Penetration testing begins with an overview of the infrastructure and then searches for specific weak points. Most administrators are familiar with classics like Wireshark and Nmap, so I will focus on the less common applications. Kali Linux is particularly resource-friendly and can be run in a virtual machine, so any notebook can become a full-fledged penetration test system with very little effort. The package contains more than 300 security tools, including those shown in Table 1.įigure 1: Kali Linux groups the most important tools in the Favorites menu. The Debian-based Kali Linux distribution is at the heart of most penetration testing systems. Kali Linux meets these requirements – and does much more. The variety of IT components dedicated to security does not make selecting a suitable tool any easier, because all possible attack vectors need to be subjected to continuous testing. Exploitation tests should look for vulnerabilities in a secure, real environment, so you can shut down any vulnerabilities found – and you need to do this over and over again. You have a clear advantage over attackers because you know the critical infrastructure components, the network topology, points of attack, the services and servers executed, and so on. To maintain the security of a network, you need to check it continuously for vulnerabilities and other weak points through penetration testing. Only one thing can prevent these vulnerabilities from being exploited by unwelcome guests: You need to preempt the hackers and identify and close the gaps.
Every IT infrastructure offers points of attack that hackers can use to steal and manipulate data.
0 kommentar(er)
