Tools - Linux

Tools used in Linux Thick client pentesting #

Information Gathering #

  1. file (https://man7.org/linux/man-pages/man1/file.1.html)
  2. ldd (https://man7.org/linux/man-pages/man1/ldd.1.html)
  3. strings (https://man7.org/linux/man-pages/man1/strings.1.html)
  4. apt (https://manpages.ubuntu.com/manpages/xenial/man8/apt.8.html)
  5. strace (https://man7.org/linux/man-pages/man1/strace.1.html)
  6. ltrace (https://man7.org/linux/man-pages/man1/ltrace.1.html)
  7. pspy (https://github.com/DominicBreuker/pspy)

Reverse Engineering #

  1. IDA/IDA Pro (https://hex-rays.com/ida-free/, https://hex-rays.com/ida-pro/)
  2. Ghidra (https://github.com/NationalSecurityAgency/ghidra)

Memory Analysis #

  1. gcore (https://man7.org/linux/man-pages/man1/gcore.1.html)
  2. kill (https://man7.org/linux/man-pages/man1/kill.1.html)
  3. Procdump (https://github.com/Sysinternals/ProcDump-for-Linux)
  4. gdb (https://man7.org/linux/man-pages/man1/gdb.1.html)

Traffic Analysis #

  1. Wireshark (https://www.wireshark.org/)
  2. Tshark (https://www.wireshark.org/docs/man-pages/tshark.html)
  3. tcpdump (https://www.tcpdump.org/manpages/tcpdump.1.html)
  4. proxychains (https://github.com/haad/proxychains)
  5. Burp Suite (https://portswigger.net/burp)
  6. mitm relay (https://github.com/jrmdev/mitm_relay)
Calendar January 2, 2024
Edit Edit this page