45 Best Penetration Testing Tools in 2020

1) Netsparker

Netsparker is an easy to use web application security scanner that can automatically find SQL Injection, XSS and other vulnerabilities in your web applications and web services. It is available as on-premises and SAAS solution.

Features

Dead accurate vulnerability detection with the unique Proof-Based Scanning Technology.
Minimal configuration required. Scanner automatically detects URL rewrite rules, custom 404 error pages.
REST API for seamless integration with the SDLC, bug tracking systems etc.
Fully scalable solution. Scan 1,000 web applications in just 24 hours.

2) Acunetix

Acunetix is a fully automated penetration testing tool. Its web application security scanner accurately scans HTML5, JavaScript and Single-page applications. It can audit complex, authenticated webapps and issues compliance and management reports on a wide range of web and network vulnerabilities, including out-of-band vulnerabilities.

Features:

Scans for all variants of SQL Injection, XSS, and 4500+ additional vulnerabilities
Detects over 1200 WordPress core, theme, and plugin vulnerabilities
Fast & Scalable – crawls hundreds of thousands of pages without interruptions
Integrates with popular WAFs and Issue Trackers to aid in the SDLC
Available On Premises and as a Cloud solution.

3) Indusface

Indusface WAS offers manual Penetration testing and automated scanning to detect and report vulnerabilities based on OWASP top 10 and SANS top 25.

Features

Crawler scans single page applications
Pause and resume feature
Manual PT and Automated scanner reports displayed in the same dashboard
Unlimited proof of concept requests offers evidence of reported vulnerabilities and helps eliminate false positive from automated scan findings
Optional WAF integration to provide instant virtual patching with Zero False positive
Automatically expands crawl coverage based on real traffic data from the WAF systems (incase WAF is subscribed and used)
24×7 support to discuss remediation guidelines/POC

4) ImmuniWeb

ImmuniWeb is a global provider of web and mobile application penetration testing and security ratings. ImmuniWeb AI Platform enhances human testing with award-winning AI technology to accelerate and expand security testing. ImmuniWeb is recognized by Gartner, Forrester and IDC for rapid, scalable and DevSecOps-enabled penetration testing that greatly surpasses traditional penetration testing approaches.

Features:

Rapid delivery SLA
Zero False-Positive SLA
SANS Top 25 Full Coverage
OWASP Top 10 Full Coverage
PCI DSS 6.5.1-6.5.11 Full Coverage
Tailored Remediation Guidelines
24/7 Access to Our Security Analysts
Integration with SDLC & CI/CD Tools
One-Click Virtual Patching via WAF

5) PureVPN

PureVPN is an indispensable tool in an Ethical hackers arsenal. You may need it to check target in different geographies, simulate nonpersonalized browsing behavior, anonymized file transfers, etc.

Features:

No Log VPN with high security and anonymity
Very fast speeds with 2000+ servers across continents
Based in Hongkong, it does not store any data.
Split tunneling and 5 simultaneous logins
24/7 support
Supports Windows, Mac, Android, Linux, iPhone, etc.
300,000+ IPs
Port Forwarding, Dedicated IO and P2P Protection
31 Day Money-Back Guarantee

6) Owasp

The Open Web Application Security Project (OWASP) is a worldwide non-profit organization focused on improving the security of software. The project has multiple tools to pen test various software environments and protocols. Flagship tools of the project include

Zed Attack Proxy (ZAP – an integrated penetration testing tool)
OWASP Dependency Check (it scans for project dependencies and checks against know vulnerabilities)
OWASP Web Testing Environment Project (collection of security tools and documentation)

The OWASP testing guide gives “best practice” to penetration test the most common web application

7) WireShark

Wireshark is a network analysis pentest tool previously known as Ethereal. It captures packet in real time and display them in human readable format. Basically, it is a network packet analyzer- which provides the minute details about your network protocols, decryption, packet information, etc. It is an open source and can be used on Linux, Windows, OS X, Solaris, NetBSD, FreeBSD and many other systems. The information that is retrieved via this tool can be viewed through a GUI or the TTY mode TShark Utility.

WireShark features include

Live capture and offline analysis
Rich VoIP analysis
Capture files compressed with gzip can be decompressed on the fly
Output can be exported to XML, PostScript, CSV or plain text
Multi-platform: Runs on windows, Linux, FreeBSD, NetBSD and many others
Live data can be read from internet, PPP/HDLC, ATM, Blue-tooth, USB, Token Ring, etc.
Decryption support for many protocols that include IPsec, ISAKMP, SSL/TLS,WEP, and WPA/WPA2
For quick intuitive analysis, coloring rules can be applied to the packet
Read/Write many different capture file formats

8) w3af

w3af is a web application attack and audit framework. It has three types of plugins; discovery, audit and attack that communicate with each other for any vulnerabilities in site, for example a discovery plugin in w3af looks for different url’s to test for vulnerabilities and forward it to the audit plugin which then uses these URL’s to search for vulnerabilities.

