiFi adapter for Kali Linux article. Please check out that article before buying an WiFi adapter.

Something Extra

This is the gadgets for hackers we can directly buy from Amazon and help us on our ethical hacking journey. There are some more gadgets used by hackers but talking about them will be not ethical here. Most of them manufactured from china and available on some online stores. There are some cool stores like Hak5, but in this article we discussed about some gadgets which are openly available on Amazon.

Warning:- Using the above devices is not illegal. They are selling publicly on Amazon. But using these devices to harm anyone is totally illegal. We listed them for educational purpose and to safe ourselves from these kind of devices. If anyone uses this devices to harm anyone then we are not responsible for that, Amazon also not responsible. So use this devices responsibly, always remember:

That’s for today. Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.