There is no such thing as a 100% hack proof environment. Pen testing isn't designed to achieve this and those who believe this are simply ignorant. Pen testing hedges your bets so to speak, or if you prefer, allows you to mitigate risk to an acceptable level. You can clean up low hanging fruit and such but if there is a particular system that you want to secure to the best of your ability, you better sit down and map out the entire box starting from the ground up. The same goes for network equipment too.

You will never see the end of pen testing tools, they are a part of many accepted best practices. The difference is you must understand how and when to use them. This is where their real value resides.

--TH13