Hello,
this is Bhanu. In this article i enclose you with the complete details of
penetrating testing, why penetration testing, penetration testing types, top 15
penetration tools with brief explanation and download links. Penetration testing
(also called pen testing) is the practice of testing a
computer system, network or Web application to find vulnerabilities that an
attacker could exploit. Pen tests can be automated with software applications
or they can be performed manually. Either way, the process includes gathering
information about the target before the test (reconnaissance), identifying
possible entry points, attempting to break in and reporting back the findings.
The main objective of penetration testing is to determine security weaknesses.
A pen test can also be used to test an organization's security policy
compliance, its employees' security awareness and the organization's ability to
identify and respond to security incidents.
THIS IS FOR EDUCATIONAL PURPOSE ONLY, I AM NOT RESPONSIBLE FOR ANY ILLEGAL ACTIVITIES DONE BY VISITORS, THIS IS FOR ETHICAL PURPOSE ONLY
What
is Penetration Testing?
Why Penetration testing?
– Financial data must be secured while transferring between
different systems
– Many clients are asking for pen testing as part of the software release cycle
– To secure user data
– To find security vulnerabilities in an application
– Many clients are asking for pen testing as part of the software release cycle
– To secure user data
– To find security vulnerabilities in an application
Penetration Testing Types
1) Social Engineering:
Human
errors are the main causes of security vulnerability. Security standards and
policies should be followed by all staff members to avoid social engineering
penetration attempt. Example of these standards include not to mention any
sensitive information in email or phone communication. Security audits can be
conducted to identify and correct process flaws.
2) Application Security Testing:
Using
software methods one can verify if the system is exposed to security
vulnerabilities.
3) Physical Penetration Test:
Strong
physical security methods are applied to protect sensitive data. This is
generally useful in military and government facilities. All physical network
devices and access points are tested for possibilities of any security breach.
Pen Testing Techniques:
1.
Manual penetration test
2.
Using automated penetration test tool
3.
Combination of both manual and automated process
The third process is more common to identify all kinds of vulnerabilities.
The third process is more common to identify all kinds of vulnerabilities.
Top 15 Penetrating Testing Tools for Hackers
1) MetaSploit
:-
Metasploit is a
very powerful network security and analysis tool, used often for
penetration attacks, this tool has a clean interface and easily gathers
the information that you seek.Using the Metasploit Framework can be a little
bit daunting if you're a newbie, especially since using it requires knowledge
of the penetration testing workflow and most interactions are through the
command line. Luckily, the Web is full of how-tos, documents, videos,
discussion forums and training providers for Metasploit Framework. For the
reason of making metasploit easy to users, Armitage is Developed.
2) Nmap:-
Nmap is a very versatile tool developed to scan
addresses (IPV6 included), this tool allows the users to gather a mass
amount of information about the target quickly, information including
open ports, + much, much more. Nmap supports a large number of scanning techniques
such as: UDP, TCP connect(), TCP SYN (half open), ftp proxy (bounce attack),
ICMP (ping sweep), FIN, ACK sweep, Xmas Tree, SYN sweep, IP Protocol, and
Null scan.
3) Wireshark:-
A very powerful network troubleshootingand analysis
tool, WireShark provides the ability to view data from a live network,
and upports hundreds of protocols and media formats. Cain and Abel :-
A revolutionary tool that provides many functions that are able to do
various password retrieval jobs, cracking
passwords, sniffing networks, and routing/analyzing
protocols. This tool is Windows-only, unlike many other tools that exist,
this is a pleasant twist to modern penetration testing and forensic tools.
4) Armitage :-
Armitage is a scriptable red
team collaboration tool for Metasploit that visualizes targets,
recommends exploits, and exposes the advanced post-exploitation features in the
framework.
Through one Metasploit instance, your team will:
Use the same sessions
Share hosts, captured data, and downloaded files
Communicate through a shared event log.
Run bots to automate red team tasks.
5) Ettercap :-
This is a suite for man in the middle attacks on LAN.
It features sniffing of live connections, content filtering on the fly and
many other interesting tricks. It supports active and passive dissection
of many protocols (even ciphered ones) and includes many feature for
network and host analysis. (Taken from their website)
6) John The Ripper :-
John the Ripper is free and Open Source software,
distributed primarily in source code form. If you would rather use a commercial
product tailored for your specific operating system, which is distributed
primarily in the form of "native" packages for the target operating
systems and in general is meant to be easier to install and use while
delivering optimal performance.
