There are many tools that protect systems from external attack. Like firewall, this is very important for any system.
Security testing tools can be used to test security of the system by trying to break it or by hacking it. The attacks may focus on the network, the support software, the application code or the underlying database.
Features or characteristics of security testing tools are:
- To identify viruses;
- To detect intrusions such as denial of service attacks;
- To simulate various types of external attacks;
- Probing for open ports or other externally visible points of attack;
- To identify weaknesses in password files and passwords;
- To do the security checks during operation, e.g. for checking integrity of files, and intrusion detection, e.g. checking results of test attacks.
Popular security testing tools
- Zed Attack Proxy
- Aircrack-ng
- Metasploit
- ZMap
- SOAtest
- Nmap
- Jtest
- American fuzzy lop
- AddressSanitizer
- SQLmap
- Wireshark
- Wapiti
- Vega
- W3af
- Skipfish
- Ratproxy
- Wfuzz
- Grendel Scan
- Arachni
- Grabber
Rajesh says
Hi, i have 10 years of manual testing experience.now i am planning to learn security testing to build my career. So, what are all the pre-requisets to learn Security Testing and how will be the future for this in down the line 10 years. Please let me know