Solved

Penetration test software

Posted on 2010-09-14
10
710 Views
Last Modified: 2012-06-27
Hello,

We plan to release a financial transactions web site in production. Before this however we need to perform a complete penetration test for this solution.

So I would like to suggest me any possible penetration test software to assist us in this area.

Thank you in advance
0
Comment
Question by:johnf23
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 2

Expert Comment

by:VMthinker
ID: 33669895
I would highly recommend the network tool Yersinia and w33f. However be warned that Yersinia can cripple your network so please remember to save your IOS configurations or other networking configuration files before attempting the attacks.

--------------------------------------

Please award helpful / correct if this post has helped

By: Another VMware newbie, VMthinker
0
 
LVL 10

Expert Comment

by:ujitnos
ID: 33670117
You can use Nessus, a great tool for vulnerability testing.
http://www.nessus.org/download/nessus_download.php 
0
 
LVL 3

Expert Comment

by:csalaski
ID: 33671276
Metasploit  -  http://www.metasploit.com/

Nmap - http://nmap.org/

Nessus already listed above.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 30

Expert Comment

by:Brad Howe
ID: 33672041
Hi,

Here are a couple more. While Metasploit and nmap are TOOLS, they are not automated pentesting suites. They are tools for a manual penetration project.  As well, some of hte suites below are used for internal vulnerability assessment and not necesarily a full attack on an application.

I am surprise nobody mentioned "BACKTRACK 4.0"
      http://www.backtrack-linux.org/

Advanced IP Port Scanner

HP Webinspect
      https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-201-200%
      5E9570_4000_100

Cerberus Internet Scanner
      http://www.securityinnovation.com/security-report/october/tools/CerberusInternetScanner(CIS).htm

CyberCop Scanner
      http://nsslabs.com/grouptests/va/edition2/nai_cybercop_scanner/nai_cybercop_scanner.htm

Foundscan
      http://www.foundstone.com/us/resources-free-tools.asp

Nessus
      http://www.nessus.org/download/nessus_download.php 

NetRecon
      http://www.securityinnovation.com/security-report/tools/NetRecon.htm 

Note this is only a few, there are MANY!!!

When picking a tool suite. Think of the following.

COST
PLATFORM SUPPORT (Intel, Unix,Mac)
EASE OF USE
COMPATIBILITY
REPORTING CAPABILITIES

Hope it helps,
Hades666
0
 
LVL 30

Accepted Solution

by:
Brad Howe earned 500 total points
ID: 33672102
Hi,
With this said, If you are not familiar with pentesting, I would suggest you look into a 3rd Party to conduct your tests.
For financial platforms the 3 forms are testing should be as followed.
Penetration Testing
What they do is act like an malious attacker. They use manual techniques and penetration toolsets to assess our application defenses. They start with the gathering of public information just like a “malicious” attacker from our public domains. Test our public frontend devices such as firewalls, perimeter routers, web servers for vulnerabilities and try to break into our systems. This is a preventative form of our defense. We provide Jefferson wells a list of all our external sites and twice a year they provide footprintings on the application and potential gaps.
 
PCI Scanning (REQUIRED FOR FINANCIAL INSTITUTIONS)
PCI Scanning is a standard that was created to help companies that process card payments prevent credit card fraud through increased controls around data.  All merchants and service providers who process, store, or transmit cardholder data must demonstrate compliance with the PCI DSS or are liable to lawsuit or worst the loss of the ability to process credit card payments.
 
While some servers do not  house Credit card information, they are still available public and therefore can be used as a gateway to other targets.
 
These scans tend to focus primarily on cipher strengths, SSL versions and weak ports open such as RDP with out SSL.
Some companies that do this are QUALYS, HACKER GUARDIAN, etc...
See this list for others, most come with trail scans too. - https://www.pcisecuritystandards.org/pdfs/asv_report.html
Vulnerability Testing
Vulnerability Testing is used to test security of our internal systems so that IF we are compromised, we are possibly limited to the level of insider attacks. These scans check ports, default service accounts, services, shares open on servers etc….
 
Typical reports provide vulnerabilities which are caused by Dangerous Default Settings, Software Feature, Vendor Flaw, Mis-configuration.
 
 Hope it helps,
Hades666
0
 
LVL 3

Expert Comment

by:csalaski
ID: 33672157
I agree with Hades666, having a professional service do the testing is the best advice.
0
 
LVL 25

Expert Comment

by:madunix
ID: 33674614
yes professional service would the best, but why not to hack around
looking @ http://sectools.org/web-scanners.html
mylist:
1.      Nessus (Linux if you can) http://www.nessus.org/nessus/
2.      Nikto (Linux) http://www.cirt.net/nikto2
3.      Paros proxy (Linux if you can) http://www.parosproxy.org/index.shtml
4.      Ike-scan (Linux) http://www.nta-monitor.com/tools/ike-scan/
5.      SARA (Security Auditor's Research Assistant) (Linux) http://www-arc.com/sara/
6.      MBSA (discutable) http://technet.microsoft.com/en-us/security/cc184923.aspx
7.      Backtrack http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
8.      skipfish http://code.google.com/p/skipfish/
9.      our own perl/shell scripts
10.    appscan http://www-01.ibm.com/software/awdtools/appscan/
my recommendation goes for appscan from IBM ex. Watchfire


0
 
LVL 25

Expert Comment

by:madunix
ID: 33674739
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33674788
But then again, I always fall to Backtrack. No footprint with all the toolsets I need. As per the link, the list is good but then again, most of them are vulnerability assessment tools and again not neccesarily pentration testing tools.
Regardless, IF you are doing this by yourself,
A) have valid backups
B) turn off IDS
C) GET CONSENT as it is criminal offense.
I would highly suggest you just get an approved penetration vendor and have it contractually scheduled, approved and reported against.
Just my 2 cents.
-Hades666
0
 

Author Closing Comment

by:johnf23
ID: 33699428
OK I will test it
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question