Datasheet
20
Part I: Building the Foundation for Ethical Hacking
Selecting tools
As with any project, if you don’t have the right tools for ethical hacking, you
might have difficulty accomplishing the task effectively. Having said that, just
because you use the right tools doesn’t mean that you’ll discover all the right
vulnerabilities.
Know the personal and technical limitations. Many vulnerability scanners
generate false positives and negatives (incorrectly identifying vulnerabili-
ties). Others just skip right over vulnerabilities altogether. In certain situa-
tions, you might need to run multiple vulnerability scanners to find the
most vulnerabilities.
Many tools focus on specific tests, and no tool can test for everything. For
the same reason you wouldn’t drive a nail with a screwdriver, don’t use a
word processor to scan your network for open ports. This is why you need
a set of specific tools for the task. The more (and better) tools you have, the
easier your ethical hacking efforts are.
Make sure you’re using the right tool for the task:
✓ To crack passwords, you need cracking tools, such as ophcrack and
Proactive Password Auditor.
A general port scanner, such as SuperScan or Nmap, won’t work for
cracking passwords and rooting out detailed vulnerabilities.
✓ For an in-depth analysis of a Web application, a Web application assess-
ment tool (such as N-Stalker or WebInspect) is more appropriate than a
network analyzer (such as Wireshark).
When selecting the right security tool for the task, ask around. Get advice
from your colleagues and from other people online. A simple groups search on
Google (http://groups.google.com), LinkedIn (www.linkedin.com) or
a perusal of security portals, such as http://SecurityFocus.com and
http://SearchSecurity.com, often produces great feedback from other
security experts about what works and what doesn’t.
Hundreds, if not thousands, of tools can be used for ethical hacking — from
software-based vulnerability scanner programs to hardware-based network
analyzers. The following list runs down some of my favorite commercial, free-
ware, and open source security tools:
✓ Cain & Abel
✓ OmniPeek