
  
Nowadays, as new technologies such as big data, Internet of Things, artificial intelligence, and machine learning gradually appear in our daily lives, as a large number of companies have successfully completed and realized digital transformation, various cyber threats and crimes are also emerging. Increase exponentially. According to Statista’s statistics (as shown in the figure below), in 2019, network security breaches caused global losses of 20.38 million U.S. dollars. Cybriant.com also believes that cybercrime caused a 0.8% loss of world GDP in 2019 (approximately US$2.1 trillion in total).
This year, as the epidemic continues to affect the global economic environment, both individuals and small and micro enterprises will become more vulnerable when faced with cyber security threats than before. Therefore, in order to better deal with the “cold winter”, we will definitely need to improve our defense capabilities. Here, I will introduce you to 10 excellent network security tools, hoping to provide you with a reference for the overall security reinforcement of your enterprise and the planning of the security budget for 2021.
 What is penetration testing?
Before the formal introduction, let us first understand a basic concept of security-penetration testing. It refers to the use of security testing methods such as malicious attacks to carefully check all security risks or vulnerabilities of the target system (such as software, hardware, business services, and network environment, etc.), and finally manage the system based on the assessment of the security situation The normal functions of the system, and protect business data. It is worth noting that penetration testing is a non-functional test, and the QA engineer who performs the test is also called an ethical hacker.
  Top 10 Internet Security Tools Worth Watching
Currently, there are two camps of security testing tools, paid and open source, on the market, let’s understand them one by one:
 1. NMap
As the abbreviation of Network Mapper, NMap is an open source and free security scanning tool that can be used for security audits and network discovery. It can work on Windows, Linux, HP-UX, Solaris, BSD (including Mac OS), and AmigaOS. Nmap can be used to detect those accessible hosts on the network, to detect the type and version of their operating system, the services they are providing, and the information about the firewall or packet filter being used. Because it has both a GUI interface and a command line, many network and system administrators often use it in their daily work, including: checking open ports, maintaining service upgrade plans, discovering network topologies, and Monitor the uptime of hosts and services.
  core function:
Identify hosts on the network
Discover network mapping and inventory, maintain and manage assets
Generate analysis of indicators such as host traffic and response time in the network
According to the established audit schedule, identify open ports on the target host
Search and exploit vulnerabilities and risks in the network
Download link: https://nmap.org/
 2. Wireshark
As one of the best tools in the industry, Wireshark can provide free and open source penetration testing services. Generally, you can use it as a network protocol analyzer to capture and view the traffic in the target system and the network. It can run on Linux, Windows, Unix, Solaris, Mac OS, NetBSD, FreeBSD, and other operating systems. Wireshark is widely used and loved by educators, security experts, network professionals, and developers. The information restored by Wireshark can be viewed by its graphical user interface (GUI) or TShark tool in TTY mode.
  core function:
Provide rich VoIP analysis
Provide real-time capture and offline inspection
Ability to inspect hundreds of protocols in depth
Can run on multiple operating systems and their versions
System or network data can be captured and presented through GUI or TTY mode TShark tool
Able to read/write multiple variant capture file formats
The captured files can be compressed by gzip, and can be decompressed at the same time
Realistic rules of different colors can be applied to the data packet list for intuitive and fast analysis
Real-time data can be read from Bluetooth, PPP/HDLC, Internet, ATM, token ring, USB, etc.
The results can be exported as PostScript, CSV, XML or plain text
Download link: https://www.wireshark.org/
 3. Metasploit
As a security project, Metasploit can provide users with important information about security risks or vulnerabilities. This open-source framework allows users to learn about the latest vulnerabilities in various applications, platforms, and operating systems, as well as code that can be exploited, through penetration testing services. From the perspective of penetration testing, Metasploit can scan, listen, exploit, and collect evidence for known vulnerabilities. It provides a command line and graphical user interface that can run on Linux, Windows, and Apple Mac OS. Although Metasploit is a commercial tool, it comes with an open source limited trial version.
  core function:
Provide network discovery
With command line and GUI interface
Available for Windows, Linux and Mac OS X
Provide a modular browser
Support two modes: basic discovery and manual discovery
Provide import of vulnerability scanner
Provide a free community edition for the InfoSec community
Download link: https://www.metasploit.com/
 4.Netsparker
As a commercialized security testing tool, Netsparker is an accurate, automated and easy-to-use web application security scanner. This tool can be used to automatically identify security risks such as cross-site scripting (XSS) and SQL injection in Web application services. Through evidence-based scanning technology, it can not only generate risk reports, but also confirm whether there are false positives through Proof of Concept, and reduce the time to manually verify vulnerabilities.
