​10 gadgets every white hat hacker needs in their toolkit

How to conduct security audits and measure the technical assessment of a system or application.

Picture: Paul Sobczak (Flickr)

Picture: Paul Sobczak (Flickr)

A ‘white hat’ is an ethical computer hacker or cyber security expert. White hat hackers often conduct exploratory testing to ensure an organization or computer system is properly protected.

There are gadgets that can be used to conduct this type of hack, helping the white hat conduct security audits and measure the technical assessment of a system or application.

Most of this hardware was designed for security research or projects. Here are ten you might want to use as an ethical hacker.

1.Raspberry Pi 3

Third generation Raspberry Pis are now available. These low-budget computers can be simple and effective tools for online testing. In security audits, Raspberry Pi can act like a Swiss army knife for penetration testing (aka pen testing), carrying out controlled attacks in order to identify any vulnerabilities in the system. A classic way of using a Raspberry Pi would be with its appropriate battery pack, a pen testing distribution, likeKali Linux and applications like FruityWifi and open source tool to audit wireless networks.

2. WiFi Pineapple

This set of tools for wireless pen’ tests is very useful for various types of attacks, such as the classicMan-In-The-Middle. Through an intuitive web interface, it connects using any device. Its ease of use, workflow management, and the detailed information it provides offer the possibility of emulating different kinds of advanced attacks. As a platform, WiFi Pineapple also uses many modules, which are continually being developed by the user community, and can be installed free of charge directly via the web interface.

3. Alfa Network Board

As a classic WiFi board for injecting packets, the Alfa is great due to the quality of its materials, and for its use of chipsets which can be set to monitoring mode – a requirement for wireless audits.

4. Rubber Ducky

This “special” drive works as a programmed keyboard in the shape of a USB drive. When plugged into a computer, it starts writing automatically to launch programs and tools which may either be available on the victim’s computer, or loaded onto the drive's onboard Micro SD, in order to extract information.

5. LAN Turtle

This type of system admin and pen’ test tool provides stealthy remote access, as it stays connected to a USB port covertly. It also allows users to harvest information from the network and has the capacity to execute a Man-In-The-Middle attack.

6. HackRF One

This tool installs a powerfulSDR(Software-Defined Radio) system – a radio communication device which installs software to be used in place of typically installed hardware. This way, it is capable of processing all kinds of radio signals ranging from 10 MHz to 6 GHz from a single peripheral, which can be connected to the computer via a USB port. As an open source hardware platform, HackRF One can be used as a USB peripheral or programmed for stand-alone operation.

7. Ubertooth One

Ubertooth One is an open-source 2.4 GHz code development platform for experimenting with Bluetooth, enabling users to appreciate the different aspects of new wireless technologies.

8. Proxmark3 Kit

The Proxmark3 can read almost any RFID (radio frequency identification) label, as well as clone them and sniff them. It can also be operated in standalone mode (i.e. without a PC) through the use of batteries.

9. Lock picks

Lockpicking is the art of opening a lock or a physical security device by analysing or manipulating its components logically, without the original key. There are a many sizes and formats, which in many cases can threaten physical security, which can facilitate pen testing.

10. Keylogger

An old classic for logging keystrokes, this device can be connected via USB or PS/2 and create a stealthy connection between the keyboard and PC, logging every keystroke. Of course, it tends to go undetected by most security systems.

With this full list of devices, it may help and white hat hackers to finally have a point of entry to target something that seemed impenetrable before.

Lucas Paus is Senior Security Researcher at ESET

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags hackershacking exposedToolshackerhacking

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucas Paus

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?