Tools for NetworkPenetration testing
8 views
Skip to first unread message
Sundar
Sep 24, 2009, 9:56:57 AM9/24/09
to null
HI ,
I am looking for some good tools for Penetration testing for a
network.
Could someone suggest that what are best tools available (Commercial
and Open source\freeware).
Regards,
Sundar.
I am looking for some good tools for Penetration testing for a
network.
Could someone suggest that what are best tools available (Commercial
and Open source\freeware).
Regards,
Sundar.
Kinjal Ramaiya
Sep 24, 2009, 10:07:55 AM9/24/09
to null-...@googlegroups.com
Top 100 Network Security Tools.
http://sectools.org/
There are many tools from the above links which are used for Penetration Testing. To name a few: Nessus, Wireshark, NetCat, Metasploit.
Cheers :)--
Kinjal Ramaiya
Symbiosis Centre for Information Technology
http://www.linkedin.com/in/xpl0it
(M) 9730559784
http://sectools.org/
There are many tools from the above links which are used for Penetration Testing. To name a few: Nessus, Wireshark, NetCat, Metasploit.
Cheers :)
Kinjal Ramaiya
Symbiosis Centre for Information Technology
http://www.linkedin.com/in/xpl0it
(M) 9730559784
Gauravkumar Raval
Sep 24, 2009, 10:14:43 AM9/24/09
to null-...@googlegroups.com, Sundar
Sundar,
Kindly check sectools.org
It lists the best tools that you may use for security testing.
There are so many others. Hope NULL members can share their experience with those tools too.
Regards,
Gaurav Raval
http://gaurav.raval.googlepages.com
Kindly check sectools.org
It lists the best tools that you may use for security testing.
There are so many others. Hope NULL members can share their experience with those tools too.
Regards,
Gaurav Raval
http://gaurav.raval.googlepages.com
On Thu, Sep 24, 2009 at 7:26 PM, Sundar <sunt...@gmail.com> wrote:
DaH4cker
Sep 25, 2009, 12:32:03 AM9/25/09
to null-...@googlegroups.com
Hi,
As people have already said, there are lot of tools, depends on what you want to do.
Opensource - Nessus, Metasploit
Commercial - Core Impact
cheers,
Dah4cker.
As people have already said, there are lot of tools, depends on what you want to do.
Opensource - Nessus, Metasploit
Commercial - Core Impact
cheers,
Dah4cker.
Akash
Sep 25, 2009, 12:40:55 AM9/25/09
to null-...@googlegroups.com
Tools are many but what you will need to do is to start with getting
to know the network
1. Use tools that will help you map the network. nmap
2. Use tools that will help you fingerprint the services on hosts. netcat, amap
3. Use tools to scan and see if you find any vulns with the running
services. metasploit, nessus
Some of them can be used interchangeably. It depends on your comfort
level of the tool, where you are running it from and if you are
worried about tripping off all the sensors or not.
2009/9/24 Sundar <sunt...@gmail.com>:
--
warm regards,
Akash Mahajan
----------------------------------------------------------
Security Consultant, (Web / Networks /
Servers / IT/ Virtualization)
Founder Headstart Network Foundation
----------------------------------------------------------
http://www.linkedin.com/in/akashm
http://network.headstart.in
----------------------------------------------------------
to know the network
1. Use tools that will help you map the network. nmap
2. Use tools that will help you fingerprint the services on hosts. netcat, amap
3. Use tools to scan and see if you find any vulns with the running
services. metasploit, nessus
Some of them can be used interchangeably. It depends on your comfort
level of the tool, where you are running it from and if you are
worried about tripping off all the sensors or not.
2009/9/24 Sundar <sunt...@gmail.com>:
warm regards,
Akash Mahajan
----------------------------------------------------------
Security Consultant, (Web / Networks /
Servers / IT/ Virtualization)
Founder Headstart Network Foundation
----------------------------------------------------------
http://www.linkedin.com/in/akashm
http://network.headstart.in
----------------------------------------------------------
simran
Sep 25, 2009, 2:10:56 AM9/25/09
to null-...@googlegroups.com
Also, have a look at all the tools that come bundled up with the backtrack ( http://www.remote-exploit.org/backtrack.html ) image...
Sundar
Sep 27, 2009, 10:00:15 AM9/27/09
to null
thanks for all the inputs,
It would be great if personal experiences on the tools could be
shared.
Sundar.
