?
Solved

Any recommendation for a good free network penetration test tool?

Posted on 2014-04-28
7
Medium Priority
?
590 Views
Last Modified: 2014-08-18
I've been asked to conduct network penetration testing.  Does anyone recommend a good free network penetration tool?  I've downloaded a few, but haven't really found one I like.
0
Comment
Question by:denver218
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 6

Accepted Solution

by:
Biniek earned 336 total points
ID: 40027885
You should start with these tools:

BackTrack Linux – Penetration Testing Distribution
http://www.backtrack-linux.org/

KALI Linux - penetration testing distribution
http://www.kali.org/
0
 
LVL 6

Assisted Solution

by:Hassan Besher
Hassan Besher earned 336 total points
ID: 40027910
0
 
LVL 24

Assisted Solution

by:SunBow
SunBow earned 332 total points
ID: 40027948
Take a look here: http://www.concise-courses.com/security/top-ten-pentesting-tools/

From that list I mainly recollect nmap as being a generally favorable tool for administrator. But your currently used platforms may have needs that are different from some others, not only for OS but for wireless connections, which, if used, could better justify exploring tools specific to that than those for more general firewall testing tools.

Also here: http://www.softwaretestinghelp.com/penetration-testing-tools/ -37 listed

One standout on that list is Nessus. Use the descriptions to best make up your own list of what to check, such as whether or not you have MS SQL.

Highly advisable, do hesitate before clicking on anything that may be downloadable (ex: hover), for the topic itself lends to abuse from some malwares, it is all too easy to pretend to be proper source or modify someone's link posted on web, including use of redirect, loading of tracking or search tool.
0
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

 
LVL 10

Assisted Solution

by:Rafael
Rafael earned 332 total points
ID: 40028148
You an use Nesus, NMAP, Tenable, Retina (Free version) as well as Tripwire's secure Scan. It's hosted provides support and is free. It is a combination of more than one two set.
0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 332 total points
ID: 40028955
I would suggest to go with.. Nexpose with Metasploit..

Further you can check with

http://www.opensourceforu.com/2012/02/top-10-security-assessment-tools/

TY/SA
0
 
LVL 25

Assisted Solution

by:madunix
madunix earned 332 total points
ID: 40041647
I do Kali and BT Linux ...
1.      Nessus (Linux if you can) http://www.nessus.org/nessus/
2.      Nikto (Linux) http://www.cirt.net/nikto2
3.      Paros proxy (Linux if you can) http://www.parosproxy.org/index.shtml
4.      Ike-scan (Linux) http://www.nta-monitor.com/tools/ike-scan/
5.      SARA (Security Auditor's Research Assistant) (Linux) http://www-arc.com/sara/
6.      MBSA (discutable) http://technet.microsoft.com/en-us/security/cc184923.aspx
7.      BT http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
8.      skipfish http://code.google.com/p/skipfish/
9.      Mcafee http://www.mcafee.com/us/downloads/free-tools/index.aspx
10.    Kali http://www.kali.org/
11.    Meta http://www.metasploit.com/

Have a look at the existing list in the Penetration Testing Execution Standard's Technical Guidelines:  http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines
0
 

Expert Comment

by:Aahna jain
ID: 40267334
Some pf most effective tools are here for penetration testing:
 1)nmap.org
2)nessus.org
3)metasploit.com framework
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question