-1

I was reading digital forensics as part of my curriculum and came across some tools used for hacking (ethical hacking aka pentration testing). There is a bunch of tools out there. I was wondering if the bad guys actually use such tools or do they make their own stuff based on specific purpose ?

schroeder
  • 123,438
  • 55
  • 284
  • 319
sweetpoision10
  • 3
  • 2
  • 1
    If you strip out all the extra words, you just asked "do hackers use pre-made hacking tools?" – schroeder Feb 14 '20 at 15:15
  • Yes but then there may have been confusion as to which hackers ? Like the really bad guys or ethical ones. – sweetpoision10 Feb 14 '20 at 15:19
  • This exploration will be relevant: https://security.stackexchange.com/questions/34400/what-is-the-distinguishing-point-between-a-script-kiddie-and-a-hacker – schroeder Feb 14 '20 at 15:28
  • Thanks man. I really appreciate it – sweetpoision10 Feb 14 '20 at 16:11
  • @sweetpoision10 how are the tools you use in any way relevant to the ethics you apply, especially if you're in a group of people who do not concern themselves with ethics? – Marcus Müller Feb 14 '20 at 20:03
  • "I" was attacked with partial success using metasploit a few years ago - (that's a yes). After patching the vuln, I considrered raising a bug report against the metasploit module that partially failed. – Jasen Feb 15 '20 at 11:39

4 Answers4

0

Hacking tools are available and used by everyone, good and bad. In fact, releasing these tools to the good guys is helpful so they can develop protections against them in real attacks.

Of course, there are also custom/specific purpose tools that are NOT widely available as well.

Oleksi
  • 4,809
  • 2
  • 19
  • 26
0

Yes, Black Hats use ready-made tools.

The reason for this is simple. These tools had a lot of effort put into them to fulfill a wide variety of tasks very well. Sure, any hacker could write their own HTTPS proxy, but Burp does that already and does it probably a lot better in a fraction of the time it would take a hacker to write even a simple proxy.

Regarding custom tools, most "custom made" tools are actually "proof-of-concept" tools, meaning that they make use of some newly discovered vulnerability. These tools have very low code maturity, usually require a lot of patching to get them to run on a different system and are generally made to run once.

You can compare this to some shell script that people write to do stuff once, versus a shell script that is distributed with some widely popular tool. These two scripts vary wildly in code quality, but if you only need to run it once, it doesn't matter.

0

A lot of them are opensource, you can grab the latest version of Metasploit and extend its modules for example, so yes, even bad guys use the tools good guys use, even on Defcon you see the top white hats and the gray / dark hats.

But in order to be really good at this as I've seen in most of the articles I've read about security, most of the good tools are not open source and are private, owned by their coders and sometimes shared among those who share good knowledge of a specific expertise on private forums and some others techniques are not even taught to common people or known by them because you have to develope certain level of knowledge to even try to attempt to perform this bleeding edge techniques.

Lets put it like this, a penetration tester might script out a whole pentest with opensource tools just to verify common vulnerabilities and make a report and make the day right?

But there are other peeps that take a while to stay a while and tinker even further to do some crazy stuff making their own tools to do stuff that for obvious reasons is not out there freely.

Good jobs take effort, time and money.

IceeFrog
  • 125
  • 7
0

Criminals, and even government cyber armies use what works. Period. If a pre-made tool works, then why invent a new one?

This is very well recorded. I did a search for "chinese army metasploit" and these are some of the results:

schroeder
  • 123,438
  • 55
  • 284
  • 319