On 24 Sep, 23:10, simran <simrangamb...@gmail.com> wrote:
> Also, have a look at all the tools that come bundled up with the backtrack (http://www.remote-exploit.org/backtrack.html) image...
It would be great if personal experiences on the tools could be
shared.
Sundar.
On 24 Sep, 23:10, simran <simrangamb...@gmail.com> wrote:
> Also, have a look at all the tools that come bundled up with the backtrack (http://www.remote-exploit.org/backtrack.html) image...
>
> On Fri, Sep 25, 2009 at 10:10 AM, Akash <akashmaha...@gmail.com> wrote:
>
> > Tools are many but what you will need to do is to start with getting
> > to know the network
>
> > 1. Use tools that will help you map the network. nmap
> > 2. Use tools that will help you fingerprint the services on hosts. netcat,
> > amap
> > 3. Use tools to scan and see if you find any vulns with the running
> > services. metasploit, nessus
>
> > Some of them can be used interchangeably. It depends on your comfort
> > level of the tool, where you are running it from and if you are
> > worried about tripping off all the sensors or not.
>
> > 2009/9/24 Sundar <suntra...@gmail.com>:
> On Fri, Sep 25, 2009 at 10:10 AM, Akash <akashmaha...@gmail.com> wrote:
>
> > Tools are many but what you will need to do is to start with getting
> > to know the network
>
> > 1. Use tools that will help you map the network. nmap
> > 2. Use tools that will help you fingerprint the services on hosts. netcat,
> > amap
> > 3. Use tools to scan and see if you find any vulns with the running
> > services. metasploit, nessus
>
> > Some of them can be used interchangeably. It depends on your comfort
> > level of the tool, where you are running it from and if you are
> > worried about tripping off all the sensors or not.
>
Sagar Belure
Sep 27, 2009, 11:43:58 AM9/27/09
to null-...@googlegroups.com
If u ask me, i wud suggest abt Nessus, if rite plugins r chosen.
neo1981
Sep 29, 2009, 2:38:32 AM9/29/09
to null
Nessus no way !!!
From personal experience of me and some of my frens doing VA-PT
current nessus (Free version) is not good at all. Since they have
commercialised Nessus lots of good plugins are disabled in the free
version. And also found that the plugins which free version has also
not giving proper functioning. So I would not reccomend nessus (free
version)
Would like to get opinion from some one using Nessus Commercial
version.
Something about core impact.
This is much hiped software but if you are doing PT its very less use.
Since they have very very less number of exploits against the Network
devices (routers, Firewalls). And while doing VA no client has yet
allowed me to exploit there servers or other PCs :-D so its Core is
again not use for me there.
Best things I have found working are nmap, metasploit, separte
complied exploits, etc.
From personal experience of me and some of my frens doing VA-PT
current nessus (Free version) is not good at all. Since they have
commercialised Nessus lots of good plugins are disabled in the free
version. And also found that the plugins which free version has also
not giving proper functioning. So I would not reccomend nessus (free
version)
Would like to get opinion from some one using Nessus Commercial
version.
Something about core impact.
This is much hiped software but if you are doing PT its very less use.
Since they have very very less number of exploits against the Network
devices (routers, Firewalls). And while doing VA no client has yet
allowed me to exploit there servers or other PCs :-D so its Core is
again not use for me there.
Best things I have found working are nmap, metasploit, separte
complied exploits, etc.
simran
Sep 29, 2009, 2:44:00 AM9/29/09
to null-...@googlegroups.com
haven't use nessus in a while... but on core impact, i had bought a a license for it approx 2 years ago for a company in australia (no cheap... $10k per year for a 1 seat 1 subnet at a time license)... but it was *brilliant*.
brillaint because:
* the number of exploits it catered for
* the frequency of updates of new exploits
* support
* reporting
* ease of use
simran.
brillaint because:
* the number of exploits it catered for
* the frequency of updates of new exploits
* support
* reporting
* ease of use
simran.
Jayesh KS
Sep 30, 2009, 1:15:57 AM9/30/09
to null-...@googlegroups.com
Hi,
There is a free fork of nessus (GPL) - OpenVas - that is based on nessus 2 engine.
http://www.openvas.org/
They provide detection plugins for recent vulnerabilities and welcome contribution from the community/volunteers.
Thanks,
Jayesh
There is a free fork of nessus (GPL) - OpenVas - that is based on nessus 2 engine.
http://www.openvas.org/
They provide detection plugins for recent vulnerabilities and welcome contribution from the community/volunteers.
Thanks,
Jayesh
Reply all
Reply to author
Forward
0 new messages