Category: 

What Are the Different Types of Penetration Test Software?

Article Details
  • Written By: Jeremy Laukkonen
  • Edited By: Andrew Jones
  • Last Modified Date: 20 November 2016
  • Copyright Protected:
    2003-2016
    Conjecture Corporation
  • Print this Article
Free Widgets for your Site/Blog
President Richard Nixon had an entire speech prepared in case the Apollo 11 astronauts became stranded on the Moon.  more...

December 8 ,  1965 :  Pope Paul VI promulgated Vatican II into ecumenical law.  more...

There are many different types of penetration test software, and penetration testers often make use of both specialized applications and programs that are widely available to the general public. Since there are a number of steps typically associated with penetration testing, each phase requires different types of software. The basic categories that most types of penetration test software fall into are port, vulnerability, and application scanners. Some of these programs are only capable of scanning, while others can also be used to initiate attacks on any vulnerabilities that are discovered. Basic software tools, such as email programs, can also be useful in carrying out the social engineering aspect of penetration testing.

Penetration testing is a blanket term that covers a wide variety of activities, all of which are aimed at helping to secure online data, servers, and applications. Other terms for penetration testing include "white hat" and "ethical" hacking, since penetration testers use many of the same tools commonly employed by malicious hackers. The difference is that penetration testers are hired to identify weaknesses and vulnerabilities so that they can be secured before an actual attack can occur.

Ad

The process of penetration testing includes a number of different steps, and there are many different types of technology and software that can be penetration tested. That means penetration testing can make use of many different types of software. Port scanners are one of type of penetration test software commonly used during the information gathering phase. This type of software is designed to scan a remote host for any open ports, which may be targeted during an attack. Port scanning software can typically also be used to determine what operating system (OS) is running on the remote host.

Vulnerabilities scanners are another commonly used type of penetration test software. This type of software is typically programmed with a number of known vulnerabilities. If a remote host has any of these vulnerabilities, then the software can be set to implement a number of potential exploits and attacks. This type of software is sometimes also combined with a port scanner, which can streamline the penetration testing workflow.

In other situations, a type of penetration test software known as an application scanner can also be useful. This type of software can scan web-based applications, and then try to carry out a number of different attacks. Some common attacks employed by application scanners include cookie manipulation, structured query language (SQL) insertion, and buffer overruns.

Some penetration testing also has a social engineering aspect that may, or may not, make use of any software. This type of penetration testing can effectively locate any human security weaknesses, and testers often use deceptive techniques in order to access sensitive information. Email software is sometimes used to make contact, though this type of penetration testing often uses telephone conversations, and even physical interactions, in order to access valuable data.

Ad

You might also Like

Recommended

Discuss this Article

mobilian33
Post 3

The race between hackers using penetration software to damage computer systems and security people using penetration software to find weak points in computer systems is a never ending competition. The software that is used to test systems can be used by hackers to infect the systems and the whole process goes around in circles.

Feryll
Post 2

@Animandel - I can relate to what you are saying about the problems hackers and malicious software can create for you. However, when you read this article you should understand how difficult it is for computer security systems to protect you against every possible threat.

Even with the best protection software, you need to take basic precautions, like not opening suspicious emails or emails from senders you don't know. You also need to avoid websites where you will find malicious threats.

Animandel
Post 1

I got a virus on my computer at work the other week and the computer was completely useless. This was so frustrating because I had work that I needed to be completing and I needed to use the computer to do it. The virus wouldn't let me do anything.

This is particularly frustrating because we have IT guys and computer security people who are supposed to make sure that all of the computers are protected and up and running all of the time. I think the penalties for people who release viruses and people who hack into computers should be more severe. Then maybe people would think twice before doing these types of things.

Post your comments

Post Anonymously

Login

username
password
forgot password?

Register

username
password
confirm
email