A must watch for penetration testing

In this amazing youtube video, Hitesh Choudhary, a Cyber Security interesting youtuber talk us about  pentesting, a video that everyone should watch and share with their friends. Doing things right way is most important thing. Here is time line 0:00 Getting started and problem 1:43 Movie Impact 3:27 What is penetration testing 7:12 Process of pentesting 10:48 Consequences 15:40 Outro and dope music.

He explain us a little about the impact of the movies in the Psychology of people when thinking about Hacking, white hacking and penetration testing. you must take attention to his words! he is really accurate.

Enjoy! subscribe to his channel Hitesh Choudhary

Top Penetration Testing Tools

Below is a list of the best pentesting tools to tackle different penetration testing tasks. We also included what each tool is best used for and which platforms they’re supported on.

1. Powershell-Suite

The PowerShell-suite is a collection of PowerShell scripts that extract information about the handles, processes, DLLs, and many other aspects of Windows machines. By scripting together specific tasks, you can quickly navigate and check which systems on a network are vulnerable to exploit.

  • Best Used For: Easily automated tasks to discover weak exploitable assets on a network.
  • Supported Platforms: Windows

2. Zmap

Zmap is a lightweight network scanner that is capable of scanning everything from a home network to the entire Internet. This free network scanner is best used to gather baseline details about a network. If you only have an IP range to go off of, use to get a lay of the land quickly.

  • Best Used For Information gathering and initial triage of the attack landscape.
  • Supported Platforms: Zmap is supported on various Linux platforms and macOS

3. Xray

Xray is an excellent network mapping tool that uses the OSINT framework to help guide its tactics. Xray uses wordlists, DNS requests, and any API keys to help identify open ports on a network from the outside looking in.

  • Best Used For: Pentesters tasked with gaining access to a network with no help
  • Supported Platforms: Linux and Windows

4. SimplyEmail

SimplyEmail is an email recon tool used to help gather associated information found on the internet based on someone’s email address. SimplyEmail is based on the harvester solution and works to search the internet for any data that can help provide intelligence around any given email address.

  • Best Used For Pentesters looking to create account lists for enterprise testing engagements.
  • Supported Platforms: Docker, Kali, Debian, Ubuntu, macOS