Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

PENTESTs - Top Five Free Testing Tools

This link shares some excellent free PENTEST tools that can help ensure corporate defense systems are actively blocking protecting against major external threats.

Top Five Free Penetration Testing Tools
http://www.brighthub.com/computing/smb-security/articles/34710.aspx

QUOTE:  Penetration Testing uses a variety of specialized tools to make testing far faster and more effective at discovering vulnerabilities. Five of the top tools are highlighted in this article

1. Metasploit - This is a far more advanced tool than the others on this list, and requires more programming knowlege to run and use. This platform runs payloads, shellcode, and remote shells--you will actually penetrate the target. Servers can and will crash!

2. Nessus - It has long been my favorite vulnerability scanner, due to its speed, accuracy, and depth.

3. Nikto - Nikto is an Open Source web server security scanning tool. Currently at version 2.03, can scan for over 3500 potential vulnerabilities

4. Nmap - Nmap is my Swiss Army Knife for network scanning, port mapping, and OS & application discovery. Somehow it's both the simplest and most flexible tool in my arsenal.

5. Wireshark - Captures wireless network traffic and examines protocols and sessions in depth.

Comments

didier said:

I can recommend the use of the Gamasec’s web application vulnerability scanning providing automated search for security weaknesses in web applications and produces a detailed security report with recommendations for optimally matched solutions.

www.gamasec.com

We were very pleased with the report's recommendations and the easy access to the control panel and on demand scan scheduler.

They also have a free trial  so you can evaluate your site security before choosing the www.gamasec.com scan package.

# September 5, 2010 8:10 AM