It can also be configured to run as a MITM proxy. The request intercepted could be sent to the request generator and then manual web application testing can be performed using variable parameters. It also has features to exploit the vulnerabilities that it finds.

W3af features

Proxy support
HTTP response cache
DNS cache
File uploading using multipart
Cookie handling
HTTP basic and digest authentication
User agent faking
Add custom headers to requests

9) Metaspoilt

This is the most popular and advanced Framework that can be used for pentest. It is an open source tool based on the concept of ‘exploit’ which means you pass a code that breach the security measures and enter a certain system. If entered, it runs a ‘payload’, a code that performs operations on a target machine, thus creating the perfect framework for penetration testing. It is a great testing tool test whether the IDS is successful in preventing the attacks that we bypass it

Metaspoilt can be used on networks, applications, servers, etc. It has a command line and GUI clickable interface, works on Apple Mac OS X, works on Linux and Microsoft Windows.

Kali works only on Linux Machines. It enables you to create a backup and recovery schedule that fit your needs. It promotes a quick and easy way to find and update the largest database of security penetration testing collection to-date. It is the best tools available for packet sniffing and injecting. An expertise in TCP/IP protocol and networking can be beneficial while using this tool.

Features

Addition of 64 bit support allows brute force password cracking
Back Track comes with pre-loaded tools for LAN and WLAN sniffing, vulnerability scanning, password cracking, and digital forensics
Backtrack integrates with some best tools like Metaspoilt and Wireshark
Besides network tool, it also includes pidgin, xmms, Mozilla, k3b, etc.
Back track support KDE and Gnome.

11) Samurai framework:

The Samurai Web Testing Framework is a pen testing software. It is supported on VirtualBox and VMWare that has been pre-configured to function as a web pen-testing environment.

Features:

It is open source, free to use tool
It contains the best of the open source and free tools that focus on testing and attacking website
It also includes a pre-configured wiki to set up the central information store during the pen-test

12) Aircrack:

Aircrack is a handy wireless pentesting tools. It cracks vulnerable wireless connections. It is powered by WEP WPA and WPA 2 encryption Keys.

Features:

More cards/drivers supported
Support all types of OS and platforms
New WEP attack: PTW
Support for WEP dictionary attack
Support for Fragmentation attack
Improved tracking speed

13) ZAP:

ZAP is one of the most popular open source security testing tool. It is maintained by hundreds of international volunteers. It can help users to find security vulnerabilities in web applications during the developing and testing phase.

Features:

It helps to Identifies the security holes present in the web application by simulating an actual attack
Passive scanning analyse the responses from the server to identify certain issues
It attempts brute force access to files and directories.
Spidering feature helps to construct the hierarchical structure of the website
Supplying invalid or unexpected data to crash it or to produce unexpected results
Helpful tool to find out the open ports on the target website
It provides an interactive Java shell which can be used to execute BeanShell scripts
It is fully internationalized and supports 11 languages

14) Sqlmap:

Sqlmap is an open source penetration testing tool. It automates the entire process of detecting and exploiting SQL injection flaws. It comes with many detection engines and features for an ideal penetration test.

Features:

Full support for six SQL injection techniques
Allows direct connection to the database without passing via a SQL injection
Support to enumerate users, password hashes, privileges, roles, databases, tables, and columns
Automatic recognition of password given in hash formats and support for cracking them
Support to dump database tables entirely or specific columns
The users can also select a range of characters from each column’s entry
Allows to establish TCP connection between the affected system and the database server
Support to search for specific database names, tables or specific columns across all databases and tables
Allows to execute arbitrary commands and retrieve their standard output on the database server

15) Sqlninja:

Sqlninja is a penetration testing tool. It is aimed to exploit SQL Injection vulnerabilities on a web application. It uses Microsoft SQL Server as back-end. It also provides a remote access on the vulnerable DB server, even in a very hostile environment.

Features:

Fingerprinting of the remote SQL
Data extraction, time-based or using DNS tunnel
Allows Integration with Metasploit3, to obtain a graphical access to the remote DB server
Upload of executable using only normal HTTP requests via VBScript or debug.exe
Direct and reverse bindshell, both for TCP and UDP
Creation of a custom xp cmdshell if the original one is not available on w2k3 using token kidnapping

16) BeEF:

The Browser Exploitation Framework. It is a pentesting tool that focuses on the web browser. It uses GitHub to track issues and host its git repository.