 core function:
Provide advanced web service scanning, vulnerability assessment, HTTP request generator
Realize precise threat detection through evidence-centric scanning technology
Fully support HTML5, able to integrate the software development life cycle (SDLC)
Provide manual test and report
Can automatically identify customized 404 error pages
Support anti-cross-site request forgery (CSRF) token, anti-CSRF token, and REST API
Download link: https://www.netsparker.com/
 5. Acunetix
Acunetix is ​​a fully automated web vulnerability scanner. It can intelligently detect, identify and report more than 4,500 web application vulnerabilities, including all variants of XSS XXE, SSRF, Host Header Injection and SQL injection. As a commercial tool, Acunetix uses its DeepScan Crawler to scan AJAX (AJAX-heavy) client-type single-page applications (SPA) and HTML5 websites. Users can use it to export detected vulnerabilities to issue trackers such as GitHub, Atlassian JIRA, Microsoft TFS (Team Foundation Server), etc.
 core function:
Provides detection for high-risk vulnerabilities with a low false positive rate
Through integrated vulnerability management, so that organizations can control various risks
Through automated scanning, to crawl and review various websites in depth
Able to integrate with popular WAF, as well as issue trackers such as GitHub, JIRA, TFS, etc.
Provide open source web security scanning and manual testing tools
Can run in Linux, Windows, and online environments
Download link: https://www.acunetix.com/
6. Nessus
Nessus, developed and maintained by Tenable Network Security, is a vulnerability assessment solution for security practitioners. It can assist in detecting and repairing vulnerabilities, malware, configuration errors, and missing patches in various operating systems, applications, and even devices. By running on Windows, Linux, Mac, Solaris, users can use it to perform IP and website scanning, compliance checks, sensitive data search and other tests.
  core function:
Provide audits for configuration and mobile devices
You can easily customize the report summary, highlight the scan results, and be able to sort by host or vulnerability
Able to identify vulnerabilities in confidential data systems that can be accessed by remote attackers
Can identify host failures in the network and determine whether patches are missing
Download link: http://www.tenable.com/products/nessus
7. W3af
As a free tool, W3af is a web application attack and audit framework. It controls the overall risk of the target website by searching, identifying and exploiting more than 200 known web application vulnerabilities. These vulnerabilities include: cross-site scripting (XSS), SQL injection, unhandled application errors, key credentials that can be guessed, and PHP misconfigurations. W3af is not only suitable for Mac, Linux and Windows OS, but also provides a console and graphical user interface.
  core function:
Ability to incorporate Web and proxy servers into its code, and support proxy
Able to inject effective payload into various parts of the HTTP request
Support HTTP basic and digest authentication
Can handle cookies and forge UserAgent
Support HTTP response cache and DNS cache
Ability to upload files in parts
You can add a custom header to the request
Download link: http://w3af.org/
8. Zed Attack Proxy
Zed Attack Proxy (ZAP) is a free and open source security testing tool developed by OWASP. It allows you to discover a series of security risks and vulnerabilities in web applications. Because of the support for Unix/Linux, Windows and Mac OS, even if you are a newbie in penetration testing, you can easily get started with this tool.
  core function:
Support authentication, AJAX crawling, automated scanning
Supports forced browsing and dynamic SSL certificates
Support Web sockets and plug-and-play (Plug-n-hack)
Can intercept proxy
Support REST-based API
Download link: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
9. Burpsuite
As a scanning tool for strictly controlling “intruders”, Burpsuite is considered by some security testing experts: “Without it, penetration testing will not be carried out.” Although it is not free, Burpsuite provides a wealth of features. Generally, people can use it in Mac OS X, Windows and Linux environments for testing purposes such as crawling content and functions, intercepting proxies, and scanning web applications.
  core function:
Provide cross-platform support
Stable and lightweight
Can be used in conjunction with almost all major browsers
Can perform custom attacks
Well-designed user interface
Can assist in crawling the website
Can assist in scanning Https/HTTP type requests and responses
Website: http://portswigger.net/burp/
10. Sqlninja
As one of the best open source penetration testing tools, Sqlninja can use Microsoft SQL Server as a backend to detect SQL injection threats and vulnerabilities in web applications. This automated testing tool provides a command line interface and can be used on Linux and Apple Mac OS X. Sqlninja has descriptive functions including: counting remote commands, DB fingerprint recognition, and its detection engine.
 core function:
Provides direct and reverse shells for UDP and TCP
Support fingerprint of remote SQL Server
If the original is disabled, you can self-generate XP cmdshell
Can extract data from remote databases
Can perform operating system-level privilege escalation on the remote database server
Ability to scan backwards to find ports that can be used for reverse shell
Download link: http://sqlninja.sourceforge.net/
Summarize
The 10 network security testing tools listed above can undoubtedly pass strict penetration tests, reducing the possibility of your personal data and privacy being stolen and leaked. At the same time, they can also evade cyber attacks for the enterprise and protect the IT infrastructure. Of course, these security software tools also need to be continuously upgraded and maintained to provide first-class security services.
 
 
The Links: PD050VL1 LQ104V1DG81 LCD-COMPANY