For DIY penetration testing, you need the right pen test tools to effectively determine if your systems are hiding security vulnerabilities.
Penetration testing, also called pen testing or pentesting, is the process of testing your computer, software, or network to determine if there are any security weaknesses or vulnerabilities. The process of penetration testing is usually made up of four main stages: information collection before the pen test, identification of entry points, breaking in, and reporting the test results.
In general it’s good practice to employ strategies for detecting network intrusion, and to regularly test your devices, applications, and/or network for exploitable vulnerabilities. This process can be performed automatically using software, or manually using one or several of the many available penetration testing tools. Security breaches can occur via a wide variety of security concerns – including DDoS, Phishing, Man in the Middle Attack, Trojans and more – so to protect against them, you need the right tools to determine if a breach could take place, and how, so you can effectively block it.
Here is our list of the top pen test tools for DIY penetration testing, categorized by common hacking activities.
Penetration Testing for Man in the Middle Attacks
What is a Man in the Middle Attack?
A Man in the Middle Attack (MITM) is a network security attack wherein a hacking party uses the data transmission in your network against you by silently redirecting where data traveling from one server to another ends up. In a typical man in the middle attack, a hacker will monitor data transmission across your network, determine which data sets he/she wants and will redirect that data to a server outside of your network for his/her own access.
More commonly, hackers will use the MITM to redirect communication between two people – say business partners – to use that information for their own gain.
How To Detect a Man in the Middle Attack
Detection of a MITM attack can be achieved in multiple ways.
The first method of MITM detection is through using browsers with built in detection software. For example, if you visit http://twitter.com/. It is conceivable that a hacker could redirect your traffic to a mimix page, slated under http, which acts and feels just like the real platform. In this regard, it is almost impossible to detect. Yet, if you visit https://twitter.com/ and you are redirected to a http platform, your browser should automatically recognize the intrustion, block to reroute direct and send you to the correct page. The most commonly used browsers, Safari, Chrome, IE, utilize these detection methods.
A second avenue to detecting a MITM attack is to check the DNS resolution for the site in question. To check the DNS resolution of a site in question, enter the following command into your Mac terminal or Windows CMD: nslookup followed by the site in question, use twtter.com for example. If the DNS comes back as local as opposed to the true IP of the site in question, you can almost bet something tricky is happening.
Tools to Fight Against Man in the Middle Attacks
One of the most used network tools for initiating network security attacks like MITM is Ettercap. To defend against Ettercap and similiar software, your best option is well-known pen test software Metasploit. The pen test software will provide the following security:
- Simulation of real-world attacks designed to locate weak points in your network before any outside hacker does.
- Utilize open-sourced code to speed up pen tests
- Utilize the best hacker methods to locate weak network credentials, search through your network and destroy viruses
- Validate and prioritize vulnerabilities with Nexpose closed-loop integration
- Enables network admins to run pen tests at scale completing compliance faster
- Simulation of phishing campaigns so educate users on common hacking techniques
While Metasploit remains a popular pen test, there are arguments that it helps hackers.
Penetration Testing for Phishing Attacks
What are Phishing Attacks?
Graphic provided by: http://www.astraid.com/wp-content/uploads/2014/10/infographic_hacker_update-gp-trans.png
Phishing attacks are probably the most common form of network attacks. They are simple to pull off both in that they can easily trick less informed employees to click on a malicious link sending them to a fake page designed to capture access credentials.
The basic premise/hope of a phishing attack is to capture access credentials which the employees’ network already utilizes. Once those credentials are attained, a hacker can gain access to a network and begin malicious activities. Traditionally, phishing attacks come in two forms – general and spear. The general attack goes after every email address within your network hoping at least a few employees make the mistake of tumbling down the established rabbit hole. The spear attacks a few employees within your network who the hacker thinks won’t recognize the attack.
How To Detect a Phishing Attack
There are a multiple avenues to phishing detection.
-
Most modern browsers actively scan for any phishing activities. As such, if your browser provides a warning that something might be wrong, it is best to follow its advice.
-
Hover over the “from” column in your email. Hovering over the “from” column will show the sender’s email. For example, an email which is from Twitter, should have a @twitter.com domain. If the domain is something else, that might be an attack.
-
Suspicious attachments and file types. In most cases, the vast majority of real companies will not send attachments for download unless previously talked about. Users should always be on the outlook for suspicious attachments which contain the file types of: .exe, .scr, .zip, .com or .bat. The .exe file is very commonly used for phishing.
Tools to Fight Against Phishing Attacks
Some tools for penetration testing for phishing attacks include OpenVAS, Nmap, Nessus, Burp Suite and many more. As phishing attacks are considered one of the more common forms of network security concerns, there are many open-source solutions around the web which will allow you to detect sniffing, SQL injections, cross site scripting testing and a wide variety of other issues.
The majority of these tools use network sniffing, brute-force and cryptanalysis attacks, routing protocol and cache uncovering to root out issues within your network.
A Word to the Wise
There are many Pen Test tools on the market, most of them open-source, which will allow you to gain entry to your network with the express purpose of finding vulnerabilities. However, there is a thought floating around the network security community that pen test tools, while useful, are actually making networks less secure by exposing issues within them.
The more penetration testing network admins run, the more they find out why and how their networks can be breached. While this might be a good thing for the VP of Tech to report to the CEO, i.e. how network holes can be filled, the same technology is available to hackers.
Thus the argument follows: if hackers have the same tools network admins have in addition to running SQL injection schemes or man in the middle attacks, what’s to stop them from gaining access to a network, running a pen test tool undetected and fully compromising a corporate network?
Is penetration testing worth it if it only helps to expose deepening issues with a network? Is pen testing worth the time and expense or is it safer to assume your network is vulnerable at all times and have your network admins constantly working to improve network security through various methods (network scans, software patches etc.)?
While we believe in pen testing, we also think its important to discuss how extensively to test, and what’s appropriate for your business.
What tools do you use for penetration testing? Tell us in the comments section below.