11 open source projects for pentest


Pentest has become "fashionable", since security has become a key factor for systems and is increasingly of concern. For those who do not know the term, it is a test or penetration test, where the computer system to be analyzed is attacked with the intention of finding weak points in security that can be exploited by criminals to enter the system.

We have already talked a lot in this blog about Linux distros specially designed for these tasks such as Kali Linux, Santoku, DEFT, etc., all of them focused on security issues and with endless built-in tools for ethical hackers (although I do not like this term, since hackers are ethical per se, but destructive industries such as Hollywood or the RAE itself have been in charge of "negative" the hacker concept) can perform these tasks.

In this article we will introduce 11 open source projects that can be used for these penetration tests:

  1. OWASP ZAP: tool to audit web page security.
  2. Zenmap: a graphical interface for nmap.
  3. Scapy: an interesting packet grabber or sniffer.
  4. BeEF: automation of XSS attacks.
  5. Firefox add-ons: an endless number of addons available for Mozilla Firefox that can help you with these tasks ...
  6. sqlmap: SQL injection.
  7. SET (Social-Engineer Toolkit): toolkit for social engineering.
  8. Kali Linux NetHunter: Kali Linux distribution oriented to mobile devices.
  9. wireshark: protocol analyzer.
  10. wa3f: a series of utilities to discover and exploit vulnerabilities.
  11. metasploit: set of tools to build and use exploits.



The content of the article adheres to our principles of editorial ethics. To report an error click here.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *



  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.