Penetration testing (a.k.a pen testing) is the practice of launching authorized and simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities.
A penetration test is designed to answer the question:
How effective is my current security against a skilled attacker?
Here are some of the best tools for carrying out pen testing exercises. We can find most of the listed tools here for free, while others will the main functions in entry free version and require license payments to use all features.
1. Kali linux
Kali Linux is an open-source distribution based on Debian focused on providing penetration testing and security auditing tools.
Most of the tools mentioned in this post are present in Kali. It includes numerous tools for information gathering, vulnerability analysis, wireless attacks, web applications, exploitation tools, stress testing, sniffing and spoofing, password cracking and much more.
It is a network monitoring tool. Wireshark collects and shows information on all network traffic and detailed providing information on IP addresses, protocols, requests, packages, etc.
Sqlmap is one of the most powerful tools for automated SQL injection, it has full support to many databases, such as Mysql, SQL Server, Oracle, etc.
In this tutorial, I explained step by step how to use this tool.
4. Burp Suite
Burpsuite can be used to intercept traffic between a web browser and the web server, such as a proxy. Works fine with Sqlmap, you can export the request to Sqlmap and, for example, exploit a SQL injection of HTTP POST request easily.
However, it is more than just a proxy. Burpsuite can be used as a web application security scanner, a tool to perform automated attacks against a web application, a tool to spider an entire website to identify attack surface, among other features.
It is an open-source tool developed together with Rapid7. It is a very popular collection of various penetration tools, including discovering vulnerabilities, managing security evaluations, and formulating defense methodologies.
It is a tool for scanning your systems or networks for vulnerabilities. It can be used for security scans, simply to identify what services a host is running, the type of firewall a host is using, or to do a quick inventory of a local network.
Aircrack-ng is a comprehensive collection of utilities for analyzing the weaknesses in a WiFi network using various monitoring, attacking, testing and cracking methods.
Moreover, if you want to assess the reliability of your WEP and WPA-PSK keys, you can crack them using this tool.
This tool is a vulnerability scanner that allows pen testers to audit their networks by scanning ranges of Internet Protocol (IP) addresses and identifying vulnerabilities with a series of plug-ins. Some of the vulnerabilities it identifies include misconfiguration errors, improper passwords, and open ports.
OpenVAS is a fork of Nessus, but its feeds are completely free and licensed under GPL. This tool allows you to write and integrate your own security plugins to the OpenVAS platform, even though the current engine comes with more than 50.000 network vulnerability tests that can scan many unthinkable scenarios.
10. John the Ripper
It is one of the most popular password cracking tool that combines several different cracking programs and runs in both brute force and dictionary attack modes. It can run a wide variety of password-cracking techniques against the various user accounts on each operating system and can be scripted to run locally or remotely.
A penetration test is vital for any company or organization that takes security seriously. If a penetration tester manages to compromise your application or network, then a real hacker can too.