Five free pen-testing tools

The best things in life are ...

Security assessment and deep testing don't require a big budget. Some of most effective security tools are free, and are commonly used by professional consultants, private industry and government security practitioners. Here are a few to start with.

For scanning in the first steps of a security assessment or pen test, Nmap and Nessus share the crown. Nmap is a simple, powerful and very well-reviewed scanner that one finds in the toolbox of any serious security consultant. Nmap and its Zenmap graphical interface are free and available at for virtually any platform from Vista and OS X to AmigaOS, and will happily run on low-power systems.

Nessus performs scans and up-to-date vulnerability testing in one interface, through a purchased "feed" of vulnerability modules for the freely downloadable application. A free but delayed noncommercial "home feed" of updates will continue to be available at after Tenable Inc. changes the Nessus license this coming July.

The Metasploit Framework provides more operating system and application exploit information than most analysts would know what to do with. Recently rewritten in Ruby with a graphical interface, it comes with several hundred common exploit modules in the basic download available at For testing Web applications specifically, the well-regarded Nikto has also undergone recent updates and is available at

Wireshark provides top-notch network protocol capture and analysis, and its filtering and search functions make a good noninvasive tool for beginners interested in TCP/IP. This high-quality successor to the long-running Ethereal tool is available for Windows, Linux and Mac. The "Buy" button at leads to a happy reminder that it's free and open source.

KisMAC's simple interface belies its powerful wireless assessment and penetration testing features. This OS X application is available at, where one can also find an active support community. Kismet, its more powerful but less friendly progenitor, is available at for Linux and Windows. There are active communities and numerous add-ons for each.

For more information, Fyodor, the author of Nmap, maintains a somewhat dated but good list at of the top hundred open-source and low-cost security tools other than Nmap.

(Willing to spend some money for your assessment tech? We've got you covered.)

The march toward exascale computers
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies