Solved

Penetration test software

Posted on 2010-09-14
10
692 Views
Last Modified: 2012-06-27
Hello,

We plan to release a financial transactions web site in production. Before this however we need to perform a complete penetration test for this solution.

So I would like to suggest me any possible penetration test software to assist us in this area.

Thank you in advance
0
Comment
Question by:johnf23
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 2

Expert Comment

by:VMthinker
ID: 33669895
I would highly recommend the network tool Yersinia and w33f. However be warned that Yersinia can cripple your network so please remember to save your IOS configurations or other networking configuration files before attempting the attacks.

--------------------------------------

Please award helpful / correct if this post has helped

By: Another VMware newbie, VMthinker
0
 
LVL 10

Expert Comment

by:ujitnos
ID: 33670117
You can use Nessus, a great tool for vulnerability testing.
http://www.nessus.org/download/nessus_download.php
0
 
LVL 3

Expert Comment

by:csalaski
ID: 33671276
Metasploit  -  http://www.metasploit.com/

Nmap - http://nmap.org/

Nessus already listed above.
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33672041
Hi,

Here are a couple more. While Metasploit and nmap are TOOLS, they are not automated pentesting suites. They are tools for a manual penetration project.  As well, some of hte suites below are used for internal vulnerability assessment and not necesarily a full attack on an application.

I am surprise nobody mentioned "BACKTRACK 4.0"
      http://www.backtrack-linux.org/

Advanced IP Port Scanner

HP Webinspect
      https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-201-200%
      5E9570_4000_100

Cerberus Internet Scanner
      http://www.securityinnovation.com/security-report/october/tools/CerberusInternetScanner(CIS).htm

CyberCop Scanner
      http://nsslabs.com/grouptests/va/edition2/nai_cybercop_scanner/nai_cybercop_scanner.htm

Foundscan
      http://www.foundstone.com/us/resources-free-tools.asp

Nessus
      http://www.nessus.org/download/nessus_download.php

NetRecon
      http://www.securityinnovation.com/security-report/tools/NetRecon.htm

Note this is only a few, there are MANY!!!

When picking a tool suite. Think of the following.

COST
PLATFORM SUPPORT (Intel, Unix,Mac)
EASE OF USE
COMPATIBILITY
REPORTING CAPABILITIES

Hope it helps,
Hades666
0
 
LVL 30

Accepted Solution

by:
Brad Howe earned 500 total points
ID: 33672102
Hi,
With this said, If you are not familiar with pentesting, I would suggest you look into a 3rd Party to conduct your tests.
For financial platforms the 3 forms are testing should be as followed.
Penetration Testing
What they do is act like an malious attacker. They use manual techniques and penetration toolsets to assess our application defenses. They start with the gathering of public information just like a “malicious” attacker from our public domains. Test our public frontend devices such as firewalls, perimeter routers, web servers for vulnerabilities and try to break into our systems. This is a preventative form of our defense. We provide Jefferson wells a list of all our external sites and twice a year they provide footprintings on the application and potential gaps.
 
PCI Scanning (REQUIRED FOR FINANCIAL INSTITUTIONS)
PCI Scanning is a standard that was created to help companies that process card payments prevent credit card fraud through increased controls around data.  All merchants and service providers who process, store, or transmit cardholder data must demonstrate compliance with the PCI DSS or are liable to lawsuit or worst the loss of the ability to process credit card payments.
 
While some servers do not  house Credit card information, they are still available public and therefore can be used as a gateway to other targets.
 
These scans tend to focus primarily on cipher strengths, SSL versions and weak ports open such as RDP with out SSL.
Some companies that do this are QUALYS, HACKER GUARDIAN, etc...
See this list for others, most come with trail scans too. - https://www.pcisecuritystandards.org/pdfs/asv_report.html
Vulnerability Testing
Vulnerability Testing is used to test security of our internal systems so that IF we are compromised, we are possibly limited to the level of insider attacks. These scans check ports, default service accounts, services, shares open on servers etc….
 
Typical reports provide vulnerabilities which are caused by Dangerous Default Settings, Software Feature, Vendor Flaw, Mis-configuration.
 
 Hope it helps,
Hades666
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 3

Expert Comment

by:csalaski
ID: 33672157
I agree with Hades666, having a professional service do the testing is the best advice.
0
 
LVL 25

Expert Comment

by:madunix
ID: 33674614
yes professional service would the best, but why not to hack around
looking @ http://sectools.org/web-scanners.html
mylist:
1.      Nessus (Linux if you can) http://www.nessus.org/nessus/
2.      Nikto (Linux) http://www.cirt.net/nikto2
3.      Paros proxy (Linux if you can) http://www.parosproxy.org/index.shtml
4.      Ike-scan (Linux) http://www.nta-monitor.com/tools/ike-scan/
5.      SARA (Security Auditor's Research Assistant) (Linux) http://www-arc.com/sara/
6.      MBSA (discutable) http://technet.microsoft.com/en-us/security/cc184923.aspx
7.      Backtrack http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
8.      skipfish http://code.google.com/p/skipfish/
9.      our own perl/shell scripts
10.    appscan http://www-01.ibm.com/software/awdtools/appscan/
my recommendation goes for appscan from IBM ex. Watchfire


0
 
LVL 25

Expert Comment

by:madunix
ID: 33674739
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33674788
But then again, I always fall to Backtrack. No footprint with all the toolsets I need. As per the link, the list is good but then again, most of them are vulnerability assessment tools and again not neccesarily pentration testing tools.
Regardless, IF you are doing this by yourself,
A) have valid backups
B) turn off IDS
C) GET CONSENT as it is criminal offense.
I would highly suggest you just get an approved penetration vendor and have it contractually scheduled, approved and reported against.
Just my 2 cents.
-Hades666
0
 

Author Closing Comment

by:johnf23
ID: 33699428
OK I will test it
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now