Chapter 2. Network Security Assessment Platform

This chapter outlines and discusses the components and tools that make up a professional security consultant’s toolkit for performing tasks including reconnaissance, network scanning, and exploitation of vulnerable software components. Many advanced tools can only be run from Unix-based systems, while other Windows-specific tools are required when testing Microsoft-based platforms and environments, and so building a flexible platform is very important.

Although these tools and their respective configurations and uses are discussed in detail throughout the book, they are discussed here at a reasonably high level so that you may start to think about preparing and configuring your assessment platform. At a high level, the tools and components that you need to consider are as follows:

  • Virtualization software to allow you to run multiple virtual systems on one physical machine

  • Operating systems within your assessment platform

  • Reconnaissance tools to perform initial Internet-based open source querying

  • Network scanning tools to perform automated bulk scanning of accessible IP addresses

  • Exploitation frameworks to exploit vulnerable software components and accessible services

  • Web application testing tools to perform specific testing of web applications

With the exception of commercial tools that require licenses, all of the tools listed in this book can be found in the O’Reilly archive at I have listed the ...

Get Network Security Assessment, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.