Features:

It allows to check the actual security posture by using client-side attack vectors
BeEF allows to hook with one or more web browsers. It can then be used for launching directed command modules and further attacks on the system.

17) Dradis:

Dradis is an open source framework for penetration testing. It allows maintaining the information that can be shared among the participants of a pen-test. The information collected helps users to understand what is completed and what needs to completed.

Features:

Easy process for report generation
Support for attachments
Seamless collaboration
Integration with existing systems and tools using server plugins
Platform independent

18) Rapid 7:

Nexpose Rapid 7 is a useful vulnerability management software. It monitors exposures in real-time and adapts to new threats with fresh data which helps users to act at the moment of impact.

Features:

Get a Real-Time View of Risk
It brings innovative and progressive solutions that help the user to get their jobs done
Know Where to Focus
Bring More to Your Security Program

19) Hping:

Hping is a TCP/IP packet analyzer pen testing tool. This interface is inspired to the ping (8) UNIX command. It supports TCP, ICMP, UDP, and RAW-IP protocols.

Features:

Allows firewall testing
Advanced port scanning
Network testing, using different protocols, TOS, fragmentation
Manual path MTU discovery
Advanced traceroute with all the supported protocols
Remote OS fingerprinting & uptime guessing
TCP/IP stacks auditing

20) SuperScan:

Superscan is a free Windows-only closed-source penetration testing tool. It also includes networking tools such as ping, traceroute, whois and HTTP HEAD.

Feature:

Superior scanning speed
Support for unlimited IP ranges
Improved host detection using multiple ICMP methods
Provide support for TCP SYN scanning
Simple HTML report generation
Source port scanning
Extensive banner grabbing
Large built-in port list description database
IP and port scan order randomization
Extensive Windows host enumeration capability

21) ISS Scanner:

The IBM Internet Scanner is a pen testing tool which offers the foundation for the effective network security for any business.

Features:

Internet Scanner minimize the business risk by finding the weak spots in the network
It allows to automate scans and discover vulnerabilities
Internet Scanner cuts the risk by identifying the security holes, or vulnerabilities, in the network
Complete Vulnerability Management
Internet Scanner can identify more than 1,300 types of networked devices

22) Scapy:

Scapy is a powerful and interactive pen testing tool. It can handle many classical tasks like scanning, probing, and attacks on the network.

Features:

It performs some specific tasks like sending invalid frames, injecting 802.11 frames. It uses various combining techniques which is hard to do with other tools
It allows user to build exactly the packets they want
Reduces the number of lines written to execute the specific code

23) IronWASP:

IronWASP is an open source software for web application vulnerability testing. It is designed to be customizable so that users can create their custom security scanners using it.

Features:

GUI based and very easy to use
It has powerful and an effective scanning engine
Support for recording Login sequence
Reporting in both HTML and RTF formats
Checks for over 25 types of web vulnerabilities
False Positives and Negatives detection support
It supports Python and Ruby
Extensible using plug-ins or modules in Python, Ruby, C# or VB.NET

24) Ettercap:

Ettercap is a comprehensive pen testing tool. It supports active and passive dissection. It also includes many features for network and host analysis.

Features:

It supports active and passive dissection of many protocols
Feature of ARP poisoning to sniff on a switched LAN between two hosts
Characters can be injected into a server or to a client while maintaining a live connection
Ettercap is capable of sniffing an SSH connection in full duplex
Allows sniffing of HTTP SSL secured data even when the connection is made using proxy
Allows creation of custom plugins using Ettercap’s API

25) Security Onion:

Security Onion is a penetration testing tool. It is used for intrusion detection, and network security monitoring. It has an easy-to-use Setup wizard allows users to build an army of distributed sensors for their enterprise.

Features:

It is built on a distributed client-server model
Network Security Monitoring allows monitoring for security related events
It offers full packet capture
Network-based and host-based intrusion detection systems
It has a built-in mechanism to purge old data before storage device fill to its capacity

26) Personal Software Inspector:

Personal Software Inspector is an open source computer security solution. This tool can identify vulnerabilities in applications on a PC or a Server.

Features:

It is available in eight different languages
Automates the updates for insecure programs
It covers thousands of programs and automatically detects insecure programs
This pen testing tool automatically and regularly scans PC for vulnerable programs
Detects and notifies programs that can’t be automatically updated

27) HconSTF:

HconSTF is Open Source Penetration Testing tool based on different browser technologies. It helps any security professional to assists in the Penetration testing. It contains web tools which are powerful in doing XSS, SQL injection, CSRF, Trace XSS, RFI, LFI, etc.

