What Are Some of the Best Penetration Testing Tools You Should be Using?
Alec Auer, Falanx Cyber, conducts various types of penetration and compliance testing, including web application, internal infrastructure, email phishing, and Cyber Essentials. He has also achieved the Offensive Security Certified Professional (OSCP) qualification and is a CREST Registered Tester. Alec shares some of his top penetration testing tools.
The number of penetration testing tools, both open-source and commercial, is vast. However, over the years I have narrowed them down to the necessary essentials which can be used for almost any penetration test.
Each tool can serve multiple purposes and have a variety of uses; however, they stand out in certain categories and are my first option for penetration tests as a result. While other options are available, these are the ones I’ve personally found effective and easy-to-use.
Port Scanning
The first stage of a penetration test is to determine the attack surface and for this I like to use the Nmap port scanner.
Not only can it perform different port scans, it has an added scripting engine that gives a significant amount of information about open services.
The output of scans is also in several useful formats that can be manipulated and combined with other tools, and since it’s quite popular there are lots of additional plugins that have been developed for increased functionality.
Vulnerability Scanning
To help make penetration tests more time-efficient, a vulnerability scanner is essential. I tend to choose Nessus as it is straightforward to use and has different vulnerability scans for an added level of flexibility, depending on the test.
The scan is quick, provides an easy-to-read output and also has a good coverage of vulnerability plugins. This, plus Nmap, will be my first stage of a penetration test to find some juicy targets ripe for exploitation.