7) Kismet :-
Kismet is a network
detector, packet sniffer,
and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and
can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic. The program runs under Linux, FreeBSD, NetBSD, OpenBSD, and Mac OS X. The client can
also run on Microsoft Windows, although, aside from external drones , there's
only one supported wireless hardware available as packet source.
8) Aircrack-ng :-
Aircrack-ng is
a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
Monitoring: Packet
capture and export of data to text files for further processing by third party
tools.
Attacking: Replay
attacks, deauthentication, fake access points and others via packet injection.
Testing: Checking
WiFi cards and driver capabilities (capture and injection).
Cracking: WEP and
WPA PSK (WPA 1 and 2).
9) THC Hydra :-
THC Hydra
is a Free password cracking tool that can perform very fast dictionary attacks
against more than fifty protocols. It is a fast and stable Network Login
Hacking Tool which uses dictionary or brute-force attacks to try various
password and login combinations against a login page
It supports: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP,
HTTP(S)-FORM-GET, HTTP(S)-FORM-POST, HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy,
ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle Listener, Oracle SID,
PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT),
SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion,
Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.
HYDRA is tool is a proof of concept code, to give
researchers and security consultants the possibility to show how easy it would
be to gain unauthorized access from remote to a system.
10)Cain And Able :-
Cain & Abel is a password recovery tool for Microsoft
Operating Systems. It allows easy recovery of various kind of passwords by
sniffing the network, cracking encrypted passwords using Dictionary,
Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding
scrambled passwords, recovering wireless network keys, revealing password
boxes, uncovering cached passwords and analyzing routing protocols. The program
does not exploit any software vulnerabilities or bugs that could not be fixed
with little effort. It covers some security aspects/weakness present in
protocol's standards, authentication methods and caching mechanisms; its main
purpose is the simplified recovery of passwords and credentials from various
sources, however it also ships some "non standard" utilities for
Microsoft Windows users.
11)OpenSSL :-
OpenSSL
is an open source project that provides a robust, commercial-grade, and
full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets
Layer (SSL) protocols. It is also a general-purpose cryptography library. For more
information about the team and community around the project, or to start making
your own contributions, start with the community page.
To get the latest news, download the source, and so on, please see the sidebar
or the buttons at the top of every page.
12)Reaver :-
Reaver has been designed
to be a robust and practical attack against WPS, and has been tested against a
wide variety of access points and WPS implementations. On average Reaver will
recover the target AP’s plain text WPA/WPA2 passphrase in 4-10 hours, depending
on the AP. In practice, it will generally take half this time to guess the
correct WPS pin and recover the passphrase
13)SET :-
The
Social-Engineer Toolkit (SET) is specifically designed to perform advanced
attacks against the human element. SET was designed to be released with the launch
and has quickly became a standard tool in a penetration testers arsenal. SET
was written by David Kennedy and with a lot of help from the community it has
incorporated attacks never before seen in an exploitation toolset. The attacks
built into the toolkit are designed to be targeted and focused attacks against
a person or organization used during a penetration test.
14)Maltego :-
Maltego is an interactive data mining tool that renders
directed graphs for link analysis. The tool is used in online investigations
for finding relationships between pieces of information from various sources
located on the Internet. Maltego uses the idea of transforms to automate
the process of querying different data sources. This information is then
displayed on a node based graph suited for performing link analysis. The
focus of Maltego is analyzing real-world relationships between information that
is publically accessible on the Internet. This includes footprinting Internet
infrastructure as well as gathering information about the people and
organisation who own it.
Maltego provides results in a wide range of graphical
layouts that allow for clustering of information which makes seeing
relationships instant and accurate – this makes it possible to see hidden
connections even if they are three or four degrees of separation apart.
15) IRONWASP :-
It's Free and Open source,GUI based and very easy to use,
no security expertise require, Powerful and effective scanning engine, Supports
recording Login sequence
Reporting in both HTML and RTF formats
Checks for over 25 different kinds of well known web
vulnerabilities
False Positives & Negative detection support
Comes bundled with a growing number of Modules built by
researchers in the security community.
If you think these tools are not worth it or you want me to change the order of tools or if you want me to add one or more tools, please comment Below, so that i can modify.
=========== Hacking Don't Need Agreements ==========
Just Remember One Thing You Don't Need To Seek Anyone's Permission To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
Thank You for Reading My Post, I Hope It Will Be Useful For You
I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At Bhanu@HackingDream.net
No comments:
Post a Comment