Penetration testing is a way for you to simulate the methods that an attacker might use to circumvent
security controls and gain access to an target's systems. you won’t become an expert penetration tester
overnight; it takes years of practice and real-world experience to become proficient.
There are some Phases of the Penetration testing like :
1. Pre-engagement Interactions
2. Intelligence Gathering
3. Threat Modeling
4. Vulnerability Analysis
5. Exploitation
6. Post Exploitation
7. Reporting
Penetration Testing tools are used as part of a penetration test to
automate certain tasks, improve testing efficiency, and discover
issues that might be difficult to find using manual analysis
techniques alone.
Top 10 Penetration Testing Tools :
1. Kali-linux :
Kali Linux is an advanced Penetration Testing and Security Auditing
Linux distribution.
Kali Linux Features :
* More than 300 penetration testing tools
* Free and always will be
* Open source Git tree
* FHS compliant
* Vast wireless device support
* Custom kernel patched for injection
* Secure development environment
* GPG signed packages and repos
* ARMEL and ARMHF support
* Completely customizable
* FHS compliant
* Vast wireless device support
* Custom kernel patched for injection
* Secure development environment
* GPG signed packages and repos
* ARMEL and ARMHF support
* Completely customizable
2. Metasploit.
This is the most advanced and popular Framework that can be used to
for pen-testing. It is based on the concept of ‘exploit’ which is a
code that can surpass the security measures and enter a certain system.
The typical life cycle of a vulnerability and its exploitation is as
follows:
1. Discovery : A security researcher or the vendor discovers a critical
security vulnerability in the software.
Analysis: The researcher or others across the world begin analyzing the
vulnerability to determine its exploit ability.
Exploit Development :
This has usually been considered a bit
of a black art, requiring an in-depth understanding of the processor’s
registers, assembly code, offsets, and payloads.
Testing: This is the phase where the coder now checks the exploit code
against various platforms, service pack, or patches, and possibly even
for different processors.
Release:
Once the exploit is tested, and the specific parameters required for
its successful execution have been determined, the coder releases the
exploit, either privately or on a public forum. Often, the exploit is
tweaked so that it does not work right out of the box.This is usually
done to dissuade script kiddies from simply downloading the exploit and
running it against a vulnerable system.
Metasploit takes the following structured approach while mounting an attack:
i) Pick which exploit to use.
ii) Configure the exploit with remote IP address and remote port number.
iii) Pick a payload.
iv) Configure the payload with local IP address and local port number.
v) Execute the exploit.
ii) Configure the exploit with remote IP address and remote port number.
iii) Pick a payload.
iv) Configure the payload with local IP address and local port number.
v) Execute the exploit.
3. Namp
This is a very popular tool that predominantly aids in understanding
the characteristics of any target network. The characteristics can
include: host, services, OS, packet filters/firewalls etc. It works
on most of the environments and is open sourced.
Nmap support several types of scans like :
* TCP connect
* XMAS tree scan
* SYN stealth scan
* Null scan
* Windows scan
* ACK scan
* XMAS tree scan
* SYN stealth scan
* Null scan
* Windows scan
* ACK scan
4. Wireshark :
Wire-shark is a network packet analyzer. A network packet analyzer will
try to capture network packets and tries to display that packet data
as detailed as possible.
Penetration test tools like Wireshark come in handy for understanding
and exploiting the data organization posted by forms or services to
applications. Application vulnerabilities such as parameter pollution,
SQL injection, lack of input validation, as well as buffer overflow can
be easily detected and exploited using Wireshark.
Features
The following are some of the many features Wireshark provides:
Available for UNIX and Windows.
Capture live packet data from a network interface.
Open files containing packet data captured with tcpdump/WinDump, Wireshark, and a number of other packet capture programs.
Import packets from text files containing hex dumps of packet data.
Display packets with very detailed protocol information.
Save packet data captured.
Export some or all packets in a number of capture file formats.
Filter packets on many criteria.
Search for packets on many criteria.
Colorize packet display based on filters.
Create various statistics.
Capture live packet data from a network interface.
Open files containing packet data captured with tcpdump/WinDump, Wireshark, and a number of other packet capture programs.
Import packets from text files containing hex dumps of packet data.
Display packets with very detailed protocol information.
Save packet data captured.
Export some or all packets in a number of capture file formats.
Filter packets on many criteria.
Search for packets on many criteria.
Colorize packet display based on filters.
Create various statistics.
5. Nessus:
Nessus is a great tool designed to automate the testing and discovery
of known security problems. Typically someone, a hacker group,
a security company, or a researcher discovers a specific way to
violate the security of a software product.
It is one of the most robust vulnerability identifier tools available.
It specializes in compliance checks, Sensitive data searches, IPs scan,
website scanning etc.
No comments:
Post a Comment