Penetration Testing

Penetration Testing is an active, invasive scanning activity that uncovers a system’s or applications vulnerabilities, and exploits those vulnerabilities in the same manner as a hacker would. Considered an “ethical hacking” activity that is endorsed by the target organization.

The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

These include:

  • User Satisfaction Rankings
  • Business Value Scores
  • Vendor Capability Comparisons
  • Product Feature Evaluations

The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

These include:

  • Strategy and Innovation
  • Service Experience
  • Conflict Resolution
  • Product Impact
  • Negotiation and Contract

Still need assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Penetration Testing Products

Filter by:

Wireshark Foundation, Inc.

Wireshark

Wireshark is a widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.

8.6

Composite Score

8.8

CX Score

+91

Emotional Footprint

88%

Likeliness to Recommend

12

Reviews

Aircrack-ng

Aircrack-ng

Aircrack-ng is a complete suite of tools to assess WiFi network security.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

BackBox.Org

BackBox.org

BackBox is more than an operating system, it is a Free Open Source Community project with the aim to promote the culture of security in IT environment and give its contribute to make it better and safer. All this using exclusively Free Open Source Software by demonstrating the potential and power of the community.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Browser Exploitation Framework (BeEF)

BeEF

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Veracode

Veracode Penetration Testing

Veracode delivers the application security solutions and services today’s software-driven world requires. Veracode’s unified platform assesses and improves the security of applications from inception through production so that businesses can confidently innovate with the web and mobile applications they build, buy and assemble as well as the components they integrate into their environments.

--

Composite Score

7.4

CX Score

+73

Emotional Footprint

94%

Likeliness to Recommend

2

Reviews

SecureAuth

Core Impact Penetration Testing

Core Impact empowers you to replicate attacks that pivot across systems, devices, networks, and applications. This solution reveals how chains of exploitable vulnerabilities open paths to your organization’s mission-critical systems and data.

--

Composite Score

7.8

CX Score

+81

Emotional Footprint

94%

Likeliness to Recommend

2

Reviews

DSquare Security

D2 Elliot Web Exploitation Framework

D2 Elliot Web Exploitation Framework helps enterprise to replicate real-life attacks during web application penetration testing by providing a powerful framework and efficient exploits and tools, validating vulnerability scans and revealing which data would be at risk.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

GLEG Ltd

GLEG DefPack

This is an attempt to provide pen testers with a most comprehensive collection (almost 100 exploits) of Defense software vulnerabilities illustrated in a one DefPack Exploits Package. Antiviruses, IDS and IPS systems, Firewalls, Account Management systems, End-point protection software and more are targeted.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Immunity, Inc.

Immunity's Canvas

Immunity's CANVAS makes available hundreds of exploits, an automated exploitation system, and a comprehensive, reliable exploit development framework to penetration testers and security professionals worldwide.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Offensive Security

Kali Linux Penetration Testing

Offensive Security provides practitioners with the highly sought-after skills required to advance their careers and better protect their organizations. We’re committed to funding and growing Kali Linux, the most widely used operating system for penetration testing, ethical hacking and network security assessments.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

w3af

w3af web application attack

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Titania

Paws Studio

Paws Studio is a comprehensive security auditing tool that quickly secures vital network devices, such as workstations, laptops and servers.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Titania

Nipper Studio

Nipper Studio helps you harden and secure vital network devices, such as Firewalls, Switches and Routers before an attack happens.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

SQLNinja

SQLNinja

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.

--

Composite Score

6.9

CX Score

+62

Emotional Footprint

78%

Likeliness to Recommend

1

Reviews

sqlmap

sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

--

Composite Score

6.1

CX Score

+42

Emotional Footprint

83%

Likeliness to Recommend

2

Reviews

Rapid7

Rapid7 metasploit

Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Kismet

Kismet

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

--

Composite Score

--

CX Score

0

Emotional Footprint

56%

Likeliness to Recommend

1

Reviews

OWASP

OWASP Zed Attack Proxy

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Nmap.org

Nmap Network Mapper

Nmap Network Mapper is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, etc. It was designed to rapidly scan large networks, but works fine against single hosts.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Parrot Security

Parrot Security OS

Professional tools for security testing, software development and privacy defense, all in one place.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Pentoo

Pentoo

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable live CD. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches - with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews