Five free pen-testing tools

The best things in life are ...

Security assessment and deep testing don't require a big budget. Some of most effective security tools are free, and are commonly used by professional consultants, private industry and government security practitioners. Here are a few to start with.

For scanning in the first steps of a security assessment or pen test, Nmap and Nessus share the crown. Nmap is a simple, powerful and very well-reviewed scanner that one finds in the toolbox of any serious security consultant. Nmap and its Zenmap graphical interface are free and available at for virtually any platform from Vista and OS X to AmigaOS, and will happily run on low-power systems.

Nessus performs scans and up-to-date vulnerability testing in one interface, through a purchased "feed" of vulnerability modules for the freely downloadable application. A free but delayed noncommercial "home feed" of updates will continue to be available at after Tenable changes the Nessus license this coming July.

The Metasploit Framework provides more operating system and application exploit information than most analysts would know what to do with. Recently rewritten in Ruby with a graphical interface, it comes with several hundred common exploit modules in the basic download available at For testing Web applications specifically, the well-regarded Nikto has also undergone recent updates and is available at

Wireshark provides top-notch network protocol capture and analysis, and its filtering and search functions make a good noninvasive tool for beginners interested in TCP/IP. This high-quality successor to the long-running Ethereal tool is available for Windows, Linux and Mac. The "Buy" button at leads to a happy reminder that it's free and open source.

KisMAC's simple interface belies its powerful wireless assessment and penetration testing features. This OS X application is available at, where one can also find an active support community. Kismet, its more powerful but less friendly progenitor, is available at for Linux and Windows. There are active communities and numerous add-ons for each.

For more information, Fyodor, the author of Nmap, maintains a somewhat dated but good list at of the top hundred open-source and low-cost security tools other than Nmap.

Back to main story: Six hours to hack the FBI (and other pen-testing adventures)

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about CrownFBILinux

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jon Espenschied

Latest Videos

More videos

Blog Posts