top of page
Writer's pictureVishwanath Akuthota

Kali Linux 2024.2 with 18 new tools

In the fast-paced world of cybersecurity, staying ahead of threats and vulnerabilities is paramount. Whether you’re a seasoned professional or just starting your journey, having the right tools at your disposal can make all the difference. Here, we explore a selection of essential tools that every cybersecurity expert should consider adding to their arsenal in 2024.


Kali Linux

Kali Linux is a powerful, Debian-based distribution tailored specifically for cybersecurity professionals. It comes pre-installed with a comprehensive collection of forensics and penetration testing tools, making it an essential resource for anyone involved in network security, digital forensics, or ethical hacking. Developed and maintained by Offensive Security, Kali Linux is designed to be both user-friendly and robust, offering a versatile platform for security assessments, vulnerability testing, and digital investigations. Its extensive toolkit includes everything from network analyzers to password crackers, making it the go-to operating system for security experts around the globe.


New tools Kali Linux 2024.2

  • autorecon – Multi-threaded network reconnaissance tool

  • coerce – Automatically coerce a Windows server to authenticate on an arbitrary machine

  • dploot – Python rewrite of SharpDPAPI

  • getsploit – Command line utility for searching and downloading exploits

  • gowitness – Web screenshot utility using Chrome Headless

  • eyrie – Highly Optimized Radio Scanning Tool

  • ligolo-ng – Advanced, yet simple, tunneling/pivoting tool that uses a TUN interface

  • mitm6 – pwning IPv4 via IPv6

  • netexec – Network service exploitation tool that helps automate assessing the security of large networks

  • pspy – Monitor Linux processes without root permissions

  • pyinstaller – Converts (packages) Python programs into stand-alone executables

  • pyinstxtractor – PyInstaller Extractor

  • sharpshooter – Payload Generation Framework

  • sickle – Payload development tool

  • snort – Flexible Network Intrusion Detection System

  • sploitscan – Search for CVE information

  • vopono – Run applications through VPN tunnels with temporary network namespaces

  • waybackpy – Access Wayback Machine's API using Python


Here are the full details:


1. AutoRecon

AutoRecon is a powerful, multi-threaded network reconnaissance tool. Designed to automate the initial stages of penetration testing, AutoRecon performs comprehensive scans and organizes the results efficiently. It helps security professionals identify potential vulnerabilities quickly, making the reconnaissance phase more effective.


2. Coercer

Coercer allows you to automatically coerce a Windows server to authenticate on an arbitrary machine. This tool is invaluable for penetration testers looking to exploit authentication mechanisms and gain unauthorized access to systems.


3. DPloit

DPloit is a Python rewrite of the popular SharpDPAPI tool. It focuses on decrypting DPAPI (Data Protection API) protected data, making it a critical tool for forensic investigators and penetration testers working with Windows environments.


4. GetSploit

GetSploit is a command-line utility for searching and downloading exploits. It simplifies the process of finding and utilizing exploits, which is essential for testing the security of systems against known vulnerabilities.


5. GoWitness

GoWitness is a web screenshot utility using Chrome Headless. This tool allows you to capture screenshots of websites efficiently, which can be useful for documentation, reporting, and further analysis of web-based applications.


6. Eyrie

Eyrie is a highly optimized radio scanning tool. It’s designed for use in environments where radio frequency (RF) monitoring and analysis are critical, such as in secure communications and wireless security assessments.


7. Ligolo-ng

Ligolo-ng is an advanced, yet simple, tunneling/pivoting tool that uses a TUN interface. It facilitates secure communication and data transfer within networks, making it a go-to tool for penetration testers who need to establish pivot points in a target network.


8. Mitm6

Mitm6 focuses on pwning IPv4 via IPv6. This tool exploits the inherent weaknesses in the transition mechanisms between IPv4 and IPv6, allowing testers to conduct man-in-the-middle attacks and other network-based exploits.


9. Netexec

Netexec is a network service exploitation tool that automates the assessment of large networks. It streamlines the process of identifying and exploiting vulnerabilities in network services, making it a valuable asset for large-scale security assessments.


10. Pspy

Pspy allows you to monitor Linux processes without root permissions. This lightweight tool is ideal for gaining insights into running processes on a Linux system without requiring elevated privileges, making it useful for both security monitoring and forensic investigations.


11. PyInstaller

PyInstaller converts (packages) Python programs into stand-alone executables. This tool is crucial for developers and security professionals who need to distribute Python applications in a portable format.


12. Pyinstxtractor

Pyinstxtractor is a PyInstaller Extractor. It allows you to extract files from a PyInstaller package, which can be useful for reverse engineering and analyzing packaged Python applications.


13. SharpShooter

SharpShooter is a payload generation framework. It supports multiple payload types and delivery methods, making it a versatile tool for crafting custom payloads for penetration testing and red teaming exercises.


14. Sickle

Sickle is a payload development tool. It helps in the creation of sophisticated payloads for exploiting vulnerabilities, enabling security professionals to test and enhance their attack vectors.


15. Snort

Snort is a flexible Network Intrusion Detection System (NIDS). It monitors network traffic in real-time to detect suspicious activities and potential intrusions, making it a cornerstone tool for network security monitoring.


16. Sploitscan

Sploitscan helps you search for CVE information. This tool is essential for staying up-to-date with the latest vulnerabilities and exploits, allowing security professionals to prioritize and address the most critical threats.


17. Vopono

Vopono enables you to run applications through VPN tunnels with temporary network namespaces. This tool enhances privacy and security by ensuring that application traffic is securely tunneled through VPNs.


18. Waybackpy

Waybackpy provides access to the Wayback Machine's API using Python. It allows security professionals to retrieve archived web pages, which can be invaluable for historical analysis, forensic investigations, and tracking changes to web applications over time.


These tools represent the cutting edge of cybersecurity capabilities in 2024. By incorporating them into your toolkit, you can enhance your ability to identify, analyze, and mitigate threats, ensuring robust security for your organization or clients.


Let's build a Secure future where humans and AI work together to achieve extraordinary things!


Let's keep the conversation going!

What are your thoughts on the limitations of AI for struggling companies? Share your experiences and ideas for successful AI adoption.


Contact us(info@drpinnacle.com) today to learn more about how we can help you.

71 views0 comments

Comments


bottom of page