Features:

Categorized and comprehensive toolset
Every option is configured for penetration testing
Specially configured and enhanced for gaining solid anonymity
Works for web app testing assessments
Easy to use & collaborative Operating System

28) IBM Security AppScan:

IBM Security AppScan helps to enhance web application security and mobile application security. It improves application security and strengthens regulatory compliance. It helps users to identify security vulnerabilities and generate reports.

Features:

Enable Development and QA to perform testing during SDLC process
Control what applications each user can test
Easily distribute reports
Increase visibility and better understand enterprise risks
Focus on finding and fixing issues
Control the access of information

29) Arachni:

Arachni is an open source Ruby framework based tool for penetration testers & administrators. It is used for evaluating the security of modern web applications.

Features:

It is a versatile tool, so it covers large numbers of use-cases. This ranging from a simple command line scanner utility to a global high-performance grid of scanners
Option for Multiple deployments
It offers verifiable, inspectable code base to ensure the highest level of protection
It can easily integrate with browser environment
It offers highly detailed and well-structured reports

30) Websecurify:

Websecurify is a powerful security testing environment. It is a user -friendly interface which is simple and easy to use. It offers a combination of automatic and manual vulnerability testing technologies.

Features:

Good testing and scanning technology
Strong testing engine to detect URLs
It is extensible with many available add-ons
It is available for all the major desktop and mobile platforms

31) Vega:

Vega is an open source web security scanner and pen testing platform to test the security of web applications.

Features:

Automated, Manual, and Hybrid Security Testing
It helps users to find vulnerabilities. It may be cross-site scripting, stored cross-site scripting, blind SQL injection, shell injection, etc.
It can automatically log into websites when supplied with user credentials
It runs effectively on Linux, OS X, and Windows
Vega detection modules are written in JavaScript

32) Wapiti:

Wapiti is another famous penetration testing tool. It allows auditing the security of the web applications. It supports both GET and POST HTTP methods for the vulnerability check.

Features:

Generates vulnerability reports in various formats
It can suspend and resume a scan or an attack
Fast and easy way to activate and deactivate attack modules
Support HTTP and HTTPS proxies
It allows restraining the scope of the scan
Automatic removal of a parameter in URLs
Import of cookies
It can activate or deactivate SSL certificates verification
Extract URLs from Flash SWF files

33) Kismet:

Kismet is a wireless network detector and intrusion detection system. It works with Wi-Fi networks but can be expanded via plugins as it allows to handle other network types.

Features:

Allows standard PCAP logging
Client/Server modular architecture
Plug-in architecture to expand core features
Multiple capture source support
Distributed remote sniffing via light-weight remote capture
XML output for integration with other tools

34) Kali Linux:

Kali Linux is an open source pen testing tool which is maintained and funded by Offensive Security.

Features:

Full customization of Kali ISOs with live-build to create customized Kali Linux images
It contains a bunch of Meta package collections which aggregate different tool sets
ISO of Doom and Other Kali Recipes
Disk Encryption on Raspberry Pi 2
Live USB with Multiple Persistence Stores

35) Parrot Security:

Parrot Security is a pen testing tool. It offers fully portable laboratory for security and digital forensics experts. It also helps users to protect their privacy with anonymity and crypto tools.

Features:

It includes a full arsenal of security oriented tools to perform penetration tests, security audits and more.
It comes with preinstalled and useful and updated libraries
Offers powerful worldwide mirror servers
Allows community-driven development
Offers separate Cloud OS specifically designed for servers

36) OpenSSL:

This toolkit is licensed under an Apache-style license. It is free and open source project that provides a full-featured toolkit for the TLS and SSL protocols.

Features:

It is written in C, but wrappers are available for many computer languages
The library includes tools for generating RSA private keys and Certificate Signing Requests
Verify CSR file
Completely remove Passphrase from Key
Create new Private Key and allows Certificate Signing Request

37) Snort:

Snort is an open-source intrusion detection and pen testing system. It offers the benefits of signature-protocol- and anomaly-based inspection methods. This tool helps users to get maximum protection from malware attacks.

Features:

Snort gained notoriety for being able to detect threats accurately at high speeds
Protect your workspace from emerging attacks quickly
Snort can be used to create customized unique network security solutions
Test SSL certificate of a particular URL
It can check if particular cipher is accepted on URL
Verify the Certificate Signer Authority
Ability to submit false positives/negatives

38) Backbox:

BackBox is an Open Source Community project with the objective of enhancing the culture of security in IT environment. It is available in two different variations like Backbox Linux and Backbox Cloud. It includes some of the most commonly known/used security and analysis tools.

