Thursday, November 18, 2021

Fierce Definition - Fierce Tools for Kali Linux { 2021 }


DESCRIPTION: fierce is a semi-lightweight enumeration scanner that helps penetration testers locate non-contiguous IP space and hostnames for a specified domain using things like DNS, Whois, and ARIN. It's really meant as a pre-cursor to active testing tools via something like Nmap, Unicornscan, Nessus, Nikto, etc, since all of those require that you already know what IP space you are looking for. Fierce does not perform exploitation and does not scan the whole internet indiscriminately. It is meant specifically to locate likely targets both inside and outside a corporate network.

Fierce Tools for Kali Linux

Since it uses DNS primarily you will often find mis-configured networks that leak internal address space.

USAGE: {target options} [OPTIONS]

EXAMPLE: DNS (Standard Fierce scan)

EXAMPLE: DNS –wide (Standard Fierce scan and search all class c ranges found for PTR names that match the domain)

EXAMPLE: DNS -only zt (Fierce scan that only checks for zone transfer)

EXAMPLE: DNS –ztstop (Fierce scan that does not perform brute-forcing if a zone transfer is found)

EXAMPLE: fierce -DNS –wildcstop (Fierce scan that does not perform brute-forcing if a wildcard is found) 

In 2006 the Auditor security collection and Whax merged to create Backtrack. The creators were trying to provide a special Kali Linux distribution that would help people do penetration testing in a more useful way.

Kali Linux from the Inside Out

Within one year, Backtrack evolved into a full-blown Kali Linux distribution with kernel 2.6.20, and it added support for Metasploitable 2 and 3. It also redesigned the menu structure. In 2007, Backtrack 2 appeared as a Kali Linux distribution meant for penetration testing.

In 2008, Backtrack 3 appeared; this time the kernel was, and two specialized hacking tools were added: Saint and Maltego.

In 2010, Backtrack 4 with kernel 2.6.34 came out with massively improved hardware support.

The next year was important in the journey of Backtrack. In 2011, Backtrack 5 appeared; this time it was based on Ubuntu Lucid LTS, and the kernel was 2.6.38.

A massive change was brewing. In March 2013, Backtrack Kali Linux became Linux. The support for Backtrack ended. It was now Debian-based, and the platform had been rebuilt completely.

In this chapter, you'll learn more about Linux and explore all the major hacking tools it offers. You'll learn about the various hacking categories and which tools belong to which categories. This will be a brief introduction; as you progress through the book, you'll learn how the tools function in detail.

More About Kali Linux Tools

When you installed Linux, you probably found that Linux is designed to be used as a single root user. You can create extra users for doing penetration testing. Quite naturally, as a security person, you wanna be anonymous. However, this single, root user scenario has been created for a reason. Kali isn't meant for general users. It was created to meet the requirements of professional penetration testers and security auditors.

As you progress through this book, you'll find that many tools you will use for penetration testing need root privilege. Kali has come up with a minimal and trusted set of repositories to maintain the integrity of the system. The configuration part, it was discussed in detail. Do not change the sources.list file without knowing the actual consequences, and you must resist the temptation to add repositories.

You should resist this enticement for one particular reason. You do not know whether a package’s trustworthiness is guaranteed by the Linux development team. If it is not, it might even break your system. So always be careful about adding any new package or repository.

Since Kali Linux is aimed at penetration testing and security auditing, it contains hundreds of tools that are meant for security-related tasks. 


Post a Comment