Truvantis Blog

Top 5 free pentesting tools for quick results

Being able to accurately perform a pentest on a network that you are not familiar with takes both knowledge about the underlying infrastructure (to be able to navigate) and the proper tools for the job. Just like a construction worker has his toolbox of tools needed to perform his duties, so will you. Here are my top 5 that are highly recommended in the industry.

Kali linux

This is one that is necessary for all pentesters as it is the stapling foundation of ethical hacking and malicious hacking alike. Kali Linux is one tool that both the attackers and defenders will use and it is fit for the job. You are even able to get custom copies downloaded that have all of the tools listed below already preinstalled out the box. It is highly recommended you obtain a bootable copy of kali as well as spend some time training and learning how to use it.

Nmap or Zenmap

These two are what allows you to discover the battlefield. They both do the same thing, one is just a GUI interface. NMAP will scan the network to tell you all open ports and all the IP addresses that are switched on. This step is vital to fully understanding your attack vectors in any engagement and being able to map out the network.

John the Ripper

At some point, you will discover the easiest method to get access on a network is by gaining that access through someone who already has it on the network. John the ripper allows you to perform password cracking techniques to possibly crack some password hashes you have discovered while exploring. With each password you can crack, you have a higher potential for scoring an account with privileged access to do more damage on that particular network. The effectiveness of John the ripper will depend on two things; the password hash complexity (basically how long the passwords are) and the resources you have available to perform these attacks.


Wireshark acts as another discovery tool, but this is more so for wireless networks. It does a great breakdown of all the netflow communication between devices on the network. You will need wireshark's functionality to perform attacks like man-in-the-middle to see the open traffic ports and determine the best way to interject yourself into that communications to become a trusted entity on the network.

Cain and Abel

Now be warned, this tool is very loud and takes an aggressive approach to testing a network. If the security team on that network has proper logging and alerts set up, they should have no problem finding you. If not, it is the all-in-one solution. Its primary use is as a password cracker, but it can be used in other ways that john the ripper can't. For example, instead off just uploading a hash for it to crack, cain can intercept network traffic keys on the fly and use several different methods to crack the key hash like dictionary or rainbow type attacks.


Topics: Penetration Testing

Subscribe to Email Updates

Recent Posts

Contact Us