Features:

It is helpful tool to reduce company resource needs and lower costs of managing multiple network device requirements
It is fully automated pen testing tool. So, no agents and no network configuration needed to make changes. In order to perform scheduled automated configuration
Secure Access to Devices
Organizations can save time as there is no need to track individual network devices
Supports Credential and Configuration File Encryption
Self-Backup and Automatic Remote Storage
Offers IP Based Access Control
No need to write command as it comes with pre-Configured Commands

39) THC Hydra:

Hydra is a parallelized login cracker and pen testing tool. It is very fast and flexible, and new modules are easy to add. This tool allows researchers and security consultants to find unauthorized access.

Features:

Full time-memory trade-off tool suites along with rainbow table generation, sort, conversion and look up
It supports rainbow table of any hash algorithm
Support rainbow table of any charset
Support rainbow table in compact or raw file format
Computation on multi-core processor support
Runs on Windows and Linux operating systems
Unified rainbow table file format on all supported OS
Support GUI and Command line user interface

40) Reputation Monitor Alert:

Open Threat Exchange Reputation Monitor is a free service. It allows professionals to track their organization’s reputation. With the help of this tool, businesses and organizations can track the public IP and domain reputation of their assets.

Features:

Monitors cloud, hybrid cloud, and on-premises infrastructure
Delivers continuous threat intelligence to keep update about threats as they emerge
Provides most comprehensive threat detection and actionable incident response directives
Deploys quickly, easily, and with less number of efforts
Reduces TCO over traditional security solutions

41) John the Ripper:

John the Ripper known as JTR is a very popular password cracking tool. It is primarily used to perform dictionary attacks. It helps identify weak password vulnerabilities in a network. It also supports users from brute force and rainbow crack attacks.

Features:

John the Ripper is free and Open Source software
Proactive password strength checking module
It allows online browsing of the documentation
Support for many additional hash and cipher types
Allows to browse the documentation online including summary of changes between two versions

42) Safe3 scanner:

Safe3WVS is one of the most powerful web vulnerability testing tool. It comes with web spider crawling technology, especially web portals. It is the fastest tool to find issues like SQL injection, upload vulnerability, and more.

Features:

Full support for Basic, Digest and HTTP authentications.
Intelligent web spider automatic removes repeated web pages
An automatic JavaScript analyzer provide support for extracting URLs from Ajax, Web 2.0 and any other applications
Support to scan SQL injection, upload vulnerability, admin path and directory list vulnerability

43) CloudFlare:

CloudFlare is CDN with robust security features. Online threats range from comment spam and excessive bot crawling to malicious attacks like SQL injection. It provides protection against comment spam, excessive bot crawling, and malicious attacks.

Feature:

It is an enterprise-class DDoS protection network
Web application firewall helps from the collective intelligence of the entire network
Registering domain using CloudFlare is the most secure way to protect from domain hijacking
Rate Limiting feature protects user’s critical resources. It blocks visitors with suspicious number of request rates.
CloudFlare Orbit solves security issues for IOT devices

44) Zenmap

Zenmap is the official Nmap Security Scanner software. It is a multi-platform free and open source application. It is easy to use for beginners but also offers advanced features for experienced users.

Features:

Interactive and graphical results viewing
It summarizes details about a single host or a complete scan in a convenient display.
It can even draw a topology map of discovered networks.
It can show the differences between two scans.
It allows administrators to track new hosts or services appearing on their networks. Or track existing services that go down

The other tools that might be useful for penetration testing are

Acunetix: It is a web vulnerability scanner targeted at web applications. It is expensive tool compare to others and provides facility like cross site scripting testing, PCI compliance reports, SQL injection, etc.
Retina: It is more like a vulnerability management tools than a pre-testing tool
Nessus: It concentrates in compliance checks, sensitive data searches, IPs scan, website scanning, etc.
Netsparker: This tool comes with a robust web application scanner that identifies vulnerabilities and suggest solutions. There are free limited trials available but most of the time it is a commercial product. It also helps to exploit SQL injection and LFI (Local File Induction)
CORE Impact: This software can be used for mobile device penetration, password identification and cracking, network devise penetration etc. It is one of the expensive tools in software testing
Burpsuite: Like other this software is also a commercial product. It works on by intercepting proxy, web application scanning, crawling content and functionality etc. The advantage of using Burpsuite is that you can use this on windows, Linux and Mac OS X environment.

Source: https://www.guru99.com/top-5-penetration-testing-tools.html

Benzer Gönderiler/Related Posts