Penetration testing technology is used to perform penetration tests or blue/purple/red teaming, and a toolbox for hackers. The technology is used to identify weaknesses or vulnerabilities is systems or applications. There are hundreds of tools available, most of them designed for a specific type of attack. Penetration testers can use a operating system that is specialised in hacking systems and comes preloaded with a selection of tools. Examples are Kali Linux and BackBox. Tools that can be used are for instance Nmap, Wireshark, Metasploit, sqlmap, Kismet, Armitage, Aircrack and John The Ripper.
Another tool for penetration testing are ‘dummy’ or ‘lab’ systems to practice different ways of compromising a system. Examples are OWASP Web Testing Environment and Metasploitable.
Related Keywords: fuzzing, buffer overflows, SQL injections, payload, OWASP, NIST, OSSTMM, PTES