►Metasploit -The Metasploit Project is a security project which delivers information about security vulnerabilities and helps penetration testing and Intrusion detection. The open source project – known as the Metasploit Framework, is used by security professionals to execute exploit code against a remote target machine – for penetration testing of course.
►Nessus -is another giant – a security tool that focuses on vulnerability scanning. There is a free and paid version – free for personal use. Started in 1998 by Renaud Deraison is has evolved into one of the world’s most popular security tools – particularly as a vulnerability scanner. The organization behind Nessus, Tenable Security, estimates that it is used by over 75,000 organizations worldwide.
Essentially Nessus scans for various types of vulnerabilities: ones that check for holes that hackers could exploit to gain control or access a computer system or network. Furthermore, Nessus scans for possible misconfiguration (e.g. open mail relay, missing security patches, etc.). The tools also scans for default passwords and common passwords which is can use execute through Hydra (an external tool) to launch a dictionary attack. Other vulnerability scans include denials of service against the TCP/IP stack.
►Nmap - is another massive giant of a security tool which has been around for forever and is probably the best known. Nmap has featured on many movies including the Matrix – just Google it and you’ll see what we mean. Written in C, C++, Python, Lua by Gordon Lyon (Fyodor) starting from 1997, Nmap (Network Mapper) is the defacto security scanner which is used to discover hosts and services on a computer network. To discover hosts on a network Nmap sends specially built packets to the target host and then analyzes the responses. The program is really sophisticated because unlike other port scanners out there, Nmap sends packets based upon network conditions by taking into account fluctuations, congestion and more.
Do you know that your content had been copied in Trishneet Arora's book
ReplyDelete