Best Penetration Test Software

[zillah]

What is the best penetration test that we can use ?
Would Linux LiveCD Auditor Security Collection be considered as cd to do penetration test ?

Thanks

[HTRegz]

Auditor is outdated... it and WHAX combined forces to become Backtrack..

But you realize that a pen test is more than just the software right?? If you want pen test software you're looking at like Core Impact or the equivalent ... a pen test in reality relies on your skillset... the ideas you meld together and so forth.

[TheX1le]

HtRegz is correct. Backtrack 2 Beta is the best way to go. But to give you any other tips i would need to know what your target is. If its a bussiness well then they would be best to higher some pentesting teams. If its just you wanting to test your own network. Use nmap to scan your ip addresss from out side your network and make sure that any ports that show as open you really want open. That and your software is up to date with no vuls. If your trying to use this on a network that you dont have access to your on the wrong forum... A bit more info and i could point you in the right direction. Good luck- TheX1le

[Nokia]

I just bought Core Impact.....£15,000 for an unlimited license and 1 year tech support!!!!!!!!!!

Glad it was the companies money!

The fact that you are here asking what to use to carry out a pen test would make me say not to bother really. You could do more harm than good, and still may not be able to interpret the results properly of any test you do...... It may be best to get an external company to do it for you.....it will still be cheaper the buying Core fecking Impact!

Although not strictly a pen testing tool Nessus will give you a heads up on the state of your network and is prety simple to use - almost point and click type stuff. And there is lots of aid on the web to find out what Nessus results mean.

//I would certianly use more than Nmap to carry out a pen test on yourself though....

[zillah]

But you realize that a pen test is more than just the software right??

Yes.

The fact that you are here asking what to use to carry out a pen test would make me say not to bother really. You could do more harm than good, and still may not be able to interpret the results properly of any test you do...... It may be best to get an external company to do it for you.....it will still be cheaper the buying Core fecking Impact!

Thanks for this advice nokia

But to give you any other tips i would need to know what your target is. If its a bussiness well then they would be best to higher some pentesting teams.

Yes it a bussiness.

[itsmedave]

http://www.acunetix.com/
Acunetix is a decent homepage audit-tool.

[nihil]

I am sorry itsmedave, but I think that you are missing the point of the professional advice being given here.

1. If you have to ask what tool, you shouldn't be using it.
2. CYA, CYA, CYA.............. that is an acronym for "cover your a$$"

Get outsiders in to do this sort of thing........... then, if you get hit, it wasn't you who said everything was fine?