Tool to test the firewall protection

Instead of asking for tools to try and break you server you should be more concentrated on securing your services
You haven't said what OS you are using but there are so many guides out there for securing things and auto banning IP's etc

For example securing your email server - simple things like rDNS, SPF records

Your question is too broad and no service will provide a one for all solution unless you wanna pay big bucks

You haven't defined the full scope of what you want to test for. So based on that, success is a moving target. Plan exactly what you're looking to secure and test first, then it becomes a simpler discussion.

Our management want to examine how well we can protect our internal information and free from hacking or attack.

For those servcie that may expose to outside, we only get a mail service (in internal zone) and website (coded with php on DMZ zone). All of them is protected by firewall. We don't have any budget. Try to explore any vulnerability as possiblity and make some improvement.

Firewall is using fortigate 100D, with Exchange 2010 server and a Linux hosting the php.

Thx

One potential blind spot will be SSL encrypted channel, the FG will not be able to inspect unless you have SSL decryption which FG does not have. Also leakage based on DNS protocol may not be able to be detected.
E.g. DNS leak https://www.dnsleaktest.com

 Attacker C&C will be receiving those leaked info..but it is best that you highlight the endpoint DLP and rights management controls will be the other layer of detection rather than just rely solely depends on FG NGFW.

Here is a site that has a handful of tests: https://pentest-tools.com/home

OpenVAS is a vulnerability assessment tool that you could put into play. That will at least help in regards of identifying patching and configuration changes that need to be made without going as far as penetration testing. It would probably be one of your best ways to start.

Have you also started reviewing your current policies in terms of patching, antivirus, backups, acceptable use, awareness training etc? Security is a broad far reaching thing, and that includes protecting the organization against its own users.

I have to agree with some of the other posters here, if you need and i mean need a pen test done, contact a certified reputable professional for it. If its just something you want to do you can find everything you need in Kali linux, but you will need to figure out how to use them. If you just need to do a basic assessment or for fun, use the free trial of Nessus. It will require you to do a fair amount of research to properly configure though. But if this is for an audit or some other mission critical reason contact an actual security professional and don't try and do it yourself.

Thx