REDLEGG BLOG
9-Fundamental-Cybersecurity-Tools-for-Testing-Network-Security

9 Fundamental Cybersecurity Tools for Testing Network Security

Jan 30, 2019, 12:00:25 PM  |  by RedLegg Blog

View RedLegg's Pen Test Offerings

Network security is an ongoing task: you need to continuously scan for threats, assess vulnerabilities in your network, and take corrective measures. This is a proactive approach where you simulate attacks and remediate vulnerabilities prevent network breaches, but attacks may still occur and you need to be prepared for that. As an organization, it is difficult to keep up with the latest threat landscape, as you need to focus your resources and time on the business.

The most suitable solution is to have security services provided by experts who have a wide range of experience in the field and can work with your organization to provide you with an unbiased view of the current state of network security. However, this isn't always possible due to time and budget constraints. In between assessments, there are various tools available for testing the security of your network.

Here are the nine most popular tools: their applicability varies depending on your organization’s infrastructure and available applications.

1. Vulnerability Scanner

Vulnerability scanners are used for identification and detection of vulnerabilities in the network due to misconfigurations, or incorrect settings on various network devices or firewalls. Four popular tools are listed below:

Tenable

Tenable is a network security company which provides continuous monitoring, and identifies risk to assist with compliance and best security practices. The Tenable.io platform provides you with actionable insights for your infrastructure risks, enabling you to accurately identify, investigate and prioritize actions to remediate vulnerabilities.

Burp

Burp is a specialized scanner which provides you with a list of vulnerabilities discovered on a web application, including cross-site scripting (XSS) and SQL injections. The tool supports various web application technologies, including REST, JSON, AJAX and SOAP.

IBM AppScan

Cloud-based AppScan helps you decrease the likelihood of attacks on mobile and web applications. Managed by IBM, the tool can help your organization identify and remediate vulnerabilities early in the development lifecycle, prioritize assets based on risk, and test applications both before deployment and in production environments.

Rapid 7

Rapid7 provides vulnerability insights by scanning data from your environments, and offers solutions such as auto-containment and integrated threat feeds to reduce organizational risk and manage your business.

Read more about what vulnerability scanning is and how it works.

2. Port Scanner

Port scanning is used by systems and network administrators to scan for open ports and verify the security policies of the network. The most widely used tool for scanning networks is NMAP (network mapper). This utility is available for free and can scan your network ports determine available network hosts, which applications (including versions) are running on those hosts, their operating systems and versions, packet filters/firewalls in use, and many other attributes.

3. OSINT Tools

Open-Source Intelligence is “intelligence produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement. OSINT draws from a wide variety of information and sources” including mass media, public data, audience-specific literature, and observations and reporting from public sources such as satellites, planes, and radios. There are various OSINT tools available; some examples are listed below.

Google Search

Google search is the most popular and commonly used tool to provide you with insights about various events.

WHOIS

As a domain registration and hosting service, WHOIS can provide domain name details, such as the IP address, name servers, the company where the domain is hosted, and even the registrant contact information. It also offers infrastructure services and SiteLock, a subscription service that monitors your website daily for security gaps, identifies threats before they are exploited, and remediates vulnerabilities in the background.

Maltego

Developed by Paterva, Maltego is a data mining tool that uses transforms to automate data source queries, and is available by default in Kali Linux. You can use either the built-in transforms or write custom ones to analyze targets and take the necessary actions.

Shodan

A search engine that finds specific types of internet-connected devices, Shodan is the most widely used tool used by hackers to find vulnerable devices. The tool displays a list of devices that are connected online, and you can view connected webcams, traffic lights, routers, and servers through their service banner metadata.

theHarvester

This tool is in built into Kali Linux and is used to collect information such as email addresses, subdomains, hosts, employee names, open ports, and banners from specific targets, such as public search engines, key servers, and the SHODAN database. The tool helps pen testers establish an organization’s internet footprint, including what types of organizational information a potential attacker can view on the internet.

Recon-ng

This Python-based tool is used to gather domain-specific information that can be exploited using social engineering techniques. It indexes the domain names to various search engines and is used for web-based, open-source reconnaissance.

TinEye

This is a reverse-image tool that tracks your images, discovers where they appear online, and alerts you. Through December 2018, the tool has indexed over 33.5 billion images.

4. Banner Grabbing

Banner grabbing is a technique used to collect details about the hosts connected to a network and the services running on them. Administrators use it to catalog their networks, and ethical hackers use it during penetration testing. But hackers can also use it to reveal compromising network host information by running a simple Telnet command to connect to a specific IP address:

nap -sV --script=banner 255.255.255.255

5. Transparent Proxies

These proxies are systems that act as intermediaries and perform the functions of authentication, redirection and caching. This functionality prevents the user from directly connecting to the web server, providing better control and security.

Burp Suite

Burp Proxy functions as an invisible proxy server (a man-in-the-middle between the browser and target application), which allows the client to connect directly to the proxy listener. You can also send requests to other Burp Suite tools for more advanced testing.

6. Source Code Analytics

Veracode

Veracode is a code-scanning application which scans your code for potential vulnerabilities and increases the application security. It was developed to make application security a seamless part of software development.

Fortify

Fortify is also a static code analyzer which supports over 25 programming languages. You can easily integrate the plugin into the IDE of your choice and then add the necessary security fixes through your IDE.

7. Debugging/Reverse-Engineering

Immunity Debugger

This tool lets you write exploits, analyze malware, and reverse-engineer binary files. The debugger is designed specifically for the security industry and supports both GUI and command languages.

IDA

This is a multiprocessor disassembler and debugger which supports multiple debugging targets. Available for many platforms, under license, IDA is arguably the most important tool available for software analysis.

8. Exploitation Frameworks

If you discover a vulnerability and want to validate whether other controls are remediating the risk, using an exploitation framework will help verify if the vulnerability is exploitable. While no substitute for a professional penetration tester, many of these frameworks have automated exploitation modes that will attempt to exploit discovered vulnerabilities, acting in the capacity of a low-skilled attacker. Some examples include:

Metasploit Pro

Built from the open-source Metasploit Framework, Metasploit Pro is a reasonably priced, GUI-based tool that allows the tester to attack individual vulnerabilities and enable an auto-attack. Metasploit Pro, however, does not address as many vulnerabilities as other products might.

Core Impact

While pricey, Core Impact is considered one of the strongest tools on the market. The tool includes options to leverage both zero-day vulnerabilities and known vulnerabilities during its attack run.

9. Note-Taking Tools

When analyzing the security of your network, you can use any of the available note-taking tools of your choice. We like the following tools, as they were designed keeping the developers and programmers in mind:

  • Boostnote
  • MedleyText
  • Quiver
  • OneNote
  • SublimeText

View RedLegg's Pen Test Offerings

Want more? Read about...

Subscribe to Our Blog

Follow everything RedLegg as we provide comprehensive solutions for real-world data protection and security challenges.

Related Articles

On-Demand Webinar: OWASP and Testing Your App Security events, pen testing, vulnerability

On-Demand Webinar: OWASP and Testing Your App Security

Our penetration testing and security experts gave their insight on the value, and pitfalls, of the OWASP Top 10, ...
Live Webinar: OWASP Top 10 vs OWASP ASVS events, pen testing, vulnerability

Live Webinar: OWASP Top 10 vs OWASP ASVS

Live Webinar - Wednesday, August 28 at 11 a.m. CST // 12 p.m. EST The conversations that a couple of security ...