Vulnerability management is key to any security strategy.
The Penetrator products are classified as a Black Box or Cracker Penetration Testing Tool. Black box pen testing is designed to assess the security of a system or network by applying the same type of methodology and types of attacks that a hacker would use. Without inside information, a hacker must rely on brute force to find vulnerabilities, which can be a long and tedious process if done manually. The underground world of black hat hacking has produced a large number of automated tools that are widely available for downloading. These tools greatly simplify the process of cracking systems and compromising networks making it easy for relatively unskilled hackers to take over other people’s computers and networks. To counter this threat, the security community has developed a number of automated penetration testing tools that are designed to assess vulnerabilities without the danger of taking over a target system. The Portable Penetrator and Penetrator
are two examples of this type of benign or white hat hacking penetration testing tool. They come pre-loaded and ready to use with over 42,000 penetration
tests that can be used in either a nonaggressive or aggressive mode.
There are two versions of the Penetrator software: The Portable Penetrator which is designed to audit both wired and Wi-Fi networks and the Penetrator which only
audits wired networks. References to the "Penetrator" on this page refer to the Penetrator software that is installed on both versions, which includes a vulnerability
scanner, an exploit engine and a database that contains descriptions of vulnerabilities, exploits and solutions to fixing vulnerabilities. For a comparison between the
two models, please refer to the Specifications page of our website.
The Penetrator operates in two modes: The standard Nonaggressive Audit mode takes account of what is running on a system such as operating system, web server,
databases, applications and services along with version and other information that can be used to identify potential vulnerabilities. By knowing what is installed on
a target system and what version it is, the process of attacking the system is made much easier since known vulnerabilities and exploits can be utilized to crack the
system. In this mode, only information is gathered – it does not run any tests to verify if vulnerability exists where the test could potentially interfere with the targeted
system. The second mode is Aggressive Audit in which each potential vulnerability is tested by using an exploit. Aggressive mode testing can also use buffer
overflows, denial of service and brute force to test a target system.
Nonaggressive Penetration Testing
The Penetrator’s nonaggressive testing is designed to minimize the risk of causing any problems to a targeted system. This is accomplished by probing the targeted
system to discover what is running on it. As each service running on the target is identified the Penetrator attempts to find out the version and other information
such as which updates and patches have been applied. This information is then compared with the information contained in the Penetrator’s database of known
exploits and vulnerabilities. When a match is found, the potential vulnerability is added to the audit report. In nonaggressive mode, the Penetrator does not actually
run an exploit so the vulnerability is not verified – in many cases, it is possible that a patch or update was correctly applied and that the vulnerability has already
been fixed. Nonaggressive testing is much faster, but it is also more prone to reporting false positives.
Aggressive Penetration Testing
The Penetrator also supports aggressive testing in which the information gathered during the probing and discovery phase of each vulnerability test is then tested by
actually running an exploit to verify if the vulnerability is present. If the exploit is successful, the Penetrator will add the result to the audit log. In addition to running
tests against identified potential vulnerabilities, the Penetrator can also run buffer overflow, denial of service and brute force exploits to test for additional
vulnerabilities that cannot be found by the service probing and discovery process. A properly configured and secured system should not be impacted by aggressive
testing; however, a vulnerable system could become unstable or even crash. The purpose of penetration testing is to discover vulnerabilities before a hacker does –
finding out that a system has a problem is better in a controlled test then if a hacker finds the vulnerability on a live system.
Penetrator Vulnerability Exploit Testing
The Penetrator is designed so that its tests should not have a negative impact on a stable system; however, some tests such as denial of service can cause minor
problems. If a targeted system does become unstable or crashes when being tested, it is a good indication that the system needs to be fixed. Aggressive testing is
more likely to destabilize or crash a target system, but this type of event will normally only happen if a vulnerability is successfully exploited - not something that
would be expected on a properly configured and secured system.
It is a good idea that if you are going to run an aggressive audit that you schedule a time when any problems that result from the test will not impact other systems
or users. Aggressive penetration tests are also very useful when verifying a build image before release into production.
Penetration testing can impact your network by reducing bandwidth and occasionally interfering with some routers and firewalls. While bandwidth issues can be
expected, destabilizing or crashing a router,firewall or other network device is indicative of a problem on that device. When a problem with a network device is
encountered it needs to be more thoroughly investigated to determine if there is a vulnerability that a hacker could exploit. If a penetration test crashes a network
device a hacker could also crash that device.
