The main scope of the Penetration Testing tool is to provide a fully automated vulnerability scanner that detects and reports vulnerabilities including (web) application vulnerabilities, network protocol vulnerabilities, operating system vulnerabilities and misconfiguration vulnerabilities. This tool not only complements the role of a penetration tester, but also automates tasks that can take hours to test manually, delivering results with the fewest possible false positives.
The Penetration Testing tool has four basic functionalities. In the first stage the tool scans the network in order to identify open ports in the target by using nmap scanner. In the meantime, the nmap-vulner or nmap-vulscan plugins identify vulnerabilities on each of these open ports. By using the results of the first stage, the second stage further enumerates the services running on these open ports to identify possible security holes on the system. In the third stage the tool based on the results from the scanning and enumeration stage uses nikto to attack open web application services and joomscan for attacking content management systems (cms). The enumeration and web exploitation stages can either run as standalone services or after the scanning phase by using the results of the scan. In the fourth and last stage the tool presents the results to the user in a friendly Web Interface. The tool also has a Local Area Network scanner which creates a graph with the connected devices on the attacking machines. Lastly, the tool is integrated with the ECHO Early Warning System (E-EWS) and provides to the user the ability to create an automated ticket in order to share the results with collaborating third parties.
An extensive state of the art analysis has been conducted, in order to identify similar tools and market needs. Several market gaps identified on the already existed penetration testing products, some of them are:
- Burp Suite - lack of network/infrastructure penetration testing capabilities
- OpenVas - lack of cve specific network scripts
- Sparta - lack of integration with Web exploitation tools like nikto and joomscan
The penetration testing tool fills the market gap by providing all the aforementioned capabilities integrated in one product. Consequently, the penetration testing tool provides to the user the option to scan the local area network (LAN), identify CVE-specific vulnerabilities and use web exploitation tools in one solution quickly and effectively.
To sum up, the penetration testing tool offers:
- A quick solution for detecting low hanging fruits in local networks for the initial reconnaissance phase
- Extendable capabilities (custom fingerprinters)
- Friendly to non-expert users
- Comprehensive reports
- Ease of deployment
If you wish to know more about PENTEST, watch the demonstration video on ECHO's YouTube channel here: