Table 4 Main tools used on Pentest
Tool name | Manufacturer | License | Category | Phase on Pentest |
|---|---|---|---|---|
Acunetix WS | Acunetix | Commercial | Web vulnerability scanner | Pre-attack and attack |
WebInspect | HP | Commercial | Web vulnerability scanner | Pre-attack and attack |
AppScan | IBM | Commercial | Web vulnerability scanner | Pre-attack and attack |
Metasploit | Rapid7 | Open Source | Vulnerability exploitation tool | Attack |
Nessus | Tenable | Commercial | Vulnerability scanner | Pre-attack |
NeXpose | Rapid7 | Commercial | Vulnerability scanner | Pre-attack |
Nikto | CIRT | Open Source | Web vulnerability scanner | Pre-attack |
Nmap | – | Open Source | Port scanner | Pre-attack |
Paros | – | Open Source | Web vulnerability scanner; Web proxy | Pre-attack |
QualysGuard | Qualys | Commercial | Vulnerability scanner | Pre-attack |
WebScarab | OWASP | Open Source | Web vulnerability scanner | Pre-attack |
Wireshark | Wireshark | Open Source | Packet crafting tool | Pre-attack |