No Active Agent Installation
The Penetrator does not attempt to install active agents in any of its tests. The purpose of an active agent is to create a new source from which to conduct attacks or
tests on other systems in a target network (commonly referred to as pivoting). This agent typically gains administrator privileges allowing it to have complete control
of the cracked system, download additional agents that can be used to crack other systems on a network and an ability to remove the agent and restore the system
to the way it was before the crack. An agent is designed to function much like a hacker would once a targeted system is hacked. Many organizations have strict
policies that relate to the use of active agents which can be used and installed on a successful crack. Installing an agent on a target system provides positive proof
that a vulnerability exists.
Some reported vulnerabilities may be false positives since the only way to verify for sure that they are real is to successfully install an agent or payload on the
targeted system. It is important that any vulnerabilities that are reported be reviewed by a qualified security expert to determine if the reported vulnerability is a
false positive. The Penetrator includes real-world exploits that use payloads that are not active agents that allow you to verify if a reported vulnerability is real or it
is a false positive. False positives can be flagged so that they do not keep showing up in future reports. If you need help in assessing whether or not you have a
false positive, Aurenav offers several products and services that can more thoroughly validate the audit results. Please contact us for more information.
Reporting Audit results are provided in reports which may be customized and can be saved as PDF, XML or HTML files. Each report lists the vulnerability name and
associated file(s), the risk level (high, medium, low), SecPointID, port number, impact and the evidence proving the vulnerability exists. Optionally, reports
can be generated with a suggested solution and/or a resource to find more information about each reported vulnerability. An executive summary is also
provided which includes a high level overview with the number of vulnerabilities found, the distribution of vulnerability risks and details on when and
where the scan was performed.
The Portable Penetrator and Penetrator offer an affordable and easy to use solution for assessing security risks within any organization.
- Includes both the SecPoint vulnerability scanner and exploit engine penetration tester
Self contained appliance
- No software installation is required - the SecPoint Penetrator and Portable Penetrator are ready to run
- Can be operated in web-based remote mode
- Scans anything with an IP address that is running TCP/IP protocols
- Discovery Mode automatically detects active IP addresses on your network
- 0/100/1000 Ethernet connectivity
- Hardened Linux OS
- The SecPoint Penetrator and SecPoint Portable Penetrator are certified CVE-compatible by MITRE (ref:http://cve.mitre.org/compatible/
- Automatic SecPoint Updates several times per day
- Detailed fix information, which includes links to patches and software upgrades
- Dynamic reporting capability with Executive Summary and a Technical Details Service that shows all the particulars of a given vulnerability
- Flexible and customizable scanning options, which includes SANS/FBI Top 20 and individual exploits
Most security compliance certifications require that penetration audits be conducted each time that changes are made to a system. The following extract from a
Portable Penetrator PP7000 illustrates a real-world case where a penetration was first run against a Windows Server, which produces a list of potential vulnerabilities.
A Windows update was applied and the penetration test was run again showing the same vulnerabilities plus additional vulnerabilities.
Anytime that a change is made to a system, unexpected changes can take place that have the potential to introduce new vulnerabilities into the system. Even
something considered safe such as a manufacturer’s product patch and update service can introduced unexpected changes. The best way to find out if any undesirable
changes have taken place is to run a penetration test.
Some scenarios in which penetration testing is typically required or recommended include:
- • A system needs to be tested prior to entering production or being used on the network
• An operating system has been updated or patched
• A new application has been installed
• An application has been updated or patched
• A hardware change has taken place
• A driver has been installed, updated or removed
• A configuration change has taken place
• An application has been uninstalled
• To meet government regulatory or industry mandated requirements
• A firewall has been installed, changed, updated or removed
- The Portable Penetrator is ideal for testing network segments within data centers and remote data centers, testing larger branch offices, testing Wi-Fi networks,
testing home offices and for security consultants that need a portable, affordable and easy to use pen test solution.
Penetrator. The Penetrator is ideal for data centers, remote data centers, branch offices and remote facilities where sending out security auditors can be costly.
"Pathway Solutions have made the installation of our new network a breeze! They are always available for any
support questions we may have."
Dr. Robert Woo
"Pathway Solutions designed and implemented the IT system and web site for our dental office. The support has allowed our business to grow and provide state of the art technology for our patients."
Dental Care Design