As with any project, if you don’t have the right tools for ethical hacking, accomplishing
the task effectively is difficult. Having said that, just because you use
the right tools doesn’t mean that you will discover all vulnerabilities.
Know the personal and technical limitations. Many security-assessment tools
generate false positives and negatives (incorrectly identifying vulnerabilities).
Others may miss vulnerabilities. If you’re performing tests such as socialengineering
or physical-security assessments, you may miss weaknesses.
Many tools focus on specific tests, but no one tool can test for everything.
For the same reason that you wouldn’t drive in a nail with a screwdriver, you
shouldn’t use a word processor to scan your network for open ports. This is
why you need a set of specific tools that you can call on for the task at hand.
The more tools you have, the easier your ethical hacking efforts are.
Make sure you that you’re using the right tool for the task:
To crack passwords, you need a cracking tool such as LC4, John the
Ripper, or pwdump.
A general port scanner, such as SuperScan, may not crack passwords.
For an in-depth analysis of a Web application, a Web-application assessment
tool (such as Whisker or WebInspect) is more appropriate than a
network analyzer (such as Ethereal).When selecting the right security tool for the task, ask around. Get advice
from your colleagues and from other people online. A simple Groups search
on Google (www.google.com) or perusal of security portals, such as
SecurityFocus.com, SearchSecurity.com, and ITsecurity.com, often produces
great feedback from other security experts.
Hundreds, if not thousands, of tools can be used for ethical hacking — from
your own words and actions to software-based vulnerability-assessment programs
to hardware-based network analyzers. The following list runs down
some of my favorite commercial, freeware, and open-source security tools:
Nmap
EtherPeek
SuperScan
QualysGuard
WebInspect
LC4 (formerly called L0phtcrack)
LANguard Network Security Scanner
Network Stumbler
ToneLoc
Here are some other popular tools:
Internet Scanner
Ethereal
Nessus
Nikto
Kismet
THC-Scan
I discuss these tools and many others in Parts II through V when I go into the
specific hack attacks. Appendix A contains a more comprehensive listing of
these tools for your reference.
The capabilities of many security and hacking tools are often misunderstood.
This misunderstanding has shed negative light on some excellent tools, such
as SATAN (Security Administrator Tool for Analyzing Networks) and Nmap
(Network Mapper).
Some of these tools are complex. Whichever tools you use, familiarize yourself
with them before you start using them. Here are ways to do that:

Read the readme and/or online help files for your tools.
Study the user’s guide for your commercial tools.
Consider formal classroom training from the security-tool vendor or
another third-party training provider, if available.
Look for these characteristics in tools for ethical hacking:
Adequate documentation.
Detailed reports on the discovered vulnerabilities, including how they
may be exploited and fixed.
Updates and support when needed.
High-level reports that can be presented to managers or nontechie types.
These features can save you time and effort when you’re writing the report.