Penetration testing, normally consists of information gathering, vulnerability and risk analysis, vulnerability exploits, and final report preparation.
It is also essential to learn the features of various of tools which are available with penetration testing. This chapter provides information and insights about these features.
The following table collects some of the most significant penetration tools and illustrates their features −
Tool Name | Purpose | Portability | Expected Cost |
---|---|---|---|
Hping | Port Scanning Remote OC fingerprinting |
Linux, NetBSD, FreeBSD, OpenBSD, |
Free |
Nmap | Network Scanning Port Scanning OS Detection |
Linux, Windows, FreeBSD, OS X, HP-UX, NetBSD, Sun, OpenBSD, Solaris, IRIX, Mac, etc. | Free |
SuperScan | Runs queries including ping, whois, hostname lookups, etc. Detects open UDP/TCP ports and determines which services are running on those ports. |
Windows 2000/XP/Vista/7 | Free |
p0f | Os fingerprinting Firewall detection |
Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Solaris, Windows, and AIX | Free |
Xprobe | Remote active OS fingerprinting Port Scanning TCP fingerprinting |
Linux | Free |
Httprint | Web server fingerprinting SSL detection Detect web enabled devices (e.g., wireless access points, switches, modems, routers) |
Linux, Mac OS X, FreeBSD, Win32 (command line & GUI | Free |
Nessus | Detect vulnerabilities that allow remote cracker to control/access sensitive data | Mac OS X, Linux, FreeBSD, Apple, Oracle Solaris, Windows | Free to limited edition |
GFI LANguard | Detect network vulnerabilities | Windows Server 2003/2008, Windows 7 Ultimate/ Vista, Windows 2000 Professional, Business/XP, Sever 2000/2003/2008 | Only Trial Version Free |
Iss Scanner | Detect network vulnerabilities | Windows 2000 Professional with SP4, Windows Server 2003 Standard with SO1, Windows XP Professional with SP1a | Only Trial Version Free |
Shadow Security Scanner | Detect network vulnerabilities, audit proxy and LDAP servers | Windows but scan servers built on any platform | Only Trial Version Free |
Metasploit Framework | Develop and execute exploit code against a remote target Test vulnerability of computer systems |
All versions of Unix and Windows | Free |
Brutus | Telnet, ftp, and http password cracker | Windows 9x/NT/2000 | Free |