Best Tools For Pentesting

Best Tools For Pentesting Written By Ossai Peter

Cyber-criminals unfortunately have been on top of the latest technologies and are upping-the-ante of their attacks, in some ways faster than the good guys are able to respond. Given the trends we saw last year, it’s safe to assume that cyber-criminals will stage increasingly brazen and bold attacks in the year(s) ahead. Nothing is safe anymore and individuals and businesses need to do everything possible to keep attentive and secure their assets.

The time for urgency around protecting your business against cyber-crime is now more relevant than ever. Becoming extra vigilant, tracking the latest trends, and adopting cyber-security best practices will go a long ways toward protecting you and your small business in the months and years ahead.

One of the best things a small business (or any business for that matter) can do to protect its infrastructure is to conduct a penetration test. A penetration test is described as “an attack on a computer system with the intention of finding security weaknesses, potentially gaining access to it, its functionality and data.” The fundamental premise behind a pen test is that you want to start with a friendly consultant trying to hack into your system rather than finding out the hard way that you’ve been breached.

While penetration testing can be done manually, there are a number of software tools on the market to automate the process. In the following, we outline the top 7 tools that the small business should be using to conduct penetration testing of its infrastructure.

• Metasploit

Metasploit is the gold standard in the penetration testing tools industry. It’s known as one of the most advanced and popular frameworks on the market, and the world’s most used software for this purpose. Metasploit is a collaboration of the open source community and Rapid 7; one outcome of this is the Metasploit Project, which is a security project focused on delivering information about security vulnerabilities and helps penetration testing and Intrusion detection. As one reviewer well summarizes, “It is based on the concept of ‘exploit’ which is a code that can surpass the security measures and enter a certain system. If entered, it runs a ‘payload’, a code that performs operations on a target machine, thus creating the perfect framework for penetration testing.” Metasploit can be used across all major platforms and formats such as web applications, networks, servers, etc. (both command-line & GUI clickable interface) and works on Linux, Apple Mac OS X and Microsoft Windows.

• Wireshark

Wireshark is another extremely popular penetration testing framework that has been around since 1998. According to its website, “Wireshark is the world’s foremost network protocol analyzer. It lets you see what’s happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.” This means that you can open the floodgates and see the minutest details about your network protocols, packet information, decryption etc. Wireshark can be used on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many other systems. The application can be viewed via a GUI or else by using the TTY-mode TShark utility.

• Nessus

Nessus was started in 1998 and focuses on vulnerability scanning, describing itself as “The Most Widely Deployed Vulnerability Scanner in the World.” What this means essentially is that Nessus scans for various types of vulnerabilities, or holes that cybercriminals might exploit to gain control of a computer system or network. Nessus started out free and open source but that option changed in 2005 and now the utility costs $2190 per year. Nessus is a very robust platform and is constantly updated, with more than 60,000 plugins. Some of the key features of the Nessus framework are local and authenticated security checks, a web-based client/server architecture, and an embedded scripting language that allows users to write their own plugins. Nessus is compatible with most platforms and works in most environments.

• Nmap

Nmap, or “Network Mapper,” is an open source and very popular platform that has been around since the late 90s. Many security professionals like to use Nmap for network discovery, or for telling you what systems you’re running behind the firewall and which ones are vulnerable. One reviewer wisely points out about Nmap, “You may find you’re running services you didn’t know about, and if you turn unused services off, you’ll save the time of having to test them. Once you have your inside-the-firewall inventory complete, you should also run Nmap outside the firewall to compare what you thought your firewall was doing to what it is really doing.”  Nmap works on most of the environments.

• Acunetix

Acunetix functions primarily as a web vulnerability scanner targeted at web applications. The platform uses a state of the art crawler technology (including a client script analyzer engine) that analyzes your web applications and provides SQL injection, cross site scripting testing, PCI compliance reports, etc., all while identifying the vulnerabilities behind your online business. Acunetix is one of the more expensive tools on the market but offers a 14 day trial version download through its website.